Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fea24b-984c-45f2-8045-9a95cf823f9b/1/vF-cAIArTf3nqRTNZHT192d47uI.roa
File: vF-cAIArTf3nqRTNZHT192d47uI.roa (raw, json)
Hash identifier: 4iQRt1iMBF0ZzjPjVUP92DKe3h6LlTC4N01VZv1UfdY=
Subject key identifier: BC:5F:9C:00:80:2B:4D:FD:E7:A9:14:CD:64:74:F5:F7:67:78:EE:E2
Certificate issuer: /CN=60ff6df44826f9f10649c578eac4161670529427
Certificate serial: 01856B130869481843998BA181A318E3ACF9
Authority key identifier: 60:FF:6D:F4:48:26:F9:F1:06:49:C5:78:EA:C4:16:16:70:52:94:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YP9t9Egm-fEGScV46sQWFnBSlCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fea24b-984c-45f2-8045-9a95cf823f9b/1/vF-cAIArTf3nqRTNZHT192d47uI.roa
Signing time: Sun 01 Jan 2023 02:04:47 +0000
ROA not before: Sun 01 Jan 2023 02:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205389
IP address blocks: 185.192.83.0/24 maxlen: 24
185.192.80.0/24 maxlen: 24
185.192.82.0/24 maxlen: 24
185.192.80.0/22 maxlen: 22
185.192.81.0/24 maxlen: 24
2a0c:1a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:13:08:69:48:18:43:99:8b:a1:81:a3:18:e3:ac:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ff6df44826f9f10649c578eac4161670529427
Validity
Not Before: Jan 1 02:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc5f9c00802b4dfde7a914cd6474f5f76778eee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:49:ba:8a:3e:e6:d0:11:8c:a2:4e:c4:21:
45:ac:11:f6:cc:d8:b5:87:6f:38:13:90:25:ef:19:
28:ea:03:55:89:34:ca:8b:cf:84:61:69:43:5e:f1:
1e:54:28:63:c0:14:6d:f5:81:10:19:a1:9b:b4:3e:
c0:b0:5e:47:01:ba:1d:09:55:a5:85:81:74:d2:2d:
d0:fe:8f:42:4f:9d:7e:cd:1c:7e:97:b1:99:ab:c2:
a5:df:3c:39:20:bc:a9:6c:79:b2:e6:bd:96:51:cb:
4d:e1:a9:db:95:64:78:3e:96:1d:0e:94:37:72:89:
e0:9b:d2:a8:22:f2:b6:71:5f:56:b8:bf:ea:06:10:
43:17:a6:93:66:41:3e:15:a7:ee:1d:e6:e8:5b:24:
21:4f:ee:c2:3a:da:60:62:b3:b1:b5:63:7e:d6:ee:
1f:29:4d:96:71:74:aa:96:81:a8:7f:29:b4:cd:39:
f5:74:8f:06:74:6b:6b:56:75:c5:71:e5:ea:5f:b3:
99:c7:7a:60:c3:93:23:8e:49:70:21:84:59:82:9f:
6c:c1:34:03:d1:ea:a4:11:39:3b:5c:52:ec:a0:0a:
fc:47:a5:33:e7:26:9e:28:45:89:00:2d:f1:68:14:
2a:77:87:f6:66:31:5b:7e:f5:a2:5c:5c:60:3a:3a:
20:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5F:9C:00:80:2B:4D:FD:E7:A9:14:CD:64:74:F5:F7:67:78:EE:E2
X509v3 Authority Key Identifier:
keyid:60:FF:6D:F4:48:26:F9:F1:06:49:C5:78:EA:C4:16:16:70:52:94:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YP9t9Egm-fEGScV46sQWFnBSlCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fea24b-984c-45f2-8045-9a95cf823f9b/1/vF-cAIArTf3nqRTNZHT192d47uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fea24b-984c-45f2-8045-9a95cf823f9b/1/YP9t9Egm-fEGScV46sQWFnBSlCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.80.0/22
IPv6:
2a0c:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
94:67:19:90:c9:09:d8:53:2e:14:b1:41:52:d3:6d:fb:60:61:
4c:6b:b8:7d:6d:7e:15:b8:60:b7:11:08:dc:77:25:8a:ce:f6:
dd:0e:5b:19:32:2a:0f:ce:85:f7:25:75:41:64:95:92:fb:d8:
24:16:26:e2:6e:8b:95:41:cb:ed:25:6d:a2:d1:25:e6:7b:14:
f2:e2:68:06:fb:55:b4:76:f5:b0:22:bb:f6:2e:44:ff:ab:c4:
3f:57:71:ac:90:fe:2f:43:e2:f2:ec:88:21:de:06:49:bb:6b:
a9:1f:ac:c9:f6:74:9c:95:36:38:20:ea:4d:fe:6f:db:bb:1d:
69:34:78:00:19:cd:0c:25:38:de:ec:21:01:d0:fb:6a:78:7b:
1e:53:58:5b:7c:f6:73:80:bd:b1:95:b6:d0:1b:82:1f:4f:7e:
b0:0d:d0:78:45:b5:08:d3:40:70:42:d8:9e:f2:63:e9:8c:67:
1e:4d:d3:cb:4b:f0:2f:4e:d3:d3:5a:4f:3e:87:a1:34:ed:2f:
07:5d:50:b3:e1:d6:f5:c0:6c:d1:0b:fa:e8:f7:58:fa:4d:44:
ea:f7:d1:14:43:f0:a4:e5:af:2a:1d:42:ad:41:47:2b:ad:99:
05:0f:b6:aa:82:95:f9:71:03:ae:86:cc:4d:53:9e:80:73:e5:
a9:04:a5:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrEwhpSBhDmYuhgaMY46z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmY2ZGY0NDgyNmY5ZjEwNjQ5YzU3OGVhYzQxNjE2NzA1
Mjk0MjcwHhcNMjMwMTAxMDIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVmOWMwMDgwMmI0ZGZkZTdhOTE0Y2Q2NDc0ZjVmNzY3NzhlZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixBJuoo+5tARjKJOxCFFrBH2zNi1
h284E5Al7xko6gNViTTKi8+EYWlDXvEeVChjwBRt9YEQGaGbtD7AsF5HAbodCVWl
hYF00i3Q/o9CT51+zRx+l7GZq8Kl3zw5ILypbHmy5r2WUctN4anblWR4PpYdDpQ3
congm9KoIvK2cV9WuL/qBhBDF6aTZkE+FafuHeboWyQhT+7COtpgYrOxtWN+1u4f
KU2WcXSqloGofym0zTn1dI8GdGtrVnXFceXqX7OZx3pgw5MjjklwIYRZgp9swTQD
0eqkETk7XFLsoAr8R6Uz5yaeKEWJAC3xaBQqd4f2ZjFbfvWiXFxgOjogNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLxfnACAK03956kUzWR09fdneO7iMB8GA1UdIwQY
MBaAFGD/bfRIJvnxBknFeOrEFhZwUpQnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVA5dDlFZ20tZkVHU2NWNDZzUVdGbkJTbENjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mZWEyNGItOTg0Yy00NWYyLTgwNDUt
OWE5NWNmODIzZjliLzEvdkYtY0FJQXJUZjNucVJUTlpIVDE5MmQ0N3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mZWEyNGItOTg0Yy00NWYyLTgwNDUtOWE5NWNmODIzZjli
LzEvWVA5dDlFZ20tZkVHU2NWNDZzUVdGbkJTbENjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucBQMA0E
AgACMAcDBQAqDBoAMA0GCSqGSIb3DQEBCwUAA4IBAQCUZxmQyQnYUy4UsUFS0237
YGFMa7h9bX4VuGC3EQjcdyWKzvbdDlsZMioPzoX3JXVBZJWS+9gkFibibouVQcvt
JW2i0SXmexTy4mgG+1W0dvWwIrv2LkT/q8Q/V3GskP4vQ+Ly7Igh3gZJu2upH6zJ
9nSclTY4IOpN/m/bux1pNHgAGc0MJTje7CEB0PtqeHseU1hbfPZzgL2xlbbQG4If
T36wDdB4RbUI00BwQtie8mPpjGceTdPLS/AvTtPTWk8+h6E07S8HXVCz4db1wGzR
C/ro91j6TUTq99EUQ/Ck5a8qHUKtQUcrrZkFD7aqgpX5cQOuhsxNU56Ac+WpBKUP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:25 2024 by rpki-client on console-ams.rpki-client.org