Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/d1285b-f3e6-4bce-9bfc-83ad31aa45bf/1/5ny43VN2DPACKdSxWn8PLDE_1NU.roa
File: 5ny43VN2DPACKdSxWn8PLDE_1NU.roa (raw, json)
Hash identifier: JNlfZu1qc6GoxAmMKn+z5qLlMjT0DA4b99dNslbpzvE=
Subject key identifier: E6:7C:B8:DD:53:76:0C:F0:02:29:D4:B1:5A:7F:0F:2C:31:3F:D4:D5
Certificate issuer: /CN=25d80fe6b97f522867c37a8c53f0a58e7709fbc3
Certificate serial: 01856C1356B1021B7B0DCB36A7D873FC6C0B
Authority key identifier: 25:D8:0F:E6:B9:7F:52:28:67:C3:7A:8C:53:F0:A5:8E:77:09:FB:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JdgP5rl_Uihnw3qMU_CljncJ-8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/d1285b-f3e6-4bce-9bfc-83ad31aa45bf/1/5ny43VN2DPACKdSxWn8PLDE_1NU.roa
Signing time: Sun 01 Jan 2023 06:44:44 +0000
ROA not before: Sun 01 Jan 2023 06:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62250
IP address blocks: 185.166.63.0/24 maxlen: 24
185.166.60.0/24 maxlen: 24
185.166.61.0/24 maxlen: 24
185.166.60.0/22 maxlen: 22
185.166.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:56:b1:02:1b:7b:0d:cb:36:a7:d8:73:fc:6c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25d80fe6b97f522867c37a8c53f0a58e7709fbc3
Validity
Not Before: Jan 1 06:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e67cb8dd53760cf00229d4b15a7f0f2c313fd4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f3:24:e2:b5:4f:2c:3c:18:64:0a:c5:3f:80:
a4:5f:40:82:19:05:55:5b:9c:3f:67:c2:e4:1b:ac:
4c:c0:75:97:c0:48:cf:c9:6f:b5:15:dc:af:85:b7:
b3:67:42:1d:b7:d3:5a:72:e0:f9:ab:7e:39:ea:c7:
cc:a0:c7:71:e7:4f:e5:fd:e7:2b:42:d0:7e:d9:8e:
ab:8b:06:b1:f9:76:6c:8d:76:84:66:1b:c4:63:06:
12:06:e3:d0:91:f9:58:43:4a:35:0e:9e:03:3e:32:
3d:06:a2:18:59:f8:75:f1:ab:79:08:85:de:0e:4f:
8f:88:b0:6b:63:5a:01:77:7b:5e:bc:e6:35:8c:38:
76:68:4c:7d:f4:e3:79:24:0f:a7:71:ea:77:53:9f:
4f:29:d3:90:48:e8:09:08:98:74:60:79:d3:5d:51:
2d:14:b0:1c:a8:77:64:66:a0:cf:f6:2f:63:13:0c:
4e:05:8f:c1:f5:26:38:3f:3c:98:a9:95:61:b7:c5:
42:0e:33:28:57:7e:24:bc:a4:13:c5:3a:47:ab:b4:
fc:c6:e9:ea:00:af:e0:c3:9e:d6:2b:81:3f:d8:e3:
28:5b:29:62:25:dc:69:7b:45:e1:fe:5a:42:51:82:
78:83:97:cb:83:69:b2:98:a3:b9:9c:09:1f:16:da:
55:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7C:B8:DD:53:76:0C:F0:02:29:D4:B1:5A:7F:0F:2C:31:3F:D4:D5
X509v3 Authority Key Identifier:
keyid:25:D8:0F:E6:B9:7F:52:28:67:C3:7A:8C:53:F0:A5:8E:77:09:FB:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JdgP5rl_Uihnw3qMU_CljncJ-8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d1285b-f3e6-4bce-9bfc-83ad31aa45bf/1/5ny43VN2DPACKdSxWn8PLDE_1NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/d1285b-f3e6-4bce-9bfc-83ad31aa45bf/1/JdgP5rl_Uihnw3qMU_CljncJ-8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.60.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:fe:c0:c1:3a:18:9e:0b:5f:19:e1:6c:84:44:e8:11:c3:96:
1d:ea:2b:ef:af:95:7c:cc:82:33:19:ef:78:28:27:37:a0:ba:
64:44:ba:22:bf:0b:f0:b4:b0:0c:1c:8e:7a:94:04:e7:da:55:
78:c2:1e:9a:82:24:65:a9:9d:94:91:af:b2:ba:16:00:2c:62:
57:8e:37:b5:f0:28:84:ea:f3:9d:5a:2d:83:89:f5:fd:db:03:
f6:01:ef:a1:e6:10:b5:76:de:b2:47:48:b6:05:72:be:a0:d1:
31:56:49:12:38:d1:f4:09:ac:3d:a5:f8:e2:70:c1:ab:38:c4:
b8:b6:64:a4:8a:86:da:35:d0:d7:16:a3:db:9d:97:e9:21:05:
77:60:0f:75:ba:d9:fd:d2:37:29:ed:8a:2a:b2:25:28:7f:38:
cf:eb:01:06:46:a2:a2:dc:d6:53:ed:8f:1d:5e:d5:6b:33:e0:
a4:7d:73:92:e7:69:15:eb:5b:c3:00:cd:89:a8:0e:f0:38:2a:
e2:2a:2b:88:ee:d8:03:34:4b:7b:7e:f7:ac:1d:92:c9:a8:02:
e2:96:72:23:38:0d:7b:d5:e7:68:62:c9:51:01:8d:5d:9c:9c:
e8:57:be:9c:46:4d:69:2a:32:05:7c:66:f2:f0:82:fd:fa:4d:
2c:47:cb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE1axAht7Dcs2p9hz/GwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZDgwZmU2Yjk3ZjUyMjg2N2MzN2E4YzUzZjBhNThlNzcw
OWZiYzMwHhcNMjMwMTAxMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdjYjhkZDUzNzYwY2YwMDIyOWQ0YjE1YTdmMGYyYzMxM2ZkNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPMk4rVPLDwYZArFP4CkX0CCGQVV
W5w/Z8LkG6xMwHWXwEjPyW+1FdyvhbezZ0Idt9NacuD5q3456sfMoMdx50/l/ecr
QtB+2Y6riwax+XZsjXaEZhvEYwYSBuPQkflYQ0o1Dp4DPjI9BqIYWfh18at5CIXe
Dk+PiLBrY1oBd3tevOY1jDh2aEx99ON5JA+ncep3U59PKdOQSOgJCJh0YHnTXVEt
FLAcqHdkZqDP9i9jEwxOBY/B9SY4PzyYqZVht8VCDjMoV34kvKQTxTpHq7T8xunq
AK/gw57WK4E/2OMoWyliJdxpe0Xh/lpCUYJ4g5fLg2mymKO5nAkfFtpVEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZ8uN1TdgzwAinUsVp/DywxP9TVMB8GA1UdIwQY
MBaAFCXYD+a5f1IoZ8N6jFPwpY53CfvDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmRnUDVybF9VaWhudzNxTVVfQ2xqbmNKLThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kMTI4NWItZjNlNi00YmNlLTliZmMt
ODNhZDMxYWE0NWJmLzEvNW55NDNWTjJEUEFDS2RTeFduOFBMREVfMU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kMTI4NWItZjNlNi00YmNlLTliZmMtODNhZDMxYWE0NWJm
LzEvSmRnUDVybF9VaWhudzNxTVVfQ2xqbmNKLThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaY8MA0G
CSqGSIb3DQEBCwUAA4IBAQCN/sDBOhieC18Z4WyEROgRw5Yd6ivvr5V8zIIzGe94
KCc3oLpkRLoivwvwtLAMHI56lATn2lV4wh6agiRlqZ2Uka+yuhYALGJXjje18CiE
6vOdWi2DifX92wP2Ae+h5hC1dt6yR0i2BXK+oNExVkkSONH0Caw9pfjicMGrOMS4
tmSkiobaNdDXFqPbnZfpIQV3YA91utn90jcp7YoqsiUofzjP6wEGRqKi3NZT7Y8d
XtVrM+CkfXOS52kV61vDAM2JqA7wOCriKiuI7tgDNEt7fvesHZLJqALilnIjOA17
1edoYslRAY1dnJzoV76cRk1pKjIFfGby8IL9+k0sR8sl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:55 2024 by rpki-client on console-ams.rpki-client.org