Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/42ec46-eb84-475a-a478-1f14ec805390/1/iwTp9fb_m-sg8RKr4zhqdKk-Sxk.roa
File: iwTp9fb_m-sg8RKr4zhqdKk-Sxk.roa (raw, json)
Hash identifier: GRwOWBfkHOrWwfVt8ec6+NkQoYEMlJHAUtXNA8ioG5I=
Subject key identifier: 8B:04:E9:F5:F6:FF:9B:EB:20:F1:12:AB:E3:38:6A:74:A9:3E:4B:19
Certificate issuer: /CN=773e3278baa249c14de605dc964b2c2755dfecfa
Certificate serial: 018B5BC0AE69982D9EFEBD9C95503CF90DF3
Authority key identifier: 77:3E:32:78:BA:A2:49:C1:4D:E6:05:DC:96:4B:2C:27:55:DF:EC:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dz4yeLqiScFN5gXclkssJ1Xf7Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/42ec46-eb84-475a-a478-1f14ec805390/1/iwTp9fb_m-sg8RKr4zhqdKk-Sxk.roa
Signing time: Mon 23 Oct 2023 08:57:16 +0000
ROA not before: Mon 23 Oct 2023 08:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202341
IP address blocks: 185.229.60.0/22 maxlen: 22
2a0d:7200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:c0:ae:69:98:2d:9e:fe:bd:9c:95:50:3c:f9:0d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=773e3278baa249c14de605dc964b2c2755dfecfa
Validity
Not Before: Oct 23 08:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b04e9f5f6ff9beb20f112abe3386a74a93e4b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:02:9b:08:a4:80:53:44:99:ce:05:db:a9:
bc:35:25:3c:29:1a:24:8d:76:37:f5:ba:79:01:74:
34:bb:00:2d:77:8f:99:a9:26:f8:c0:a4:31:4e:c1:
05:bc:23:02:72:6b:54:55:4d:2f:7a:31:aa:77:e3:
ab:95:52:56:fc:eb:a0:79:7f:09:58:c7:9e:55:4d:
89:01:f4:f2:60:82:41:0b:db:0d:87:c4:7a:a6:3d:
3f:0d:76:5a:b7:25:5e:86:1e:e7:a2:d7:bd:5b:1a:
1d:d4:82:fa:c2:c3:69:0f:fd:72:56:2f:7e:2b:36:
83:d5:19:4d:32:8e:70:69:cc:8d:bd:74:c0:b8:c2:
96:a8:8a:f1:e5:f9:96:71:7e:7f:3f:73:03:fe:73:
29:63:e1:4e:0c:7b:7d:03:dd:84:7d:8d:5e:52:28:
16:4d:a7:a1:5a:76:0b:02:f1:fb:af:05:7b:af:3f:
0a:89:63:5a:87:29:d8:56:fd:d0:09:69:e1:09:a9:
1a:07:4d:54:85:27:28:f5:e2:2b:ef:84:dd:50:ac:
3d:8d:86:99:06:0a:c0:ea:c5:55:65:00:1a:8a:99:
c4:d4:60:5a:64:d3:6e:dd:39:86:92:6d:2a:02:ab:
3c:6a:4d:ac:c1:6d:37:30:7d:f9:bf:bc:07:96:79:
34:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:04:E9:F5:F6:FF:9B:EB:20:F1:12:AB:E3:38:6A:74:A9:3E:4B:19
X509v3 Authority Key Identifier:
keyid:77:3E:32:78:BA:A2:49:C1:4D:E6:05:DC:96:4B:2C:27:55:DF:EC:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dz4yeLqiScFN5gXclkssJ1Xf7Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42ec46-eb84-475a-a478-1f14ec805390/1/iwTp9fb_m-sg8RKr4zhqdKk-Sxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/42ec46-eb84-475a-a478-1f14ec805390/1/dz4yeLqiScFN5gXclkssJ1Xf7Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.60.0/22
IPv6:
2a0d:7200::/29
Signature Algorithm: sha256WithRSAEncryption
0a:ad:75:10:e3:3c:5a:31:17:e1:71:55:bb:f5:5f:d1:0e:5c:
f0:e0:ad:3b:5a:e2:12:12:1a:d6:69:94:10:e6:f2:52:7c:34:
09:e4:62:2a:a0:a8:61:90:6f:0c:9f:43:bd:6c:6e:b7:a4:1a:
5d:8d:d4:d0:5b:c4:49:36:02:0c:ca:c9:22:c5:29:53:1e:48:
ce:32:e1:c5:62:ee:0c:8f:48:6f:74:db:8c:20:2e:fc:b9:a8:
d2:6e:cc:9c:8e:a3:ce:7e:72:ab:1f:89:3a:af:ba:cd:75:fc:
79:46:b0:0a:3b:00:bb:49:3b:85:b4:81:f3:76:d3:b2:ae:90:
34:ef:a6:ad:5a:86:b2:81:4a:a4:de:bf:47:50:f6:b5:e7:0f:
36:eb:ad:04:66:ad:ee:a9:af:4a:5f:be:94:33:ee:f0:6a:8c:
c2:f1:0e:94:02:0e:68:50:b5:73:cc:c1:43:62:16:46:50:a4:
3e:de:a8:6e:28:c8:0c:63:63:4f:91:c7:e8:a1:14:3b:78:7a:
c1:b2:1e:e3:50:5a:95:82:28:de:22:fe:b1:eb:76:79:6a:99:
7e:38:69:2b:29:6d:27:cc:6e:3a:54:17:8f:18:d8:3b:a3:5a:
c2:6a:80:2f:93:a0:27:3a:fb:9a:3b:6c:dc:96:51:73:0b:98:
e4:a3:fe:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtbwK5pmC2e/r2clVA8+Q3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3M2UzMjc4YmFhMjQ5YzE0ZGU2MDVkYzk2NGIyYzI3NTVk
ZmVjZmEwHhcNMjMxMDIzMDg1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA0ZTlmNWY2ZmY5YmViMjBmMTEyYWJlMzM4NmE3NGE5M2U0YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfoCmwikgFNEmc4F26m8NSU8KRok
jXY39bp5AXQ0uwAtd4+ZqSb4wKQxTsEFvCMCcmtUVU0vejGqd+OrlVJW/OugeX8J
WMeeVU2JAfTyYIJBC9sNh8R6pj0/DXZatyVehh7note9Wxod1IL6wsNpD/1yVi9+
KzaD1RlNMo5wacyNvXTAuMKWqIrx5fmWcX5/P3MD/nMpY+FODHt9A92EfY1eUigW
TaehWnYLAvH7rwV7rz8KiWNahynYVv3QCWnhCakaB01UhSco9eIr74TdUKw9jYaZ
BgrA6sVVZQAaipnE1GBaZNNu3TmGkm0qAqs8ak2swW03MH35v7wHlnk0yQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIsE6fX2/5vrIPESq+M4anSpPksZMB8GA1UdIwQY
MBaAFHc+Mni6oknBTeYF3JZLLCdV3+z6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHo0eWVMcWlTY0ZONWdYY2xrc3NKMVhmN1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MmVjNDYtZWI4NC00NzVhLWE0Nzgt
MWYxNGVjODA1MzkwLzEvaXdUcDlmYl9tLXNnOFJLcjR6aHFkS2stU3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MmVjNDYtZWI4NC00NzVhLWE0NzgtMWYxNGVjODA1Mzkw
LzEvZHo0eWVMcWlTY0ZONWdYY2xrc3NKMVhmN1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueU8MA0E
AgACMAcDBQMqDXIAMA0GCSqGSIb3DQEBCwUAA4IBAQAKrXUQ4zxaMRfhcVW79V/R
Dlzw4K07WuISEhrWaZQQ5vJSfDQJ5GIqoKhhkG8Mn0O9bG63pBpdjdTQW8RJNgIM
yskixSlTHkjOMuHFYu4Mj0hvdNuMIC78uajSbsycjqPOfnKrH4k6r7rNdfx5RrAK
OwC7STuFtIHzdtOyrpA076atWoaygUqk3r9HUPa15w82660EZq3uqa9KX76UM+7w
aozC8Q6UAg5oULVzzMFDYhZGUKQ+3qhuKMgMY2NPkcfooRQ7eHrBsh7jUFqVgije
Iv6x63Z5apl+OGkrKW0nzG46VBePGNg7o1rCaoAvk6AnOvuaO2zcllFzC5jko/6M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:37 2024 by rpki-client on console-fra.rpki-client.org