Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/Il14WP9JU6QZsHw0CTxY9dwj4DE.roa
File: Il14WP9JU6QZsHw0CTxY9dwj4DE.roa (raw, json)
Hash identifier: JFVjh7Nw3btj7Sy7MZowAYfrholcdgMnBKGghD9AMKc=
Subject key identifier: 22:5D:78:58:FF:49:53:A4:19:B0:7C:34:09:3C:58:F5:DC:23:E0:31
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A7A520AC33ABB4C461771158C7CA3
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/Il14WP9JU6QZsHw0CTxY9dwj4DE.roa
Signing time: Sun 01 Jan 2023 07:44:58 +0000
ROA not before: Sun 01 Jan 2023 07:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58653
IP address blocks: 192.157.15.0/24 maxlen: 24
192.157.14.0/24 maxlen: 24
153.112.224.0/22 maxlen: 22
153.112.228.0/22 maxlen: 22
193.53.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:7a:52:0a:c3:3a:bb:4c:46:17:71:15:8c:7c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=225d7858ff4953a419b07c34093c58f5dc23e031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:34:3a:1f:fe:d4:9e:d9:4b:fe:91:55:6d:90:
74:ce:0f:26:0a:8c:4d:6a:0e:9d:c5:6b:d5:87:17:
5a:89:fc:33:57:06:2c:87:b9:e2:94:c0:da:ae:cf:
28:0e:3d:eb:c4:e3:7b:9b:b8:3a:41:b7:aa:48:a6:
f5:64:c0:4f:18:aa:0c:29:c2:c2:3f:4a:3f:49:73:
81:aa:23:ac:39:4c:2b:42:de:0f:8d:43:23:42:c0:
3a:ea:4c:63:ae:7e:42:35:d3:7a:29:dc:d5:ed:d1:
98:28:eb:6a:2c:f2:e5:4c:95:f7:63:3c:1a:10:7d:
b3:89:be:dd:b0:25:30:1f:20:d2:46:74:77:3f:d9:
8c:d2:32:90:bf:a7:61:0c:17:4d:a6:2b:e3:a6:3c:
45:ef:de:6d:9a:7f:db:66:96:f8:13:d3:92:b8:54:
f3:f2:89:7d:71:93:ff:97:8d:85:58:3e:45:c9:d7:
e9:0a:11:de:cc:4b:af:63:97:2f:f8:d1:db:b0:15:
40:fd:ff:31:86:db:1d:73:fb:98:e7:0a:d0:0e:8f:
7c:26:3f:57:a9:58:06:2f:fa:00:41:62:4f:b8:0c:
2c:43:76:7d:fc:11:e4:a0:6c:77:90:a4:e2:5b:78:
d0:b8:4b:53:54:43:a3:8b:48:73:3d:c2:44:6e:ba:
1f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5D:78:58:FF:49:53:A4:19:B0:7C:34:09:3C:58:F5:DC:23:E0:31
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/Il14WP9JU6QZsHw0CTxY9dwj4DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.224.0/21
192.157.14.0/23
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
86:f0:ba:8e:80:ce:95:e7:1c:71:32:e5:db:56:ca:b2:94:25:
4c:6a:97:1b:0b:e7:43:e2:2d:b5:45:9d:73:84:c0:2b:8e:8e:
34:eb:95:6c:28:ea:38:e0:04:91:61:12:b8:bc:5e:3c:ee:24:
63:8d:4e:7c:d4:f8:ce:1a:2c:37:0e:82:75:9d:92:6a:e4:74:
33:f7:b5:2f:45:b2:db:ce:72:67:33:20:65:a9:84:b6:38:3c:
2b:5f:78:93:a9:51:31:7e:43:20:b3:83:90:1e:77:4a:55:bf:
fe:36:6e:20:32:fd:e2:e9:19:d3:47:79:ce:c3:18:0a:43:c9:
8f:ba:d9:9a:aa:34:25:b5:29:40:f9:89:44:be:42:d0:33:ec:
53:dc:b3:98:89:22:f0:d1:4f:c6:09:16:97:c0:7b:df:ed:79:
4a:95:f2:17:d5:40:40:21:99:b4:db:51:d1:ff:d3:7a:08:56:
d4:83:34:10:94:33:a8:49:89:98:f8:cc:ea:bc:c8:d1:0e:c0:
7c:54:54:39:f6:33:8d:36:3f:f8:6d:65:97:70:67:3f:d9:07:
34:a1:ce:cb:d7:7f:d2:8a:db:b7:78:ac:e5:bc:52:93:e7:d9:
80:ce:a5:f5:f8:94:b1:6b:84:5e:7b:57:c3:b2:3a:05:0b:df:
61:4b:49:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsSnpSCsM6u0xGF3EVjHyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVkNzg1OGZmNDk1M2E0MTliMDdjMzQwOTNjNThmNWRjMjNlMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTQ6H/7UntlL/pFVbZB0zg8mCoxN
ag6dxWvVhxdaifwzVwYsh7nilMDars8oDj3rxON7m7g6QbeqSKb1ZMBPGKoMKcLC
P0o/SXOBqiOsOUwrQt4PjUMjQsA66kxjrn5CNdN6KdzV7dGYKOtqLPLlTJX3Yzwa
EH2zib7dsCUwHyDSRnR3P9mM0jKQv6dhDBdNpivjpjxF795tmn/bZpb4E9OSuFTz
8ol9cZP/l42FWD5FydfpChHezEuvY5cv+NHbsBVA/f8xhtsdc/uY5wrQDo98Jj9X
qVgGL/oAQWJPuAwsQ3Z9/BHkoGx3kKTiW3jQuEtTVEOji0hzPcJEbrofDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCJdeFj/SVOkGbB8NAk8WPXcI+AxMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvSWwxNFdQOUpVNlFac0h3MENUeFk5ZHdqNERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDmXDgAwQB
wJ0OAwQAwTUdMA0GCSqGSIb3DQEBCwUAA4IBAQCG8LqOgM6V5xxxMuXbVsqylCVM
apcbC+dD4i21RZ1zhMArjo4065VsKOo44ASRYRK4vF487iRjjU581PjOGiw3DoJ1
nZJq5HQz97UvRbLbznJnMyBlqYS2ODwrX3iTqVExfkMgs4OQHndKVb/+Nm4gMv3i
6RnTR3nOwxgKQ8mPutmaqjQltSlA+YlEvkLQM+xT3LOYiSLw0U/GCRaXwHvf7XlK
lfIX1UBAIZm021HR/9N6CFbUgzQQlDOoSYmY+MzqvMjRDsB8VFQ59jONNj/4bWWX
cGc/2Qc0oc7L13/Situ3eKzlvFKT59mAzqX1+JSxa4Ree1fDsjoFC99hS0ka
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:17 2024 by rpki-client on console-ams.rpki-client.org