Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/CmTovFQJlbc_kWf8UGxsuROswIM.roa
File: CmTovFQJlbc_kWf8UGxsuROswIM.roa (raw, json)
Hash identifier: XUQ5VY32NiSFvBIpl/Egm4L30E4yKZsrPnatLwAmfJA=
Subject key identifier: 0A:64:E8:BC:54:09:95:B7:3F:91:67:FC:50:6C:6C:B9:13:AC:C0:83
Certificate issuer: /CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Certificate serial: 018CC8012C8283D1C3E16898045A61DCE8A2
Authority key identifier: 62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/CmTovFQJlbc_kWf8UGxsuROswIM.roa
Signing time: Tue 02 Jan 2024 02:29:29 +0000
ROA not before: Tue 02 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201905
IP address blocks: 185.60.116.0/24 maxlen: 24
185.60.116.0/22 maxlen: 24
185.60.118.0/23 maxlen: 23
185.60.117.0/24 maxlen: 24
2a02:71e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 16:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2c:82:83:d1:c3:e1:68:98:04:5a:61:dc:e8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6284cfa7844340237fe59a3825b54f3f77ed8532
Validity
Not Before: Jan 2 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a64e8bc540995b73f9167fc506c6cb913acc083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:30:2e:a8:4d:d1:12:d9:d2:f9:cb:1b:c8:49:
34:bb:d0:fe:1f:5f:d4:ea:77:47:2e:26:d3:93:27:
5e:40:d7:4c:61:a0:fb:ef:99:20:00:4f:ca:26:b1:
7c:76:47:57:df:b5:31:42:87:1d:25:18:2a:da:87:
11:46:d7:51:d3:73:86:3b:8b:a5:42:0a:72:d7:ed:
a0:bf:3f:5f:d4:9c:7d:1c:e2:de:8a:be:4f:27:0b:
32:f2:43:e0:03:d1:a5:07:5e:69:0c:c3:03:56:d3:
45:61:ac:d3:a5:68:76:7f:72:ee:21:a5:56:59:cf:
ff:3e:fc:bf:ff:9a:fd:5f:b2:dc:f7:5e:64:db:20:
d1:02:c1:dd:a7:d7:9d:45:0a:79:a8:f1:49:80:2b:
2d:2e:97:96:c0:ac:0c:e2:cf:c0:16:4e:f4:17:80:
fb:85:62:ad:5e:a7:0d:12:79:2f:68:14:f9:3d:30:
83:92:d0:92:2a:3a:67:3d:aa:3d:06:46:14:9c:eb:
7a:f1:e9:b4:fd:ad:66:48:69:14:fd:1f:95:81:12:
5b:65:e9:0f:e9:4d:60:b0:75:85:07:c4:a9:91:7e:
1d:f9:14:ec:36:b5:ec:ef:f1:cb:f5:f8:47:11:7b:
b1:fd:4e:55:93:a6:d5:0d:c6:4b:6a:da:d7:8a:6a:
c7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:64:E8:BC:54:09:95:B7:3F:91:67:FC:50:6C:6C:B9:13:AC:C0:83
X509v3 Authority Key Identifier:
keyid:62:84:CF:A7:84:43:40:23:7F:E5:9A:38:25:B5:4F:3F:77:ED:85:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YoTPp4RDQCN_5Zo4JbVPP3fthTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/CmTovFQJlbc_kWf8UGxsuROswIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/fc1e32-0ba7-4f8d-a5aa-f38f8fe794d4/1/YoTPp4RDQCN_5Zo4JbVPP3fthTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.116.0/22
IPv6:
2a02:71e0::/48
Signature Algorithm: sha256WithRSAEncryption
ae:ce:09:1a:c2:55:9e:0d:da:2b:aa:a8:c7:66:52:9a:b9:91:
45:43:7d:cc:bd:c4:7c:f9:86:9a:d4:52:0b:ea:57:4c:2b:84:
aa:de:41:f9:07:8d:51:67:8f:01:be:e3:f9:a2:76:61:8e:3e:
ea:a1:80:b2:48:b7:7c:fd:2e:71:23:b6:78:87:2d:eb:25:91:
fc:ba:25:b8:d8:55:ad:4b:ac:82:87:8a:96:c6:8c:63:1a:c3:
1f:93:77:8f:78:09:8f:69:ca:45:06:97:6f:6b:ac:14:b5:2d:
c6:13:d8:d5:60:45:cb:68:3d:78:f9:ed:ac:f4:d8:2e:7a:21:
eb:74:f5:dd:a7:7c:db:fa:02:d8:8c:2a:27:66:08:76:69:34:
41:63:69:ed:87:45:86:eb:2e:dd:32:ef:79:65:ac:70:e4:b5:
01:b5:b1:52:31:d1:10:21:16:54:bf:33:76:3e:f7:d9:27:66:
70:21:fb:56:61:cb:b2:e3:af:79:ca:15:09:3b:ec:b2:47:34:
82:a3:93:91:d7:e4:b3:59:2c:66:2a:5c:66:8c:e1:2e:e3:d0:
45:a8:f5:38:a4:6f:60:a4:42:84:04:c4:ff:f6:ea:58:e5:d1:
3b:06:ab:a4:5b:8e:1d:fd:8f:d5:ca:e4:c4:6a:9c:b5:b2:b7:
b3:0a:14:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIASyCg9HD4WiYBFph3OiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyODRjZmE3ODQ0MzQwMjM3ZmU1OWEzODI1YjU0ZjNmNzdl
ZDg1MzIwHhcNMjQwMTAyMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY0ZThiYzU0MDk5NWI3M2Y5MTY3ZmM1MDZjNmNiOTEzYWNjMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTAuqE3REtnS+csbyEk0u9D+H1/U
6ndHLibTkydeQNdMYaD775kgAE/KJrF8dkdX37UxQocdJRgq2ocRRtdR03OGO4ul
Qgpy1+2gvz9f1Jx9HOLeir5PJwsy8kPgA9GlB15pDMMDVtNFYazTpWh2f3LuIaVW
Wc//Pvy//5r9X7Lc915k2yDRAsHdp9edRQp5qPFJgCstLpeWwKwM4s/AFk70F4D7
hWKtXqcNEnkvaBT5PTCDktCSKjpnPao9BkYUnOt68em0/a1mSGkU/R+VgRJbZekP
6U1gsHWFB8SpkX4d+RTsNrXs7/HL9fhHEXux/U5Vk6bVDcZLatrXimrHOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFApk6LxUCZW3P5Fn/FBsbLkTrMCDMB8GA1UdIwQY
MBaAFGKEz6eEQ0Ajf+WaOCW1Tz937YUyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEt
ZjM4ZjhmZTc5NGQ0LzEvQ21Ub3ZGUUpsYmNfa1dmOFVHeHN1Uk9zd0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9mYzFlMzItMGJhNy00ZjhkLWE1YWEtZjM4ZjhmZTc5NGQ0
LzEvWW9UUHA0UkRRQ05fNVpvNEpiVlBQM2Z0aFRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuTx0MA8E
AgACMAkDBwAqAnHgAAAwDQYJKoZIhvcNAQELBQADggEBAK7OCRrCVZ4N2iuqqMdm
Upq5kUVDfcy9xHz5hprUUgvqV0wrhKreQfkHjVFnjwG+4/midmGOPuqhgLJIt3z9
LnEjtniHLeslkfy6JbjYVa1LrIKHipbGjGMawx+Td494CY9pykUGl29rrBS1LcYT
2NVgRctoPXj57az02C56Iet09d2nfNv6AtiMKidmCHZpNEFjae2HRYbrLt0y73ll
rHDktQG1sVIx0RAhFlS/M3Y+99knZnAh+1Zhy7Ljr3nKFQk77LJHNIKjk5HX5LNZ
LGYqXGaM4S7j0EWo9Tikb2CkQoQExP/26ljl0TsGq6Rbjh39j9XK5MRqnLWyt7MK
FBk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:57 2024 by rpki-client on console-ams.rpki-client.org