Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/CbWLxRNbulSCpdOtDkbR8F_RttI.roa
File: CbWLxRNbulSCpdOtDkbR8F_RttI.roa (raw, json)
Hash identifier: Di9uwRiGL6lwsQY0wWtsl1xJ1DN4iNma/k+snf39wVI=
Subject key identifier: 09:B5:8B:C5:13:5B:BA:54:82:A5:D3:AD:0E:46:D1:F0:5F:D1:B6:D2
Certificate issuer: /CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Certificate serial: 0187DCF25C7F7CEC4E2745A372BCA46B7BE1
Authority key identifier: 61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/CbWLxRNbulSCpdOtDkbR8F_RttI.roa
Signing time: Tue 02 May 2023 14:51:23 +0000
ROA not before: Tue 02 May 2023 14:51:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59790
IP address blocks: 185.104.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:f2:5c:7f:7c:ec:4e:27:45:a3:72:bc:a4:6b:7b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b7202c9230c289450ed5a62b17369a0659bc6b
Validity
Not Before: May 2 14:51:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b58bc5135bba5482a5d3ad0e46d1f05fd1b6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f2:5e:c8:86:c3:6d:82:1b:3c:14:72:08:22:
23:db:33:f5:93:de:4f:92:e9:24:f3:32:ef:6f:be:
54:e6:79:91:17:0f:05:da:2e:d8:f0:9a:3e:47:52:
5f:98:9a:21:ee:c8:56:78:df:4a:61:d6:09:6e:6d:
43:52:53:b0:18:32:a1:3d:43:bb:db:59:28:79:e8:
38:9c:89:d8:0a:68:75:a0:66:c9:09:49:33:ad:9d:
72:ff:4e:db:88:cb:cd:f7:98:c6:dc:03:b5:75:b4:
94:d8:39:f9:d3:cf:b2:38:64:aa:be:9b:19:bd:ce:
7f:fa:f6:ca:d1:08:fa:e0:3f:fd:81:df:c1:09:be:
3b:80:38:c8:27:4c:31:0c:c4:b3:9a:81:4e:52:2f:
c4:2f:43:be:94:8a:6c:cc:b0:95:88:fe:32:04:d1:
46:5c:b2:a0:26:a5:2f:51:98:59:a8:c3:fb:82:f9:
98:b7:05:a5:2b:52:b2:e4:db:14:0c:7c:3c:e2:0e:
e8:57:f2:b0:5a:58:81:be:8f:40:f8:28:92:e3:48:
82:cf:f8:fd:30:0f:3d:3f:3c:0b:40:79:05:f4:41:
a1:2c:69:0c:cd:7c:0d:fa:07:88:10:6b:f2:ea:d6:
5f:a6:13:27:55:dd:fb:af:c0:5c:cc:48:d0:a2:33:
9d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B5:8B:C5:13:5B:BA:54:82:A5:D3:AD:0E:46:D1:F0:5F:D1:B6:D2
X509v3 Authority Key Identifier:
keyid:61:B7:20:2C:92:30:C2:89:45:0E:D5:A6:2B:17:36:9A:06:59:BC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbcgLJIwwolFDtWmKxc2mgZZvGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/CbWLxRNbulSCpdOtDkbR8F_RttI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/61d42d-3b48-468e-9ad9-215fc390bfe4/1/YbcgLJIwwolFDtWmKxc2mgZZvGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:f3:5e:37:0c:ba:a3:e3:a0:8d:9c:36:5c:ef:2c:42:04:2f:
66:6b:7f:4a:23:d0:a3:0d:2f:8a:b1:60:9f:6c:b9:cc:5f:b1:
fd:3a:2a:19:9e:37:97:7d:58:cb:a9:a4:04:cc:24:e3:2c:19:
8a:2c:46:06:f4:a6:9d:2a:48:4f:a4:78:9c:1a:77:93:d4:3a:
6a:ec:e1:71:1b:54:f3:8a:09:12:c1:b0:b5:7b:3e:79:dd:02:
a1:fa:79:d2:85:7b:04:09:8a:bd:c0:9b:d2:df:f9:97:14:4f:
74:c4:be:1f:a2:8c:47:b0:a2:05:98:c7:65:f1:62:d9:5f:49:
a6:5e:1d:69:d5:0e:01:93:b3:15:ea:94:2b:61:f1:38:bb:df:
99:98:91:f9:a7:9d:e0:7d:89:ff:b4:a5:e9:65:c6:53:e9:42:
69:f2:1d:ad:d9:41:41:b3:7a:51:fa:2e:0d:e4:fb:43:e4:42:
26:8e:f1:42:ca:8e:2f:bd:52:7a:19:20:62:3c:93:3b:c1:30:
f2:6c:60:7f:a3:cb:c5:ca:85:80:25:2a:19:4b:1e:0a:d1:7c:
58:5f:0d:ab:5f:3d:b0:83:2c:01:bf:f0:c2:0a:ca:0a:69:2e:
d4:1c:a9:93:2c:cf:00:08:6b:6c:92:97:9e:0e:d9:ab:e6:8a:
2a:75:ce:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfc8lx/fOxOJ0Wjcryka3vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjcyMDJjOTIzMGMyODk0NTBlZDVhNjJiMTczNjlhMDY1
OWJjNmIwHhcNMjMwNTAyMTQ1MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI1OGJjNTEzNWJiYTU0ODJhNWQzYWQwZTQ2ZDFmMDVmZDFiNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vJeyIbDbYIbPBRyCCIj2zP1k95P
kukk8zLvb75U5nmRFw8F2i7Y8Jo+R1JfmJoh7shWeN9KYdYJbm1DUlOwGDKhPUO7
21koeeg4nInYCmh1oGbJCUkzrZ1y/07biMvN95jG3AO1dbSU2Dn508+yOGSqvpsZ
vc5/+vbK0Qj64D/9gd/BCb47gDjIJ0wxDMSzmoFOUi/EL0O+lIpszLCViP4yBNFG
XLKgJqUvUZhZqMP7gvmYtwWlK1Ky5NsUDHw84g7oV/KwWliBvo9A+CiS40iCz/j9
MA89PzwLQHkF9EGhLGkMzXwN+geIEGvy6tZfphMnVd37r8BczEjQojOdDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAm1i8UTW7pUgqXTrQ5G0fBf0bbSMB8GA1UdIwQY
MBaAFGG3ICySMMKJRQ7VpisXNpoGWbxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDkt
MjE1ZmMzOTBiZmU0LzEvQ2JXTHhSTmJ1bFNDcGRPdERrYlI4Rl9SdHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82MWQ0MmQtM2I0OC00NjhlLTlhZDktMjE1ZmMzOTBiZmU0
LzEvWWJjZ0xKSXd3b2xGRHRXbUt4YzJtZ1padkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWgoMA0G
CSqGSIb3DQEBCwUAA4IBAQCk8143DLqj46CNnDZc7yxCBC9ma39KI9CjDS+KsWCf
bLnMX7H9OioZnjeXfVjLqaQEzCTjLBmKLEYG9KadKkhPpHicGneT1Dpq7OFxG1Tz
igkSwbC1ez553QKh+nnShXsECYq9wJvS3/mXFE90xL4fooxHsKIFmMdl8WLZX0mm
Xh1p1Q4Bk7MV6pQrYfE4u9+ZmJH5p53gfYn/tKXpZcZT6UJp8h2t2UFBs3pR+i4N
5PtD5EImjvFCyo4vvVJ6GSBiPJM7wTDybGB/o8vFyoWAJSoZSx4K0XxYXw2rXz2w
gywBv/DCCsoKaS7UHKmTLM8ACGtskpeeDtmr5ooqdc55
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:41 2024 by rpki-client on console-ams.rpki-client.org