Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/16634f-9724-4d8d-962d-698f818bbd33/1/X0cHokR7y7AG1dYy9GC87zA4QAM.roa
File: X0cHokR7y7AG1dYy9GC87zA4QAM.roa (raw, json)
Hash identifier: MFT8NSkzk1nvPIoddYMRFrwvJMr4ML59Xg4xcitdHqE=
Subject key identifier: 5F:47:07:A2:44:7B:CB:B0:06:D5:D6:32:F4:60:BC:EF:30:38:40:03
Certificate issuer: /CN=db269d0ea8caa40c7a704382cab53e1b026d6b43
Certificate serial: 01856CEF3F4FE611F9069F4D8CC6D2DCA707
Authority key identifier: DB:26:9D:0E:A8:CA:A4:0C:7A:70:43:82:CA:B5:3E:1B:02:6D:6B:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yadDqjKpAx6cEOCyrU-GwJta0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/16634f-9724-4d8d-962d-698f818bbd33/1/X0cHokR7y7AG1dYy9GC87zA4QAM.roa
Signing time: Sun 01 Jan 2023 10:44:56 +0000
ROA not before: Sun 01 Jan 2023 10:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62336
IP address blocks: 85.209.60.0/22 maxlen: 22
2a09:88c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:3f:4f:e6:11:f9:06:9f:4d:8c:c6:d2:dc:a7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db269d0ea8caa40c7a704382cab53e1b026d6b43
Validity
Not Before: Jan 1 10:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f4707a2447bcbb006d5d632f460bcef30384003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:61:fa:af:f8:51:85:ef:1d:cd:93:cc:ba:
3c:96:40:22:48:e4:ed:93:4e:be:b4:50:6d:c7:2e:
42:07:be:8a:81:b3:86:80:c2:36:9f:d7:ee:49:90:
f2:83:be:e3:3f:29:12:75:c5:ef:e0:fe:18:5c:04:
27:49:bc:53:00:07:5b:c3:95:57:d8:cd:3b:60:d6:
29:68:2b:f6:54:75:01:be:40:62:66:6d:e0:f2:53:
6f:92:03:34:b1:04:9c:42:50:b8:55:fc:95:95:8b:
a1:02:7a:ef:9a:cf:ee:56:9c:e8:3b:37:fe:7c:7b:
00:8d:37:32:39:23:f0:b3:ae:d9:85:7f:c3:6e:0a:
4c:73:a4:6d:19:22:27:72:50:c6:46:e0:96:86:04:
72:f4:78:72:a3:84:d0:52:19:7b:ec:ca:b3:33:af:
98:88:7c:03:31:a4:a0:07:5f:9d:ce:b5:84:ed:85:
80:3a:55:98:c0:0b:b6:e4:57:92:8e:11:de:d6:59:
61:2a:66:d7:37:eb:2e:57:19:02:a6:89:d5:cc:a9:
ef:49:dc:0b:95:60:ed:17:8d:5b:af:15:23:31:b1:
a9:bc:03:a2:bf:5f:89:b1:98:1e:f9:c8:58:74:4c:
7d:34:6c:80:c2:5d:ad:6d:56:43:7d:51:b9:c2:68:
24:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:47:07:A2:44:7B:CB:B0:06:D5:D6:32:F4:60:BC:EF:30:38:40:03
X509v3 Authority Key Identifier:
keyid:DB:26:9D:0E:A8:CA:A4:0C:7A:70:43:82:CA:B5:3E:1B:02:6D:6B:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yadDqjKpAx6cEOCyrU-GwJta0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/16634f-9724-4d8d-962d-698f818bbd33/1/X0cHokR7y7AG1dYy9GC87zA4QAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/16634f-9724-4d8d-962d-698f818bbd33/1/2yadDqjKpAx6cEOCyrU-GwJta0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.60.0/22
IPv6:
2a09:88c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:b8:9a:59:5e:e0:11:26:18:ac:7a:eb:42:07:f2:7c:87:60:
81:3b:88:db:89:ca:fd:30:27:ce:80:6a:93:30:7f:d6:4b:5b:
b5:6d:85:d3:f9:40:e0:a4:14:2c:e8:97:a1:03:91:05:ad:45:
11:c9:12:64:68:2b:d7:2e:10:1f:42:5e:cf:6f:61:92:76:6d:
e0:4f:2c:ad:a9:29:cf:86:0c:94:26:08:d4:80:03:1b:74:9f:
f9:3e:84:f6:24:46:4a:ae:06:69:da:f3:a9:8d:a3:e9:7c:e7:
02:68:8d:f4:58:df:c1:e3:11:06:50:81:e9:03:82:81:41:e5:
c6:5a:1c:85:b2:cf:84:c4:83:d1:48:b4:93:81:92:cc:1f:23:
84:43:a5:f8:cf:7f:25:f6:e4:1d:49:1c:06:99:8f:cd:37:c7:
57:26:49:36:0e:0e:90:b5:da:84:a4:e3:8a:6e:73:7a:f6:28:
f0:a1:3a:86:10:4e:e7:bf:37:ef:4e:83:ac:fd:fe:08:ee:7b:
b7:4d:81:e7:ed:3b:e3:f6:27:6c:4e:e5:f0:3a:1e:93:04:24:
53:9e:48:66:a4:aa:04:78:10:17:62:df:d0:74:f1:89:2d:6a:
22:2d:f9:92:ca:f3:b8:d6:bd:7b:22:b3:68:49:c4:96:69:43:
7d:9a:90:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs7z9P5hH5Bp9NjMbS3KcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjY5ZDBlYThjYWE0MGM3YTcwNDM4MmNhYjUzZTFiMDI2
ZDZiNDMwHhcNMjMwMTAxMTA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ3MDdhMjQ0N2JjYmIwMDZkNWQ2MzJmNDYwYmNlZjMwMzg0MDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bph+q/4UYXvHc2TzLo8lkAiSOTt
k06+tFBtxy5CB76KgbOGgMI2n9fuSZDyg77jPykSdcXv4P4YXAQnSbxTAAdbw5VX
2M07YNYpaCv2VHUBvkBiZm3g8lNvkgM0sQScQlC4VfyVlYuhAnrvms/uVpzoOzf+
fHsAjTcyOSPws67ZhX/DbgpMc6RtGSInclDGRuCWhgRy9Hhyo4TQUhl77MqzM6+Y
iHwDMaSgB1+dzrWE7YWAOlWYwAu25FeSjhHe1llhKmbXN+suVxkCponVzKnvSdwL
lWDtF41brxUjMbGpvAOiv1+JsZge+chYdEx9NGyAwl2tbVZDfVG5wmgkyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF9HB6JEe8uwBtXWMvRgvO8wOEADMB8GA1UdIwQY
MBaAFNsmnQ6oyqQMenBDgsq1PhsCbWtDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlhZERxaktwQXg2Y0VPQ3lyVS1Hd0p0YTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xNjYzNGYtOTcyNC00ZDhkLTk2MmQt
Njk4ZjgxOGJiZDMzLzEvWDBjSG9rUjd5N0FHMWRZeTlHQzg3ekE0UUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xNjYzNGYtOTcyNC00ZDhkLTk2MmQtNjk4ZjgxOGJiZDMz
LzEvMnlhZERxaktwQXg2Y0VPQ3lyVS1Hd0p0YTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdE8MA0E
AgACMAcDBQMqCYjAMA0GCSqGSIb3DQEBCwUAA4IBAQBGuJpZXuARJhiseutCB/J8
h2CBO4jbicr9MCfOgGqTMH/WS1u1bYXT+UDgpBQs6JehA5EFrUURyRJkaCvXLhAf
Ql7Pb2GSdm3gTyytqSnPhgyUJgjUgAMbdJ/5PoT2JEZKrgZp2vOpjaPpfOcCaI30
WN/B4xEGUIHpA4KBQeXGWhyFss+ExIPRSLSTgZLMHyOEQ6X4z38l9uQdSRwGmY/N
N8dXJkk2Dg6QtdqEpOOKbnN69ijwoTqGEE7nvzfvToOs/f4I7nu3TYHn7Tvj9ids
TuXwOh6TBCRTnkhmpKoEeBAXYt/QdPGJLWoiLfmSyvO41r17IrNoScSWaUN9mpDr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org