Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/ckJ8XYRLo8Isay9ys4pJT0vv_Tw.roa
File: ckJ8XYRLo8Isay9ys4pJT0vv_Tw.roa (raw, json)
Hash identifier: uHsnM/TJdDEVkM1Zx4Sl9GGzgS6QF5Mw4WoLI+aW+ec=
Subject key identifier: 72:42:7C:5D:84:4B:A3:C2:2C:6B:2F:72:B3:8A:49:4F:4B:EF:FD:3C
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 01856D4AAFF36FC8F148424B84438943B710
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/ckJ8XYRLo8Isay9ys4pJT0vv_Tw.roa
Signing time: Sun 01 Jan 2023 12:24:49 +0000
ROA not before: Sun 01 Jan 2023 12:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204296
IP address blocks: 185.254.60.0/23 maxlen: 23
185.254.63.0/24 maxlen: 24
185.254.62.0/24 maxlen: 24
2a0c:4840::/29 maxlen: 29
2a0c:4847:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:af:f3:6f:c8:f1:48:42:4b:84:43:89:43:b7:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Jan 1 12:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72427c5d844ba3c22c6b2f72b38a494f4beffd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:66:0a:8d:6b:b9:95:e6:53:1b:dd:41:a5:b3:
2d:0f:e9:63:68:b3:59:6a:85:45:35:c9:d7:e3:74:
a8:a8:66:e0:25:7c:79:01:6a:5e:83:1f:df:8c:85:
20:32:e7:8a:8a:3e:e6:e4:c7:30:9d:47:0a:49:35:
b7:de:c5:6a:13:7e:8f:ae:b2:02:80:6e:cb:a4:6f:
05:b0:4b:78:78:1d:bc:e1:95:ef:27:0f:55:55:e7:
c8:c1:a5:af:21:47:d6:18:d6:cf:76:6f:b7:32:98:
0b:be:1e:70:ac:17:0c:70:43:64:80:80:2a:44:1a:
69:4a:15:86:83:13:b5:63:71:c1:92:8b:53:e1:39:
c3:b6:61:5a:de:32:57:a7:e5:9e:0e:40:1f:d3:f1:
b7:4c:48:b4:06:bc:df:42:00:c0:89:c3:83:45:f1:
e0:44:9a:04:15:4c:b1:90:5b:c6:09:eb:a1:b0:96:
95:57:c8:de:7f:b5:6e:e4:f5:99:61:21:7d:78:cc:
a8:bc:52:39:da:f3:04:98:77:01:7e:90:70:e4:5d:
74:90:b6:2a:ad:4d:9d:38:55:a0:d9:f3:9b:b7:54:
6e:0d:df:73:8e:19:f3:f1:c4:35:54:f1:bf:80:80:
da:fc:84:e0:f2:c3:d7:a6:7a:29:53:4e:c1:f6:3d:
90:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:42:7C:5D:84:4B:A3:C2:2C:6B:2F:72:B3:8A:49:4F:4B:EF:FD:3C
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/ckJ8XYRLo8Isay9ys4pJT0vv_Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.60.0/22
IPv6:
2a0c:4840::/29
Signature Algorithm: sha256WithRSAEncryption
4d:e2:cd:db:73:34:03:79:ab:f6:24:79:71:d3:08:e0:46:f7:
29:28:66:e2:06:2a:fe:06:3d:ff:35:bb:8b:e0:1c:7e:a1:6e:
6d:2a:18:5e:73:dc:7e:42:85:f1:de:ea:a9:86:bf:21:2e:9b:
ca:d0:4f:b0:c8:10:e0:f9:b9:04:06:ce:1c:5a:53:e3:e7:78:
f0:1f:b9:e5:03:1e:5d:1c:db:8b:30:3a:f5:e4:a1:4e:dc:72:
5d:35:1c:e3:f3:60:3c:f2:48:b4:d4:aa:2b:e9:a5:4a:c4:b2:
08:75:c7:a6:99:5f:0f:a9:df:ec:2b:b9:bc:c9:4c:ce:e9:9c:
b2:e6:03:50:42:eb:4e:94:54:d8:f5:29:cf:41:e4:ec:31:b2:
85:ee:a8:ff:58:9d:c4:44:07:db:e0:fe:e2:bd:f2:61:4d:1b:
e9:fc:b0:0b:fe:8e:23:e4:0a:d4:50:86:ac:4f:79:ac:94:6e:
53:36:2e:29:8a:18:43:fa:1e:03:97:58:33:a3:db:47:96:9e:
68:d2:81:f3:0d:8b:a3:49:76:f1:ec:6d:e2:db:a3:9a:78:cd:
61:9d:23:3b:77:0c:1d:21:72:ca:79:67:19:05:c5:76:69:1e:
6c:c8:64:61:5a:d7:2d:e2:23:61:40:51:e9:4d:3a:b6:86:42:
66:e9:88:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtSq/zb8jxSEJLhEOJQ7cQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjMwMTAxMTIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQyN2M1ZDg0NGJhM2MyMmM2YjJmNzJiMzhhNDk0ZjRiZWZmZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmYKjWu5leZTG91BpbMtD+ljaLNZ
aoVFNcnX43SoqGbgJXx5AWpegx/fjIUgMueKij7m5McwnUcKSTW33sVqE36PrrIC
gG7LpG8FsEt4eB284ZXvJw9VVefIwaWvIUfWGNbPdm+3MpgLvh5wrBcMcENkgIAq
RBppShWGgxO1Y3HBkotT4TnDtmFa3jJXp+WeDkAf0/G3TEi0BrzfQgDAicODRfHg
RJoEFUyxkFvGCeuhsJaVV8jef7Vu5PWZYSF9eMyovFI52vMEmHcBfpBw5F10kLYq
rU2dOFWg2fObt1RuDd9zjhnz8cQ1VPG/gIDa/ITg8sPXpnopU07B9j2QHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHJCfF2ES6PCLGsvcrOKSU9L7/08MB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvY2tKOFhZUkxvOElzYXk5eXM0cEpUMHZ2X1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf48MA0E
AgACMAcDBQMqDEhAMA0GCSqGSIb3DQEBCwUAA4IBAQBN4s3bczQDeav2JHlx0wjg
RvcpKGbiBir+Bj3/NbuL4Bx+oW5tKhhec9x+QoXx3uqphr8hLpvK0E+wyBDg+bkE
Bs4cWlPj53jwH7nlAx5dHNuLMDr15KFO3HJdNRzj82A88ki01Kor6aVKxLIIdcem
mV8Pqd/sK7m8yUzO6Zyy5gNQQutOlFTY9SnPQeTsMbKF7qj/WJ3ERAfb4P7ivfJh
TRvp/LAL/o4j5ArUUIasT3mslG5TNi4pihhD+h4Dl1gzo9tHlp5o0oHzDYujSXbx
7G3i26OaeM1hnSM7dwwdIXLKeWcZBcV2aR5syGRhWtct4iNhQFHpTTq2hkJm6Ygu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:24 2024 by rpki-client on console-fra.rpki-client.org