Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ad0351-006f-47aa-ab19-19c05f4f4a7b/1/lZJ0DxYjBY60ha8gyvFrwGpGsII.roa
File: lZJ0DxYjBY60ha8gyvFrwGpGsII.roa (raw, json)
Hash identifier: Q0sVp649Kz8AVftQBR5prWh3QTL/X/BI9Mw8oILqmww=
Subject key identifier: 95:92:74:0F:16:23:05:8E:B4:85:AF:20:CA:F1:6B:C0:6A:46:B0:82
Certificate issuer: /CN=32d5c9c85ffb7463945e8126570b7e2851b3fb7a
Certificate serial: 018899A5113B20F281CA803E02027EF82E97
Authority key identifier: 32:D5:C9:C8:5F:FB:74:63:94:5E:81:26:57:0B:7E:28:51:B3:FB:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtXJyF_7dGOUXoEmVwt-KFGz-3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ad0351-006f-47aa-ab19-19c05f4f4a7b/1/lZJ0DxYjBY60ha8gyvFrwGpGsII.roa
Signing time: Thu 08 Jun 2023 06:15:11 +0000
ROA not before: Thu 08 Jun 2023 06:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 185.123.60.0/24 maxlen: 24
2a06:ab00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:a5:11:3b:20:f2:81:ca:80:3e:02:02:7e:f8:2e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d5c9c85ffb7463945e8126570b7e2851b3fb7a
Validity
Not Before: Jun 8 06:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9592740f1623058eb485af20caf16bc06a46b082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:ab:0a:88:57:65:d9:e6:99:d0:f3:b3:cd:
d3:f3:b5:e9:9a:5e:63:58:d3:1c:b7:00:8b:bc:1f:
b3:ee:c1:00:79:0f:f0:3e:62:0f:0b:d8:94:96:eb:
89:b3:91:02:0d:a1:c7:d4:c9:7b:a8:d3:d2:6d:01:
52:ee:75:5e:fa:a5:26:8e:92:20:4f:7d:f1:d9:7e:
57:2d:a7:7d:6b:d1:42:41:c5:95:ab:93:52:cc:9a:
1c:18:fb:9b:c5:98:55:c8:b9:42:52:37:bc:39:8a:
a4:b2:01:64:6d:d7:88:0f:e2:e1:b2:a6:0d:88:49:
f7:f7:80:5c:e1:a3:fc:a2:46:40:90:3e:90:2b:63:
bb:42:11:e4:7f:4c:d8:92:de:7b:b1:cb:3a:aa:15:
50:cf:a3:0f:8d:fb:b7:a0:64:19:f9:e9:80:b3:9a:
88:22:92:6f:76:bf:04:8b:5c:f6:dc:4a:d5:cb:d9:
82:46:65:38:04:82:c6:0e:0f:cf:4f:17:e7:27:6a:
2b:00:3f:7f:42:68:34:9f:16:63:59:61:ed:09:e8:
44:f8:76:40:90:84:78:d3:4d:bf:89:9a:5c:a9:d3:
c0:e1:8f:b3:d1:d4:31:12:ca:22:7d:37:0a:2c:de:
f2:d1:6f:a5:92:d7:ee:4c:25:8e:18:a8:cf:09:ea:
de:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:92:74:0F:16:23:05:8E:B4:85:AF:20:CA:F1:6B:C0:6A:46:B0:82
X509v3 Authority Key Identifier:
keyid:32:D5:C9:C8:5F:FB:74:63:94:5E:81:26:57:0B:7E:28:51:B3:FB:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtXJyF_7dGOUXoEmVwt-KFGz-3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ad0351-006f-47aa-ab19-19c05f4f4a7b/1/lZJ0DxYjBY60ha8gyvFrwGpGsII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ad0351-006f-47aa-ab19-19c05f4f4a7b/1/MtXJyF_7dGOUXoEmVwt-KFGz-3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.60.0/24
IPv6:
2a06:ab00::/32
Signature Algorithm: sha256WithRSAEncryption
4b:de:76:2a:d8:8f:73:a7:22:f1:ac:74:0e:6f:63:3b:69:d6:
c0:04:dd:54:a2:7b:99:60:a0:1a:45:67:90:d5:40:24:1a:55:
78:fa:e2:22:cb:a3:a3:71:ab:30:40:a3:84:18:e4:26:96:a8:
b9:04:a1:9c:92:ca:26:74:ea:77:44:d4:ea:bf:3a:fc:f3:ef:
43:c9:db:a7:43:12:0b:ae:64:fb:56:0d:8a:e4:0a:0f:7e:b0:
9a:65:b4:10:07:14:e9:d7:b2:3d:bc:2c:c5:d0:26:82:93:6b:
bf:e7:04:26:f2:21:ae:a7:b1:51:53:c0:ca:a6:c6:c7:a8:7b:
11:98:c4:21:cf:c3:b0:a6:39:3f:95:6d:1a:8a:02:84:f6:8c:
a4:cf:55:ad:27:c4:ba:50:fa:31:89:33:ac:22:8f:da:90:f1:
2e:41:1b:db:94:52:b5:67:b6:99:8d:76:fe:44:60:9d:e2:db:
23:16:2f:29:ae:8a:ca:fa:26:7b:3d:02:8d:d7:54:10:26:bd:
b4:26:be:07:2e:e6:c0:b7:ca:cf:ac:db:f9:ff:10:2b:cc:02:
8c:2a:01:70:e8:2a:1d:b2:39:f7:f3:2a:2e:f9:6f:c6:54:25:
fe:b7:90:32:85:f3:74:d1:9c:58:3b:30:1c:dd:cc:47:19:b1:
54:5a:37:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiZpRE7IPKByoA+AgJ++C6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDVjOWM4NWZmYjc0NjM5NDVlODEyNjU3MGI3ZTI4NTFi
M2ZiN2EwHhcNMjMwNjA4MDYxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkyNzQwZjE2MjMwNThlYjQ4NWFmMjBjYWYxNmJjMDZhNDZiMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8WrCohXZdnmmdDzs83T87Xpml5j
WNMctwCLvB+z7sEAeQ/wPmIPC9iUluuJs5ECDaHH1Ml7qNPSbQFS7nVe+qUmjpIg
T33x2X5XLad9a9FCQcWVq5NSzJocGPubxZhVyLlCUje8OYqksgFkbdeID+LhsqYN
iEn394Bc4aP8okZAkD6QK2O7QhHkf0zYkt57scs6qhVQz6MPjfu3oGQZ+emAs5qI
IpJvdr8Ei1z23ErVy9mCRmU4BILGDg/PTxfnJ2orAD9/Qmg0nxZjWWHtCehE+HZA
kIR4002/iZpcqdPA4Y+z0dQxEsoifTcKLN7y0W+lktfuTCWOGKjPCereGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJWSdA8WIwWOtIWvIMrxa8BqRrCCMB8GA1UdIwQY
MBaAFDLVychf+3RjlF6BJlcLfihRs/t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRYSnlGXzdkR09VWG9FbVZ3dC1LRkd6LTNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZDAzNTEtMDA2Zi00N2FhLWFiMTkt
MTljMDVmNGY0YTdiLzEvbFpKMER4WWpCWTYwaGE4Z3l2RnJ3R3BHc0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZDAzNTEtMDA2Zi00N2FhLWFiMTktMTljMDVmNGY0YTdi
LzEvTXRYSnlGXzdkR09VWG9FbVZ3dC1LRkd6LTNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXs8MA0E
AgACMAcDBQAqBqsAMA0GCSqGSIb3DQEBCwUAA4IBAQBL3nYq2I9zpyLxrHQOb2M7
adbABN1UonuZYKAaRWeQ1UAkGlV4+uIiy6OjcaswQKOEGOQmlqi5BKGcksomdOp3
RNTqvzr88+9DydunQxILrmT7Vg2K5AoPfrCaZbQQBxTp17I9vCzF0CaCk2u/5wQm
8iGup7FRU8DKpsbHqHsRmMQhz8Owpjk/lW0aigKE9oykz1WtJ8S6UPoxiTOsIo/a
kPEuQRvblFK1Z7aZjXb+RGCd4tsjFi8prorK+iZ7PQKN11QQJr20Jr4HLubAt8rP
rNv5/xArzAKMKgFw6Codsjn38you+W/GVCX+t5AyhfN00ZxYOzAc3cxHGbFUWjco
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:53 2024 by rpki-client on console-fra.rpki-client.org