Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/izpuTj_msUqtK7uK87t034a0rN8.roa
File: izpuTj_msUqtK7uK87t034a0rN8.roa (raw, json)
Hash identifier: xvDWTpbADEUtYhBRSmYI3sc/GBgMSkohqafRK7OwnvA=
Subject key identifier: 8B:3A:6E:4E:3F:E6:B1:4A:AD:2B:BB:8A:F3:BB:74:DF:86:B4:AC:DF
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 01857102F2703FB9443A1A03EA06A9716EED
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/izpuTj_msUqtK7uK87t034a0rN8.roa
Signing time: Mon 02 Jan 2023 05:44:56 +0000
ROA not before: Mon 02 Jan 2023 05:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198101
IP address blocks: 185.52.216.0/22 maxlen: 24
185.74.204.0/22 maxlen: 24
2a04:bf80::/29 maxlen: 48
2a03:4760::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f2:70:3f:b9:44:3a:1a:03:ea:06:a9:71:6e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Jan 2 05:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3a6e4e3fe6b14aad2bbb8af3bb74df86b4acdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:ad:22:fc:a0:2a:d8:f0:f9:8e:f2:b0:2e:
27:c3:d8:1d:5d:b0:40:59:ef:85:60:14:31:cb:a1:
ed:59:ac:42:25:53:36:72:6e:4f:19:1d:b2:32:9f:
dc:e8:e5:5a:88:c1:73:21:f8:b5:b8:05:ff:0b:7d:
8a:d4:4f:49:f4:37:1e:41:8f:af:6f:62:f2:e8:6f:
ea:5c:20:c0:77:4d:c0:f1:a9:b0:89:b3:e1:8a:9c:
a3:99:a2:60:31:13:c3:4c:08:1a:63:4e:88:92:28:
d7:7e:7f:15:b7:9d:79:26:55:7b:08:b4:4d:51:18:
07:47:e4:4d:90:6a:6f:91:ab:12:be:b2:69:ae:e9:
35:79:ff:84:cb:a4:19:25:60:1d:54:b0:14:95:13:
de:3d:e2:5f:f0:bb:eb:a2:40:7c:ef:36:e4:49:07:
77:1c:18:ef:6d:3d:dd:07:c0:cb:7a:f6:68:db:11:
fb:15:31:e3:be:af:51:fd:29:2a:eb:ed:5c:44:26:
2b:d1:bb:35:c4:b3:70:4b:cf:d2:20:42:4e:43:5e:
4e:d6:bd:28:b9:ea:8b:cb:17:a2:b9:10:e5:77:57:
3f:f4:6a:26:e6:ed:12:74:38:94:5b:83:7d:b4:01:
ff:4a:30:9b:ee:fd:35:39:2b:1d:d7:75:7a:9a:ff:
54:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3A:6E:4E:3F:E6:B1:4A:AD:2B:BB:8A:F3:BB:74:DF:86:B4:AC:DF
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/izpuTj_msUqtK7uK87t034a0rN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.216.0/22
185.74.204.0/22
IPv6:
2a03:4760::/29
2a04:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
17:27:32:58:a4:46:63:c7:48:c7:3f:10:83:98:3f:a9:c9:1a:
5b:ff:b2:ad:c1:83:75:19:16:00:85:67:14:32:65:4d:f8:3d:
45:e7:6c:00:5e:e5:9e:79:02:26:7b:00:9f:3a:5d:be:c7:6d:
fa:f7:77:57:6a:19:3b:98:9d:33:fd:8a:5d:e0:33:90:fd:ce:
3b:ad:7c:21:56:03:8c:a6:1d:4c:77:80:78:d5:dd:46:48:c4:
54:bb:5b:22:0d:15:92:f6:44:b4:0f:e0:03:19:d6:04:72:0c:
fc:0e:be:af:77:98:4a:6e:fe:cb:f7:8d:5f:b5:02:4c:e4:ce:
b5:4f:56:ac:93:d4:32:6b:c9:49:5e:f4:93:80:26:91:c0:47:
3b:0b:0c:b0:3b:5d:32:d2:55:52:0e:7c:20:39:2f:a4:15:67:
9a:77:ed:c9:b2:60:cb:86:8f:09:9b:84:2a:d9:dd:99:7d:9c:
ee:f6:03:8c:ea:d3:f8:20:61:48:16:03:ff:b9:d7:8d:84:b6:
97:c4:ce:7e:23:a4:86:53:df:6a:c7:4a:82:d1:a2:d7:c5:65:
b1:33:f5:00:53:b2:53:e6:4f:95:5a:74:2a:90:f5:1d:bb:33:
9f:92:d6:ca:0e:da:3a:9f:85:23:30:02:9b:d9:fc:cf:cd:d4:
fe:e5:54:08
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxAvJwP7lEOhoD6gapcW7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx
ODQwNWEwHhcNMjMwMTAyMDU0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNhNmU0ZTNmZTZiMTRhYWQyYmJiOGFmM2JiNzRkZjg2YjRhY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU2tIvygKtjw+Y7ysC4nw9gdXbBA
We+FYBQxy6HtWaxCJVM2cm5PGR2yMp/c6OVaiMFzIfi1uAX/C32K1E9J9DceQY+v
b2Ly6G/qXCDAd03A8amwibPhipyjmaJgMRPDTAgaY06IkijXfn8Vt515JlV7CLRN
URgHR+RNkGpvkasSvrJpruk1ef+Ey6QZJWAdVLAUlRPePeJf8LvrokB87zbkSQd3
HBjvbT3dB8DLevZo2xH7FTHjvq9R/Skq6+1cRCYr0bs1xLNwS8/SIEJOQ15O1r0o
ueqLyxeiuRDld1c/9Gom5u0SdDiUW4N9tAH/SjCb7v01OSsd13V6mv9UZQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIs6bk4/5rFKrSu7ivO7dN+GtKzfMB8GA1UdIwQY
MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt
Yzc0MWMyN2I0ZTIyLzEvaXpwdVRqX21zVXF0Szd1Szg3dDAzNGEwck44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy
LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTTYAwQC
uUrMMBQEAgACMA4DBQMqA0dgAwUDKgS/gDANBgkqhkiG9w0BAQsFAAOCAQEAFycy
WKRGY8dIxz8Qg5g/qckaW/+yrcGDdRkWAIVnFDJlTfg9RedsAF7lnnkCJnsAnzpd
vsdt+vd3V2oZO5idM/2KXeAzkP3OO618IVYDjKYdTHeAeNXdRkjEVLtbIg0VkvZE
tA/gAxnWBHIM/A6+r3eYSm7+y/eNX7UCTOTOtU9WrJPUMmvJSV70k4AmkcBHOwsM
sDtdMtJVUg58IDkvpBVnmnftybJgy4aPCZuEKtndmX2c7vYDjOrT+CBhSBYD/7nX
jYS2l8TOfiOkhlPfasdKgtGi18VlsTP1AFOyU+ZPlVp0KpD1Hbszn5LWyg7aOp+F
IzACm9n8z83U/uVUCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:11 2024 by rpki-client on console-fra.rpki-client.org