Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa
File: er8GdSLFnVPR89ENYZWxwPKTtss.roa (raw, json)
Hash identifier: n0J9bBiHKmnJUCrL/0eM4zfXyE2cQkdwtcwabnnlW6c=
Subject key identifier: 7A:BF:06:75:22:C5:9D:53:D1:F3:D1:0D:61:95:B1:C0:F2:93:B6:CB
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018E18AF3D883984B5402EF666C44C598ACC
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa
Signing time: Thu 07 Mar 2024 11:32:01 +0000
ROA not before: Thu 07 Mar 2024 11:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
45.86.124.0/22 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Apr 2024 09:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:af:3d:88:39:84:b5:40:2e:f6:66:c4:4c:59:8a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Mar 7 11:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7abf067522c59d53d1f3d10d6195b1c0f293b6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:03:15:8b:3b:d0:da:d4:f0:0e:b7:be:e3:80:
09:9e:42:21:10:76:a9:af:a0:14:83:41:a0:89:89:
80:c6:ff:ba:5e:6a:2a:21:d5:4a:fb:47:c6:4a:26:
60:8e:b5:7a:21:26:4d:67:69:92:67:b4:91:63:a0:
f0:20:13:02:97:f8:10:d3:6b:66:bd:c1:33:50:b4:
b3:e9:e7:4d:fb:f1:96:f9:80:e8:de:d5:42:c6:a8:
09:f9:85:83:76:48:03:22:b0:68:2f:f2:42:0e:7d:
f5:49:2b:9e:b5:ca:31:5e:5c:d7:5f:65:ee:7d:63:
81:2a:5f:24:0e:8a:3c:2c:70:ce:23:38:d6:57:97:
98:a2:3e:8b:d6:d7:a8:9a:a0:84:52:61:5d:50:42:
c2:a5:cb:77:04:0b:c2:3a:29:8e:66:07:b1:bd:3b:
9d:17:06:a8:d1:2b:be:f9:1a:dc:3d:d2:69:e5:86:
12:0e:55:cc:f3:94:3e:93:95:19:05:0f:df:cd:cb:
7b:0c:12:a6:bc:5a:ee:32:00:25:93:c3:f9:3b:d5:
a5:46:c2:6b:9f:ef:d0:54:7e:65:4c:f0:59:57:78:
a9:47:de:2c:55:4a:22:85:f4:bf:a3:9b:96:cf:9d:
bb:4c:53:bb:bf:e5:ed:ab:fa:80:a7:71:c9:48:50:
a2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BF:06:75:22:C5:9D:53:D1:F3:D1:0D:61:95:B1:C0:F2:93:B6:CB
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/er8GdSLFnVPR89ENYZWxwPKTtss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
42:e3:2b:51:4b:14:4f:6c:e6:a0:bd:a6:09:0a:c5:b3:d8:93:
53:85:bf:13:b7:1a:c8:6a:29:59:ec:52:e0:f2:bc:e5:3d:93:
e6:51:8d:33:c3:39:63:17:83:b6:f3:db:d7:87:69:fa:c6:85:
a0:a5:36:aa:a1:0c:bc:34:4d:f7:ea:38:e2:80:5b:73:9a:0d:
c7:a2:2b:01:b2:4b:78:1d:a2:1e:7c:ee:0a:f7:6c:10:45:e6:
d1:ff:58:b3:68:2f:9b:33:42:26:f3:ca:69:18:43:59:d0:d5:
3f:81:d5:d9:0a:cd:0a:8b:35:ac:6c:fb:f3:77:26:2e:8d:51:
da:79:4b:2d:65:57:70:a3:aa:a3:c1:07:64:8d:30:cc:15:38:
ae:43:a4:2c:79:80:2d:26:48:66:f4:c4:2d:3f:aa:cf:cc:f3:
f2:ee:c4:d6:93:d8:02:3f:ea:ff:cd:62:48:2d:4c:11:f3:b6:
57:f2:91:9b:95:fa:c8:39:a6:37:ae:e3:80:3a:dc:e6:75:27:
a7:6d:dc:df:f6:87:c7:a0:93:e2:7a:0f:a5:6e:5a:57:42:8a:
83:57:ac:ac:f1:37:57:67:d6:d7:a6:4c:95:f9:8a:f3:c4:b5:
0f:2f:12:2d:08:30:84:49:0c:40:f9:92:00:88:64:c8:bd:c4:
aa:9b:ee:f2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY4Yrz2IOYS1QC72ZsRMWYrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMzA3MTEzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJmMDY3NTIyYzU5ZDUzZDFmM2QxMGQ2MTk1YjFjMGYyOTNiNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAMVizvQ2tTwDre+44AJnkIhEHap
r6AUg0GgiYmAxv+6XmoqIdVK+0fGSiZgjrV6ISZNZ2mSZ7SRY6DwIBMCl/gQ02tm
vcEzULSz6edN+/GW+YDo3tVCxqgJ+YWDdkgDIrBoL/JCDn31SSuetcoxXlzXX2Xu
fWOBKl8kDoo8LHDOIzjWV5eYoj6L1teomqCEUmFdUELCpct3BAvCOimOZgexvTud
Fwao0Su++RrcPdJp5YYSDlXM85Q+k5UZBQ/fzct7DBKmvFruMgAlk8P5O9WlRsJr
n+/QVH5lTPBZV3ipR94sVUoihfS/o5uWz527TFO7v+Xtq/qAp3HJSFCiYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHq/BnUixZ1T0fPRDWGVscDyk7bLMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZXI4R2RTTEZuVlBSODlFTllaV3h3UEtUdHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAELjK1FLFE9s5qC9pgkK
xbPYk1OFvxO3GshqKVnsUuDyvOU9k+ZRjTPDOWMXg7bz29eHafrGhaClNqqhDLw0
TffqOOKAW3OaDceiKwGyS3gdoh587gr3bBBF5tH/WLNoL5szQibzymkYQ1nQ1T+B
1dkKzQqLNaxs+/N3Ji6NUdp5Sy1lV3CjqqPBB2SNMMwVOK5DpCx5gC0mSGb0xC0/
qs/M8/LuxNaT2AI/6v/NYkgtTBHztlfykZuV+sg5pjeu44A63OZ1J6dt3N/2h8eg
k+J6D6VuWldCioNXrKzxN1dn1temTJX5ivPEtQ8vEi0IMIRJDED5kgCIZMi9xKqb
7vI=
-----END CERTIFICATE-----
Generated at Mon Apr 15 11:50:13 2024 by rpki-client on console-ams.rpki-client.org