Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/IrxyU5OOLpS5bqnD20BNlvpI_LE.roa
File: IrxyU5OOLpS5bqnD20BNlvpI_LE.roa (raw, json)
Hash identifier: gSQaJX5QH3SjzJvHcuqRuimK8TCntNVuGrb6MhLNVzU=
Subject key identifier: 22:BC:72:53:93:8E:2E:94:B9:6E:A9:C3:DB:40:4D:96:FA:48:FC:B1
Certificate issuer: /CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Certificate serial: 018B4C2467125E59C50BD6D67FB50CCCB323
Authority key identifier: A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/IrxyU5OOLpS5bqnD20BNlvpI_LE.roa
Signing time: Fri 20 Oct 2023 08:12:15 +0000
ROA not before: Fri 20 Oct 2023 08:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197830
IP address blocks: 185.52.128.0/22 maxlen: 22
2a04:c840::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Oct 2023 11:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:24:67:12:5e:59:c5:0b:d6:d6:7f:b5:0c:cc:b3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Validity
Not Before: Oct 20 08:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22bc7253938e2e94b96ea9c3db404d96fa48fcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1b:05:7f:78:5a:01:93:90:35:81:4f:b0:1d:
18:2e:09:ef:e0:99:ee:bc:0a:fc:cb:75:2b:c7:3b:
2c:11:35:47:7a:70:92:90:f4:fe:99:e7:51:10:55:
b4:b4:89:fb:d1:e6:58:eb:de:6e:36:79:30:eb:fe:
a0:19:b5:0e:b7:a3:34:e5:b9:fa:2b:11:1b:66:ea:
d0:d8:09:b5:23:ec:e9:b7:e1:e7:70:bf:01:81:89:
9e:52:db:a1:f5:5d:81:06:36:40:eb:31:c2:93:20:
ab:53:ff:8a:c5:81:d8:da:ad:c3:13:d0:11:d3:bc:
3c:51:2d:15:7b:97:67:31:0f:3b:54:dc:ab:9e:4e:
5d:16:6c:ba:8b:4b:bd:b7:02:c0:d9:e1:55:d8:57:
57:bf:29:7b:8f:c3:71:53:bb:81:99:6a:4d:a0:58:
b9:0f:df:42:0f:c3:df:84:03:a6:c5:c7:0f:0c:22:
ff:bd:0c:87:e0:b1:67:21:b4:c9:29:69:2a:7a:57:
cc:09:1c:e0:f5:f2:5b:27:c5:06:2f:a1:eb:aa:f1:
e7:bc:87:ba:d0:05:bf:9f:64:fb:26:95:d8:2e:82:
fe:cc:d3:69:59:1c:90:ee:c3:66:5f:dc:63:3b:9d:
b2:09:2e:66:b6:ac:38:76:76:41:a5:b5:47:b2:b7:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BC:72:53:93:8E:2E:94:B9:6E:A9:C3:DB:40:4D:96:FA:48:FC:B1
X509v3 Authority Key Identifier:
keyid:A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/IrxyU5OOLpS5bqnD20BNlvpI_LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.128.0/22
IPv6:
2a04:c840::/29
Signature Algorithm: sha256WithRSAEncryption
60:e7:b4:ca:b2:63:ff:57:a3:02:c5:86:42:dc:f7:bb:4b:d1:
a7:4a:8a:38:ec:9e:d0:32:b6:3e:8d:94:1d:ea:af:2a:a0:fe:
13:79:67:09:02:a2:1b:b8:41:af:d8:c3:16:24:6d:0e:6f:29:
a9:46:0e:92:18:5f:cb:5b:d2:f2:07:ad:c9:58:0d:32:f5:97:
47:20:10:14:72:16:b6:d6:6e:37:8c:75:a6:aa:0e:14:e5:e5:
14:1e:66:2a:40:99:3b:e7:39:14:00:d6:40:47:52:8a:db:13:
e3:ae:47:cc:3a:19:8e:f3:5d:2f:db:42:1e:01:90:64:b7:26:
66:66:cb:5d:d9:5f:b4:96:4f:b2:90:0b:3d:65:dc:b6:14:6b:
a8:1b:a6:2c:f2:c7:fd:3e:50:4c:70:27:ea:a5:9f:ad:f3:0e:
81:b8:63:01:5d:62:11:14:e8:dd:e6:b2:c6:d4:62:77:b7:65:
e1:c6:71:9c:44:03:ab:2b:bc:e9:76:6a:94:55:07:c4:16:7d:
a3:bb:87:c7:b4:59:d7:59:da:de:0c:4b:6c:f0:77:96:3c:88:
8f:69:77:2b:5f:89:40:6a:5f:3c:4b:46:e3:1f:db:6b:e4:1b:
bb:94:3e:dd:52:bf:33:fd:35:e2:a0:bd:f9:d1:c9:1c:61:7e:
dd:a5:d1:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtMJGcSXlnFC9bWf7UMzLMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YzkzYWIzNjRjODc4MzJlNzc3NjIyNmVlZTZjMTMxZGJl
MTUzYmIwHhcNMjMxMDIwMDgxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJjNzI1MzkzOGUyZTk0Yjk2ZWE5YzNkYjQwNGQ5NmZhNDhmY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxsFf3haAZOQNYFPsB0YLgnv4Jnu
vAr8y3UrxzssETVHenCSkPT+medREFW0tIn70eZY695uNnkw6/6gGbUOt6M05bn6
KxEbZurQ2Am1I+zpt+HncL8BgYmeUtuh9V2BBjZA6zHCkyCrU/+KxYHY2q3DE9AR
07w8US0Ve5dnMQ87VNyrnk5dFmy6i0u9twLA2eFV2FdXvyl7j8NxU7uBmWpNoFi5
D99CD8PfhAOmxccPDCL/vQyH4LFnIbTJKWkqelfMCRzg9fJbJ8UGL6HrqvHnvIe6
0AW/n2T7JpXYLoL+zNNpWRyQ7sNmX9xjO52yCS5mtqw4dnZBpbVHsrcdTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCK8clOTji6UuW6pw9tATZb6SPyxMB8GA1UdIwQY
MBaAFKTJOrNkyHgy53diJu7mwTHb4VO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEt
ZTI1MzNjZGQyNWFmLzEvSXJ4eVU1T09McFM1YnFuRDIwQk5sdnBJX0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEtZTI1MzNjZGQyNWFm
LzEvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTSAMA0E
AgACMAcDBQMqBMhAMA0GCSqGSIb3DQEBCwUAA4IBAQBg57TKsmP/V6MCxYZC3Pe7
S9GnSoo47J7QMrY+jZQd6q8qoP4TeWcJAqIbuEGv2MMWJG0ObympRg6SGF/LW9Ly
B63JWA0y9ZdHIBAUcha21m43jHWmqg4U5eUUHmYqQJk75zkUANZAR1KK2xPjrkfM
OhmO810v20IeAZBktyZmZstd2V+0lk+ykAs9Zdy2FGuoG6Ys8sf9PlBMcCfqpZ+t
8w6BuGMBXWIRFOjd5rLG1GJ3t2XhxnGcRAOrK7zpdmqUVQfEFn2ju4fHtFnXWdre
DEts8HeWPIiPaXcrX4lAal88S0bjH9tr5Bu7lD7dUr8z/TXioL350ckcYX7dpdFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:59 2024 by rpki-client on console-ams.rpki-client.org