Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/YOLdMV0L1SZpXVsfQrwcZHgg2i8.roa
File: YOLdMV0L1SZpXVsfQrwcZHgg2i8.roa (raw, json)
Hash identifier: uzF0UEbxVsRHe2ACTargCJZzgg1Cx47gw3g1O70gNi0=
Subject key identifier: 60:E2:DD:31:5D:0B:D5:26:69:5D:5B:1F:42:BC:1C:64:78:20:DA:2F
Certificate issuer: /CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Certificate serial: 01856DCB141BDCA93D2DB6AEBA559D22605C
Authority key identifier: D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/YOLdMV0L1SZpXVsfQrwcZHgg2i8.roa
Signing time: Sun 01 Jan 2023 14:45:03 +0000
ROA not before: Sun 01 Jan 2023 14:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39120
IP address blocks: 185.112.60.0/24 maxlen: 24
185.112.62.0/24 maxlen: 24
185.112.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:14:1b:dc:a9:3d:2d:b6:ae:ba:55:9d:22:60:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Validity
Not Before: Jan 1 14:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60e2dd315d0bd526695d5b1f42bc1c647820da2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:0a:3e:8b:a5:88:a1:b4:79:5f:7f:59:d1:
00:33:63:0e:06:1c:07:05:2b:62:ef:d1:9b:18:ea:
6b:c6:db:96:10:08:52:22:45:16:93:f3:41:41:d5:
bf:92:c1:82:c2:8b:79:e5:9d:52:50:b4:b0:f9:51:
11:4c:db:8d:3f:32:5c:87:51:d9:4d:b3:b5:6f:2a:
e6:44:ea:cf:9c:c8:0f:e3:79:05:e4:98:71:8f:e5:
c2:8a:7c:a4:1b:99:4d:f4:6a:4d:a1:22:fa:7b:54:
86:2f:ad:15:d2:ff:40:84:2e:77:c7:bc:60:27:6f:
c3:70:1f:dc:63:36:7f:5d:6f:83:ba:2f:87:4f:a2:
ab:a4:c2:49:79:b3:c6:34:74:ca:f7:d0:cf:e1:ab:
05:fb:c3:0e:57:cb:f1:04:04:6a:71:56:a3:8a:63:
d8:b6:21:97:0d:2a:39:d9:91:c4:77:52:57:ae:1c:
29:15:f3:80:6b:a8:a1:12:2a:1b:d4:19:da:8a:0d:
74:6b:5f:5f:f7:b0:f1:15:e4:1d:5f:e4:c2:ae:58:
7f:83:a9:03:49:41:64:19:9a:ea:56:cb:c8:cd:32:
79:07:93:f8:30:3f:1a:93:41:fc:da:33:81:2e:2c:
2e:79:9a:50:2b:2d:0c:eb:49:ac:a0:90:e2:2b:4f:
ca:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E2:DD:31:5D:0B:D5:26:69:5D:5B:1F:42:BC:1C:64:78:20:DA:2F
X509v3 Authority Key Identifier:
keyid:D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/YOLdMV0L1SZpXVsfQrwcZHgg2i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/0cSRMJSiEmjHOmdlOjc41z5cWac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.60.0-185.112.62.255
Signature Algorithm: sha256WithRSAEncryption
25:6e:55:3d:be:3e:a5:87:90:b7:f1:18:0a:aa:e3:d6:06:8c:
17:a8:54:b5:23:23:28:b0:ad:8e:84:5a:fd:f2:0a:3b:a3:40:
31:0c:82:ea:5a:14:fc:c0:26:e8:23:8f:dd:bd:56:66:c0:e1:
91:4b:b4:ed:6a:6b:2b:7f:98:65:3c:8a:49:30:60:79:e9:36:
5b:2e:19:e2:f9:69:27:0e:a0:d0:20:f2:cb:85:2d:0c:1f:78:
fd:8c:49:27:c8:7e:d7:dd:bd:a7:04:86:0b:59:28:7d:c0:d8:
57:41:52:df:38:e6:df:b7:d2:cb:5a:56:83:79:64:83:69:0f:
94:4a:09:22:89:fc:4d:4f:47:2d:41:b8:6c:92:51:74:91:49:
95:ff:69:4f:c2:da:c2:04:aa:71:34:f3:6d:24:b4:6c:cc:a8:
1c:97:6f:95:dc:77:f7:12:98:1f:8c:9a:62:1b:e5:7b:ae:b1:
1c:37:14:1e:18:bb:fe:f6:83:94:6a:ad:e5:75:f6:b0:3d:f2:
56:82:c9:b4:1d:05:16:fe:ad:ba:92:85:3b:af:01:55:0a:62:
8e:52:f0:85:07:7a:c9:ca:62:19:81:6a:1c:3b:59:a0:23:a5:
66:c0:70:ec:99:a2:e8:c3:21:02:07:1a:55:17:17:7b:a2:49:
f5:4c:ba:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtyxQb3Kk9LbauulWdImBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYzQ5MTMwOTRhMjEyNjhjNzNhNjc2NTNhMzczOGQ3M2U1
YzU5YTcwHhcNMjMwMTAxMTQ0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUyZGQzMTVkMGJkNTI2Njk1ZDViMWY0MmJjMWM2NDc4MjBkYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjcKPouliKG0eV9/WdEAM2MOBhwH
BSti79GbGOprxtuWEAhSIkUWk/NBQdW/ksGCwot55Z1SULSw+VERTNuNPzJch1HZ
TbO1byrmROrPnMgP43kF5Jhxj+XCinykG5lN9GpNoSL6e1SGL60V0v9AhC53x7xg
J2/DcB/cYzZ/XW+Dui+HT6KrpMJJebPGNHTK99DP4asF+8MOV8vxBARqcVajimPY
tiGXDSo52ZHEd1JXrhwpFfOAa6ihEiob1Bnaig10a19f97DxFeQdX+TCrlh/g6kD
SUFkGZrqVsvIzTJ5B5P4MD8ak0H82jOBLiwueZpQKy0M60msoJDiK0/K8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGDi3TFdC9UmaV1bH0K8HGR4INovMB8GA1UdIwQY
MBaAFNHEkTCUohJoxzpnZTo3ONc+XFmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAt
MzNhODJhYjVmNTEzLzEvWU9MZE1WMEwxU1pwWFZzZlFyd2NaSGdnMmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAtMzNhODJhYjVmNTEz
LzEvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5cDwD
BAC5cD4wDQYJKoZIhvcNAQELBQADggEBACVuVT2+PqWHkLfxGAqq49YGjBeoVLUj
IyiwrY6EWv3yCjujQDEMgupaFPzAJugjj929VmbA4ZFLtO1qayt/mGU8ikkwYHnp
NlsuGeL5aScOoNAg8suFLQwfeP2MSSfIftfdvacEhgtZKH3A2FdBUt845t+30sta
VoN5ZINpD5RKCSKJ/E1PRy1BuGySUXSRSZX/aU/C2sIEqnE0820ktGzMqByXb5Xc
d/cSmB+MmmIb5XuusRw3FB4Yu/72g5RqreV19rA98laCybQdBRb+rbqShTuvAVUK
Yo5S8IUHesnKYhmBahw7WaAjpWbAcOyZoujDIQIHGlUXF3uiSfVMusg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:03 2024 by rpki-client on console-fra.rpki-client.org