Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/espcbVBoyb_DCbKrFORWK0ksV1k.roa
File: espcbVBoyb_DCbKrFORWK0ksV1k.roa (raw, json)
Hash identifier: OKoQU7vZ0nkdc0l6MQ1AvAaqs9obOuZ983i3rkTLJYo=
Subject key identifier: 7A:CA:5C:6D:50:68:C9:BF:C3:09:B2:AB:14:E4:56:2B:49:2C:57:59
Certificate issuer: /CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Certificate serial: 018CC50156158C96FD81B29F58ACF94AB18C
Authority key identifier: 1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/espcbVBoyb_DCbKrFORWK0ksV1k.roa
Signing time: Mon 01 Jan 2024 12:30:48 +0000
ROA not before: Mon 01 Jan 2024 12:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212975
IP address blocks: 185.115.72.0/23 maxlen: 23
185.115.74.0/23 maxlen: 23
2a01:9647::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:56:15:8c:96:fd:81:b2:9f:58:ac:f9:4a:b1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Validity
Not Before: Jan 1 12:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7aca5c6d5068c9bfc309b2ab14e4562b492c5759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:38:c6:82:c2:ad:b5:9b:d5:19:c7:39:69:
9a:4e:52:e6:c3:a5:08:de:db:ef:d3:0a:a4:5a:47:
4e:56:5e:f9:3c:cf:e1:bd:4e:7d:fd:a0:6c:3f:c0:
14:c8:42:d6:d4:5c:0d:5d:6e:44:b9:53:c8:3d:4b:
a4:9c:04:b6:49:b6:41:0d:ab:4c:c0:22:8a:40:8b:
b4:d3:b7:39:ee:21:29:59:06:92:4b:32:13:06:f5:
ae:a6:57:54:4e:c6:ae:e0:b9:32:59:ab:a7:29:8d:
05:29:b7:df:72:88:d8:a6:2c:05:f2:7e:3d:af:fb:
3b:48:03:a5:13:e7:4c:7b:d1:78:d9:03:6b:81:31:
c5:ac:98:eb:a4:36:63:7f:e4:34:20:f8:6d:de:d2:
81:e6:e6:36:41:f4:ba:af:4f:3b:ec:fa:89:59:80:
99:9e:c4:cb:23:0d:4c:cf:d1:c8:90:15:1d:ad:6d:
cb:1a:99:f4:e3:46:d4:df:07:74:0e:c3:1c:cc:b0:
2b:7c:88:7e:4c:4a:a5:1c:71:c4:34:93:c4:a7:10:
25:89:8c:dc:d9:72:4d:e5:5d:1b:51:13:45:5c:2e:
4a:e9:71:95:5e:01:81:d6:12:13:d7:91:69:07:b8:
74:5c:8d:29:e4:b5:f3:ac:28:6c:01:0a:39:21:46:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CA:5C:6D:50:68:C9:BF:C3:09:B2:AB:14:E4:56:2B:49:2C:57:59
X509v3 Authority Key Identifier:
keyid:1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/espcbVBoyb_DCbKrFORWK0ksV1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.72.0/22
IPv6:
2a01:9647::/32
Signature Algorithm: sha256WithRSAEncryption
2a:8f:7f:19:7d:a5:fc:01:5e:d6:1e:29:ab:8a:81:f3:20:3f:
c9:5b:05:2d:3c:19:79:94:86:d4:ab:a2:67:ee:9a:c9:95:c8:
3f:bc:65:a2:8a:91:f0:a9:24:92:4b:5d:6e:a2:63:b8:0b:11:
95:ee:f5:d0:ea:97:44:87:4e:1b:e6:68:ad:34:e4:dc:3b:60:
8f:63:39:0e:dd:4b:bd:7e:49:ea:a5:3a:75:b3:62:cb:6f:7a:
4b:0e:4a:78:44:49:7c:e9:01:49:fd:24:77:9a:4c:dd:d0:6f:
b2:2a:43:cb:a5:db:f3:6a:2c:2d:9b:15:06:d9:df:02:c3:5a:
dc:96:bb:df:25:6f:20:17:59:d3:48:b4:dd:43:0c:96:6c:69:
fd:f8:8c:82:41:9a:d4:7a:a0:64:c2:11:44:4f:c7:09:80:d4:
99:cd:39:43:0a:8b:fa:48:4b:de:f7:0f:fa:da:6b:77:5a:aa:
b9:76:ee:cb:32:67:43:a5:70:ad:bd:d2:3b:cb:b9:e9:d2:20:
67:ff:fb:b9:dc:98:bb:bf:8c:46:88:3a:d0:70:38:67:f3:a6:
8a:5b:a4:27:70:1f:2d:e7:fc:d8:af:30:cc:73:73:f4:52:33:
c4:b0:91:05:44:e9:39:fc:2c:55:5a:76:a2:0e:29:bb:91:45:
e7:bc:f7:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAVYVjJb9gbKfWKz5SrGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYThlYTNhMjI4OGE2YWY4ZjY0YTgzODMwMDJjNzQwODU1
NzlhMDcwHhcNMjQwMTAxMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNhNWM2ZDUwNjhjOWJmYzMwOWIyYWIxNGU0NTYyYjQ5MmM1NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLg4xoLCrbWb1RnHOWmaTlLmw6UI
3tvv0wqkWkdOVl75PM/hvU59/aBsP8AUyELW1FwNXW5EuVPIPUuknAS2SbZBDatM
wCKKQIu007c57iEpWQaSSzITBvWupldUTsau4LkyWaunKY0FKbffcojYpiwF8n49
r/s7SAOlE+dMe9F42QNrgTHFrJjrpDZjf+Q0IPht3tKB5uY2QfS6r0877PqJWYCZ
nsTLIw1Mz9HIkBUdrW3LGpn040bU3wd0DsMczLArfIh+TEqlHHHENJPEpxAliYzc
2XJN5V0bURNFXC5K6XGVXgGB1hIT15FpB7h0XI0p5LXzrChsAQo5IUZyQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHrKXG1QaMm/wwmyqxTkVitJLFdZMB8GA1UdIwQY
MBaAFBuo6joiiKavj2SoODACx0CFV5oHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYt
YThlYTQzMjUzZWQ1LzEvZXNwY2JWQm95Yl9EQ2JLckZPUldLMGtzVjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYtYThlYTQzMjUzZWQ1
LzEvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXNIMA0E
AgACMAcDBQAqAZZHMA0GCSqGSIb3DQEBCwUAA4IBAQAqj38ZfaX8AV7WHimrioHz
ID/JWwUtPBl5lIbUq6Jn7prJlcg/vGWiipHwqSSSS11uomO4CxGV7vXQ6pdEh04b
5mitNOTcO2CPYzkO3Uu9fknqpTp1s2LLb3pLDkp4REl86QFJ/SR3mkzd0G+yKkPL
pdvzaiwtmxUG2d8Cw1rclrvfJW8gF1nTSLTdQwyWbGn9+IyCQZrUeqBkwhFET8cJ
gNSZzTlDCov6SEve9w/62mt3Wqq5du7LMmdDpXCtvdI7y7np0iBn//u53Ji7v4xG
iDrQcDhn86aKW6QncB8t5/zYrzDMc3P0UjPEsJEFROk5/CxVWnaiDim7kUXnvPcJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:24 2025 by rpki-client