Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/2kSKXwDGD_FCb3g9dgNB290gvPA.roa
File: 2kSKXwDGD_FCb3g9dgNB290gvPA.roa (raw, json)
Hash identifier: PgLWOhj5ZLJjdMYtv//Myn2QCtcqIXoxdy4nK35+7R8=
Subject key identifier: DA:44:8A:5F:00:C6:0F:F1:42:6F:78:3D:76:03:41:DB:DD:20:BC:F0
Certificate issuer: /CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Certificate serial: 0186DB601DECE7621AC2CFC436178699112E
Authority key identifier: 62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/2kSKXwDGD_FCb3g9dgNB290gvPA.roa
Signing time: Mon 13 Mar 2023 14:29:14 +0000
ROA not before: Mon 13 Mar 2023 14:29:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201905
IP address blocks: 185.60.116.0/22 maxlen: 24
185.60.116.0/24 maxlen: 24
185.60.117.0/24 maxlen: 24
2a02:71e0::/32 maxlen: 36
Validation: Failed, certificate revoked on Mon 13 Mar 2023 14:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:60:1d:ec:e7:62:1a:c2:cf:c4:36:17:86:99:11:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Validity
Not Before: Mar 13 14:29:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da448a5f00c60ff1426f783d760341dbdd20bcf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:07:8a:a7:ad:f5:3b:0e:06:7d:7f:1d:11:c9:
23:28:e2:c8:13:f8:7c:59:8d:b4:c6:4a:eb:8a:d3:
a5:fa:57:87:01:5b:67:54:bc:39:d4:09:74:04:3e:
63:82:88:13:ff:e4:41:da:0a:04:01:d6:95:31:d2:
03:70:8d:34:1d:b5:5b:73:08:c0:d6:19:90:b9:61:
ca:24:0d:8b:3e:86:61:32:42:02:ce:33:28:6e:90:
ab:97:83:06:68:a7:48:fe:f1:4a:20:59:91:7a:34:
79:79:e6:10:25:ca:15:0f:1d:2f:6e:27:f0:39:03:
9b:80:81:94:09:8a:a2:f7:6a:f3:80:02:8c:3f:ec:
c0:db:80:5f:b9:ca:f2:ab:af:77:fd:47:fb:67:bf:
89:e5:cf:2f:90:44:2f:c9:6c:8b:47:12:35:a6:3f:
b4:d2:2c:bf:22:27:78:5a:4c:74:e6:14:16:d9:7a:
73:3c:23:d2:4f:d9:5c:d7:36:26:bc:b0:49:7e:4e:
ff:45:34:17:6f:35:70:03:9f:fe:0b:26:ce:1a:4c:
50:c3:7a:e1:e7:b3:0d:db:b7:0d:d9:58:65:09:55:
98:2f:35:d8:1d:fe:03:e5:cc:cb:6d:36:2b:7c:14:
c0:ef:26:d2:42:92:4f:21:81:3d:44:6c:b0:a3:c7:
7d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:44:8A:5F:00:C6:0F:F1:42:6F:78:3D:76:03:41:DB:DD:20:BC:F0
X509v3 Authority Key Identifier:
keyid:62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/2kSKXwDGD_FCb3g9dgNB290gvPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/YoTPp4RDQCN_5Zo4JbVPP3fthTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.116.0/22
IPv6:
2a02:71e0::/32
Signature Algorithm: sha256WithRSAEncryption
35:ec:0b:a2:cf:3e:61:65:bf:79:db:41:2d:8e:55:26:82:ed:
81:07:93:d5:1c:d4:4d:6d:d1:86:b2:d0:b6:8c:62:5e:3e:c5:
d1:99:c7:7f:96:fe:4e:2a:20:f0:e8:33:92:d9:b2:a0:ad:2a:
bc:15:e0:60:c5:08:48:ef:99:53:68:bd:2c:8a:72:ab:5a:a1:
8f:02:2f:0b:9f:5a:ba:0d:17:1a:d3:7d:14:e7:bd:f2:86:14:
ab:22:dd:88:60:2f:01:a6:e0:05:86:ee:7d:c7:b5:ec:bc:55:
0c:e8:43:d8:03:1d:32:06:3a:9e:cd:9d:06:3a:0c:32:ef:70:
4c:d9:47:60:40:8e:5e:b1:b4:90:90:2f:a3:b4:8b:2b:74:51:
71:46:5f:ec:14:6a:81:e7:c3:63:49:77:68:d0:6c:92:4c:b6:
de:45:4b:d3:9a:e8:fa:d4:a0:21:82:f6:c1:88:a7:a1:e5:66:
fc:d4:db:d6:e0:64:63:32:c5:78:f1:da:22:a3:70:41:5a:d5:
cb:35:56:75:24:ce:16:39:9d:77:c3:23:25:53:a3:e0:e4:07:
41:d7:3a:4c:58:52:f2:28:f5:52:15:e3:73:83:71:f7:a0:27:
a2:88:05:62:71:65:b9:d9:c2:8e:2c:2d:0b:39:18:6e:62:00:
aa:b6:51:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbbYB3s52Iaws/ENheGmREuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODRjZmE3ODQ0MzQwMjM3ZmU1OWEzODI1YjU0ZjNmNzdl
ZDg1MzIwHhcNMjMwMzEzMTQyOTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ0OGE1ZjAwYzYwZmYxNDI2Zjc4M2Q3NjAzNDFkYmRkMjBiY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmweKp631Ow4GfX8dEckjKOLIE/h8
WY20xkrritOl+leHAVtnVLw51Al0BD5jgogT/+RB2goEAdaVMdIDcI00HbVbcwjA
1hmQuWHKJA2LPoZhMkICzjMobpCrl4MGaKdI/vFKIFmRejR5eeYQJcoVDx0vbifw
OQObgIGUCYqi92rzgAKMP+zA24Bfucryq693/Uf7Z7+J5c8vkEQvyWyLRxI1pj+0
0iy/Iid4Wkx05hQW2XpzPCPST9lc1zYmvLBJfk7/RTQXbzVwA5/+CybOGkxQw3rh
57MN27cN2VhlCVWYLzXYHf4D5czLbTYrfBTA7ybSQpJPIYE9RGywo8d9owIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNpEil8Axg/xQm94PXYDQdvdILzwMB8GA1UdIwQY
MBaAFGKEz6eEQ0Ajf+WaOCW1Tz937YUyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEt
ZjM4ZjhmZTc5NGQ0LzEvMmtTS1h3REdEX0ZDYjNnOWRnTkIyOTBndlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEtZjM4ZjhmZTc5NGQ0
LzEvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTx0MA0E
AgACMAcDBQAqAnHgMA0GCSqGSIb3DQEBCwUAA4IBAQA17Auizz5hZb9520EtjlUm
gu2BB5PVHNRNbdGGstC2jGJePsXRmcd/lv5OKiDw6DOS2bKgrSq8FeBgxQhI75lT
aL0sinKrWqGPAi8Ln1q6DRca030U573yhhSrIt2IYC8BpuAFhu59x7XsvFUM6EPY
Ax0yBjqezZ0GOgwy73BM2UdgQI5esbSQkC+jtIsrdFFxRl/sFGqB58NjSXdo0GyS
TLbeRUvTmuj61KAhgvbBiKeh5Wb81NvW4GRjMsV48doio3BBWtXLNVZ1JM4WOZ13
wyMlU6Pg5AdB1zpMWFLyKPVSFeNzg3H3oCeiiAVicWW52cKOLC0LORhuYgCqtlF3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:57 2024 by rpki-client on console-ams.rpki-client.org