Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/_ICE81d1tJOv3-iA4cGMJMS4Ye4.roa
File: _ICE81d1tJOv3-iA4cGMJMS4Ye4.roa (raw, json)
Hash identifier: sXCyfPKYjWCE7TuHBOTh8v77wyCGDniCj4n0NMg+y20=
Subject key identifier: FC:80:84:F3:57:75:B4:93:AF:DF:E8:80:E1:C1:8C:24:C4:B8:61:EE
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 0189AB9EF147ED4C4E3E421BB2236FF57BE7
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/_ICE81d1tJOv3-iA4cGMJMS4Ye4.roa
Signing time: Mon 31 Jul 2023 11:04:27 +0000
ROA not before: Mon 31 Jul 2023 11:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212573
IP address blocks: 185.52.117.0/24 maxlen: 24
2a00:dd00:7::/48 maxlen: 48
2a00:dd00::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 31 Jul 2023 11:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:9e:f1:47:ed:4c:4e:3e:42:1b:b2:23:6f:f5:7b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Jul 31 11:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc8084f35775b493afdfe880e1c18c24c4b861ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:94:48:1c:92:a5:25:fa:d3:22:e7:e2:cb:e2:
61:49:c9:29:3d:94:2e:bc:f2:f6:da:38:36:e9:8e:
1e:7b:e0:89:dd:24:a1:04:40:e1:e2:d7:a0:15:b0:
c7:92:f9:4c:92:87:cf:81:24:55:7d:e4:b3:05:58:
23:60:74:3b:9a:ca:97:e4:80:36:61:64:97:c6:a0:
cc:db:c2:a3:7f:6a:64:02:e8:81:04:9d:bb:f4:64:
14:17:49:2a:93:4e:af:fa:e5:f0:e2:43:b4:22:2c:
3d:1f:3a:a3:35:d1:29:b1:16:bd:5c:71:77:6b:44:
62:e8:8d:bc:03:5f:bb:ca:2f:8c:7a:7b:4a:30:17:
c6:cd:0d:90:a6:e9:66:8a:29:47:a7:87:a7:71:73:
4d:69:db:76:2f:e8:0e:5b:c5:89:1f:9d:ca:dc:0f:
83:16:b9:36:97:21:c0:7c:39:b3:3f:d2:bd:f7:29:
24:d7:99:83:ad:06:04:43:6a:1e:db:b1:c9:9d:bb:
27:31:64:25:a7:42:bf:6d:8e:02:fa:0e:64:fe:1e:
7b:e7:2a:a7:b5:b9:43:53:bb:9e:a1:88:69:5f:dd:
e0:e3:88:8e:3b:b0:69:58:d0:03:45:9e:74:b5:c7:
7e:6b:a2:0a:55:45:3b:cf:f0:27:b9:53:6a:d9:74:
37:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:80:84:F3:57:75:B4:93:AF:DF:E8:80:E1:C1:8C:24:C4:B8:61:EE
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/_ICE81d1tJOv3-iA4cGMJMS4Ye4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.117.0/24
IPv6:
2a00:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
12:a6:1d:55:4e:24:95:7a:ac:07:fe:6c:10:3d:cd:e0:f3:3a:
e6:a6:36:86:5f:ef:f9:98:42:06:f6:3b:fb:af:e2:2e:23:15:
19:58:e3:43:51:07:98:b1:27:44:8f:57:6d:83:06:47:e1:0e:
eb:34:d9:9d:af:10:09:af:c1:98:87:0d:23:8b:5e:c0:f7:5f:
fc:9d:95:c9:a3:63:59:84:89:a8:de:b1:10:68:e6:0c:29:c5:
df:39:8a:5e:31:5c:80:eb:7b:5d:c5:ef:44:53:13:f4:ca:23:
b7:2e:5a:70:ff:68:87:aa:a4:90:94:95:21:4f:75:17:3b:c0:
74:62:19:d5:a5:bc:7e:97:f0:0d:48:92:47:b6:3c:4c:ab:35:
bf:5a:88:b2:88:d0:d3:c0:f6:8b:48:87:5f:eb:c1:9c:06:67:
b8:a0:8f:58:18:3e:a6:18:0c:ea:27:26:79:26:97:d5:41:ab:
5a:eb:5b:d3:d6:79:15:d5:c3:15:9b:9b:53:dc:34:eb:d8:b2:
57:0e:38:aa:ef:0a:c0:d1:f6:6e:c5:0f:d0:65:06:26:4c:d2:
96:3f:d9:52:fc:8c:46:e7:14:b0:58:46:2c:76:07:cf:ca:38:
ca:f6:25:21:0f:64:c4:c6:16:f3:d0:4f:e9:21:9c:91:50:60:
a6:6b:f1:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmrnvFH7UxOPkIbsiNv9XvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjMwNzMxMTEwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzgwODRmMzU3NzViNDkzYWZkZmU4ODBlMWMxOGMyNGM0Yjg2MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5RIHJKlJfrTIufiy+JhSckpPZQu
vPL22jg26Y4ee+CJ3SShBEDh4tegFbDHkvlMkofPgSRVfeSzBVgjYHQ7msqX5IA2
YWSXxqDM28Kjf2pkAuiBBJ279GQUF0kqk06v+uXw4kO0Iiw9HzqjNdEpsRa9XHF3
a0Ri6I28A1+7yi+MentKMBfGzQ2QpulmiilHp4encXNNadt2L+gOW8WJH53K3A+D
Frk2lyHAfDmzP9K99ykk15mDrQYEQ2oe27HJnbsnMWQlp0K/bY4C+g5k/h575yqn
tblDU7ueoYhpX93g44iOO7BpWNADRZ50tcd+a6IKVUU7z/AnuVNq2XQ3CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPyAhPNXdbSTr9/ogOHBjCTEuGHuMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvX0lDRTgxZDF0Sk92My1pQTRjR01KTVM0WWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTR1MA0E
AgACMAcDBQAqAN0AMA0GCSqGSIb3DQEBCwUAA4IBAQASph1VTiSVeqwH/mwQPc3g
8zrmpjaGX+/5mEIG9jv7r+IuIxUZWONDUQeYsSdEj1dtgwZH4Q7rNNmdrxAJr8GY
hw0ji17A91/8nZXJo2NZhImo3rEQaOYMKcXfOYpeMVyA63tdxe9EUxP0yiO3Llpw
/2iHqqSQlJUhT3UXO8B0YhnVpbx+l/ANSJJHtjxMqzW/WoiyiNDTwPaLSIdf68Gc
Bme4oI9YGD6mGAzqJyZ5JpfVQata61vT1nkV1cMVm5tT3DTr2LJXDjiq7wrA0fZu
xQ/QZQYmTNKWP9lS/IxG5xSwWEYsdgfPyjjK9iUhD2TExhbz0E/pIZyRUGCma/Gv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org