Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgd0MDTIgLsoaAq5f8EyWBudwxQ.roa
File: bgd0MDTIgLsoaAq5f8EyWBudwxQ.roa (raw, json)
Hash identifier: AykQlKDGvCa9OyRIlT9s/1IobzhHTBzwNi8XBiaB688=
Subject key identifier: 6E:07:74:30:34:C8:80:BB:28:68:0A:B9:7F:C1:32:58:1B:9D:C3:14
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E88E6E724F6202DB26555F0DC0E72F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgd0MDTIgLsoaAq5f8EyWBudwxQ.roa
Signing time: Mon 02 Jan 2023 09:55:44 +0000
ROA not before: Mon 02 Jan 2023 09:55:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204875
IP address blocks: 185.200.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:8e:6e:72:4f:62:02:db:26:55:5f:0d:c0:e7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e07743034c880bb28680ab97fc132581b9dc314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:b5:9a:14:77:b3:65:6c:e3:be:89:31:ff:
1a:ca:b0:01:b4:bb:ea:cb:89:ca:c8:f1:38:39:98:
7b:e5:d1:6d:5d:9c:3c:cb:b5:92:fe:6c:18:33:1a:
d1:fb:00:c7:59:aa:fc:0c:1c:6b:24:f1:af:b2:2f:
44:22:e3:87:ef:53:cd:31:24:cc:b0:5d:a4:b1:b1:
97:50:3d:de:3d:c2:e1:d6:f6:c6:d0:9b:54:25:30:
e9:eb:c7:32:75:87:13:54:95:e6:6b:84:cc:67:68:
c4:83:d1:24:63:33:98:c8:80:5c:c9:9c:99:50:05:
c1:30:3c:69:e0:55:78:70:05:e6:7e:58:7c:e7:71:
5f:23:04:9e:4d:d2:e3:bd:99:0a:b9:48:9f:69:26:
18:f9:82:70:ee:9d:b0:96:03:d3:08:a9:aa:37:73:
ce:69:e1:b9:3a:a6:cf:ba:5f:e9:6e:30:5e:8c:9f:
2d:9e:4d:a3:a7:79:95:79:ae:c6:6e:39:58:a7:d1:
df:fb:5c:52:ba:54:bd:97:ab:ff:5c:a5:34:34:37:
36:c2:1b:97:73:ce:85:bb:e0:04:0b:48:97:2a:f6:
52:58:e4:97:f3:27:57:77:9d:b3:df:29:a4:b0:5f:
97:17:b8:75:25:0e:f6:7d:d0:95:e0:2c:53:d0:a4:
e1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:74:30:34:C8:80:BB:28:68:0A:B9:7F:C1:32:58:1B:9D:C3:14
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bgd0MDTIgLsoaAq5f8EyWBudwxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.60.0/24
Signature Algorithm: sha256WithRSAEncryption
81:e5:fd:4a:40:28:d8:ed:74:d0:6a:62:1f:88:c0:83:54:ea:
31:0b:d5:2b:60:93:5a:0b:39:4f:70:93:47:be:27:1f:41:7d:
f5:40:d0:5b:75:1b:3a:a6:3e:4e:14:fa:74:a4:14:08:f9:d4:
67:89:7d:35:1d:6d:ce:51:3d:99:24:3e:1c:0a:96:0d:ff:9d:
bd:af:e5:60:af:f9:d6:7a:e9:47:5d:09:c4:87:8d:4c:75:91:
c9:54:09:e1:a7:ae:b5:8b:f1:b4:1a:19:b7:fa:81:81:8b:f9:
9e:eb:c8:e0:a8:ac:c4:9e:a5:dd:f3:1f:a6:03:ff:0e:df:aa:
a2:05:0a:63:05:a6:ca:cd:11:fa:fe:49:f7:e3:07:c6:14:7d:
13:b8:2c:b0:de:33:66:2b:7a:40:b9:72:83:a4:94:5c:8f:cc:
36:42:a4:16:5a:91:43:c4:ef:25:97:a5:31:fc:6e:c7:7b:84:
e7:2c:44:07:65:38:5c:fe:c3:04:cd:a3:3e:a3:cb:ac:5d:7f:
7d:d2:92:7e:77:94:81:5c:2c:04:e7:83:38:46:46:01:06:38:
d3:79:a8:46:12:98:e2:d4:6c:e4:e5:ff:0b:f7:32:97:29:66:
73:35:7a:46:c9:25:fe:29:ab:49:38:88:a0:3f:73:d6:3b:64:
2e:5d:73:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx6I5uck9iAtsmVV8NwOcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA3NzQzMDM0Yzg4MGJiMjg2ODBhYjk3ZmMxMzI1ODFiOWRjMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAq1mhR3s2Vs476JMf8ayrABtLvq
y4nKyPE4OZh75dFtXZw8y7WS/mwYMxrR+wDHWar8DBxrJPGvsi9EIuOH71PNMSTM
sF2ksbGXUD3ePcLh1vbG0JtUJTDp68cydYcTVJXma4TMZ2jEg9EkYzOYyIBcyZyZ
UAXBMDxp4FV4cAXmflh853FfIwSeTdLjvZkKuUifaSYY+YJw7p2wlgPTCKmqN3PO
aeG5OqbPul/pbjBejJ8tnk2jp3mVea7GbjlYp9Hf+1xSulS9l6v/XKU0NDc2whuX
c86Fu+AEC0iXKvZSWOSX8ydXd52z3ymksF+XF7h1JQ72fdCV4CxT0KTh6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4HdDA0yIC7KGgKuX/BMlgbncMUMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYmdkME1EVElnTHNvYUFxNWY4RXlXQnVkd3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucg8MA0G
CSqGSIb3DQEBCwUAA4IBAQCB5f1KQCjY7XTQamIfiMCDVOoxC9UrYJNaCzlPcJNH
vicfQX31QNBbdRs6pj5OFPp0pBQI+dRniX01HW3OUT2ZJD4cCpYN/529r+Vgr/nW
eulHXQnEh41MdZHJVAnhp661i/G0Ghm3+oGBi/me68jgqKzEnqXd8x+mA/8O36qi
BQpjBabKzRH6/kn34wfGFH0TuCyw3jNmK3pAuXKDpJRcj8w2QqQWWpFDxO8ll6Ux
/G7He4TnLEQHZThc/sMEzaM+o8usXX990pJ+d5SBXCwE54M4RkYBBjjTeahGEpji
1Gzk5f8L9zKXKWZzNXpGySX+KatJOIigP3PWO2QuXXNq
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org