Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/5KOftl-M3CPVhn0HV4JMoJyi08Y.roa
File: 5KOftl-M3CPVhn0HV4JMoJyi08Y.roa (raw, json)
Hash identifier: 41cMyefQFT+W7l4aKWMLN+crLJQwv7Wvji7M695tvks=
Subject key identifier: E4:A3:9F:B6:5F:8C:DC:23:D5:86:7D:07:57:82:4C:A0:9C:A2:D3:C6
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 0188BE19D23D56A1EF49E7FDD2CFFFFB01AC
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/5KOftl-M3CPVhn0HV4JMoJyi08Y.roa
Signing time: Thu 15 Jun 2023 08:09:03 +0000
ROA not before: Thu 15 Jun 2023 08:09:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203614
IP address blocks: 185.128.60.0/22 maxlen: 22
185.128.61.0/24 maxlen: 24
185.128.60.0/24 maxlen: 24
185.128.63.0/24 maxlen: 24
185.128.62.0/24 maxlen: 24
185.253.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 12:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:19:d2:3d:56:a1:ef:49:e7:fd:d2:cf:ff:fb:01:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jun 15 08:09:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4a39fb65f8cdc23d5867d0757824ca09ca2d3c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:47:17:9b:64:c1:23:45:3d:56:14:50:1e:30:
3d:3d:1b:1f:4d:26:30:ea:04:e9:42:e8:50:5a:f9:
75:79:5d:57:36:ef:4e:b3:ae:b2:6d:81:46:2c:44:
71:74:d5:13:ce:39:3e:cd:88:c0:e5:59:df:1c:5e:
95:57:60:12:fb:2d:95:d7:48:e1:18:92:5b:89:cb:
bb:16:d3:17:e6:16:59:4b:7e:3f:21:5c:20:c2:d2:
6b:a2:d4:f0:e6:b6:a0:92:9e:19:a0:32:33:b0:3b:
36:b9:87:0e:ba:c2:de:b7:14:7c:a6:01:6f:28:b5:
9b:45:76:e6:df:c2:aa:30:fc:7f:4f:39:f7:50:e9:
14:ab:7f:45:70:54:92:e3:00:99:df:5f:06:8f:ef:
8a:79:b0:15:00:19:3d:0a:f5:6a:52:d1:7d:a6:59:
b4:86:e4:98:e0:94:16:ab:59:30:30:39:0c:8f:cd:
98:b8:e3:5d:2b:a8:0e:ce:f2:91:55:85:02:c4:44:
5e:90:d0:57:fa:33:67:d7:e6:52:c0:53:9f:d0:31:
fc:af:01:7c:b7:e6:ef:3b:9e:1c:57:fe:bc:7d:da:
fa:13:8c:d4:6c:e9:bb:53:bd:51:15:9f:f4:14:e7:
dc:06:c3:0b:ec:48:e0:a5:b6:55:d2:9a:81:43:69:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A3:9F:B6:5F:8C:DC:23:D5:86:7D:07:57:82:4C:A0:9C:A2:D3:C6
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/5KOftl-M3CPVhn0HV4JMoJyi08Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
185.253.147.0/24
Signature Algorithm: sha256WithRSAEncryption
89:21:55:01:df:ea:2b:3e:b5:b1:cf:ac:dd:b7:7c:8e:5a:2b:
84:43:e4:83:7a:25:8a:05:1e:09:fb:d6:e7:5c:b4:f3:dc:9a:
4c:81:86:c7:37:c8:a1:b1:71:59:25:a3:11:8a:86:2c:54:4c:
ad:d6:01:64:dd:9e:1b:32:7f:8a:57:9e:7e:02:07:93:3e:0b:
e1:b9:b3:91:0a:9c:c2:85:6b:80:f8:0e:89:33:75:9c:68:3e:
b3:28:a7:6c:59:b8:df:0b:d6:ef:80:9d:22:2c:1a:a7:31:34:
42:82:d2:1c:45:b3:7f:ab:c3:f8:a6:bf:03:1d:29:90:4f:0f:
65:33:63:1b:00:91:50:c3:d3:7b:8f:af:c2:c5:7d:25:7b:12:
23:7a:e5:93:a5:05:f4:42:b7:55:01:31:13:f2:cd:e7:05:c2:
59:b7:d1:ba:9f:dc:13:c1:18:97:a3:62:45:9c:d2:d8:60:c3:
f6:56:4c:36:0c:67:06:e6:2f:5e:35:d4:98:a6:35:0d:0e:2e:
c8:9d:1e:bc:fd:48:36:a6:46:9e:85:43:a2:8c:00:0b:e2:5c:
5a:8f:9d:4e:f9:73:97:31:53:8f:8c:cf:59:c5:9d:eb:ac:af:
8a:16:34:d1:a2:df:29:97:68:f4:55:cf:8b:66:69:8c:91:db:
a6:b7:08:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi+GdI9VqHvSef90s//+wGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwNjE1MDgwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGEzOWZiNjVmOGNkYzIzZDU4NjdkMDc1NzgyNGNhMDljYTJkM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9UcXm2TBI0U9VhRQHjA9PRsfTSYw
6gTpQuhQWvl1eV1XNu9Os66ybYFGLERxdNUTzjk+zYjA5VnfHF6VV2AS+y2V10jh
GJJbicu7FtMX5hZZS34/IVwgwtJrotTw5ragkp4ZoDIzsDs2uYcOusLetxR8pgFv
KLWbRXbm38KqMPx/Tzn3UOkUq39FcFSS4wCZ318Gj++KebAVABk9CvVqUtF9plm0
huSY4JQWq1kwMDkMj82YuONdK6gOzvKRVYUCxERekNBX+jNn1+ZSwFOf0DH8rwF8
t+bvO54cV/68fdr6E4zUbOm7U71RFZ/0FOfcBsML7EjgpbZV0pqBQ2njtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOSjn7ZfjNwj1YZ9B1eCTKCcotPGMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvNUtPZnRsLU0zQ1BWaG4wSFY0Sk1vSnlpMDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYA8AwQA
uf2TMA0GCSqGSIb3DQEBCwUAA4IBAQCJIVUB3+orPrWxz6zdt3yOWiuEQ+SDeiWK
BR4J+9bnXLTz3JpMgYbHN8ihsXFZJaMRioYsVEyt1gFk3Z4bMn+KV55+AgeTPgvh
ubORCpzChWuA+A6JM3WcaD6zKKdsWbjfC9bvgJ0iLBqnMTRCgtIcRbN/q8P4pr8D
HSmQTw9lM2MbAJFQw9N7j6/CxX0lexIjeuWTpQX0QrdVATET8s3nBcJZt9G6n9wT
wRiXo2JFnNLYYMP2Vkw2DGcG5i9eNdSYpjUNDi7InR68/Ug2pkaehUOijAAL4lxa
j51O+XOXMVOPjM9ZxZ3rrK+KFjTRot8pl2j0Vc+LZmmMkdumtwiV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:39 2024 by rpki-client on console-ams.rpki-client.org