Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/VKbKgp1-jCSn5bcOXBm__BYVsY4.roa
File: VKbKgp1-jCSn5bcOXBm__BYVsY4.roa (raw, json)
Hash identifier: uzXfZszQf2ztem7bakf0ZJNkUk5SaPRv644lLd/qEDc=
Subject key identifier: 54:A6:CA:82:9D:7E:8C:24:A7:E5:B7:0E:5C:19:BF:FC:16:15:B1:8E
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 018968FEA906AAE164647FE54318A417ACEF
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/VKbKgp1-jCSn5bcOXBm__BYVsY4.roa
Signing time: Tue 18 Jul 2023 12:34:27 +0000
ROA not before: Tue 18 Jul 2023 12:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203614
IP address blocks: 185.128.60.0/22 maxlen: 22
185.128.61.0/24 maxlen: 24
185.128.60.0/24 maxlen: 24
185.128.63.0/24 maxlen: 24
185.128.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:fe:a9:06:aa:e1:64:64:7f:e5:43:18:a4:17:ac:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jul 18 12:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54a6ca829d7e8c24a7e5b70e5c19bffc1615b18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:57:af:22:c2:35:36:57:f1:ec:07:af:af:59:
5c:19:d8:b0:78:67:b2:c9:2f:cb:11:87:d0:90:3d:
61:d5:b2:88:dc:d0:14:e9:0e:a8:b1:a3:75:74:35:
d5:af:44:27:40:73:e6:1f:4e:f9:0e:0e:d7:5c:56:
ff:e0:cb:6e:a3:f5:3d:82:33:8b:c0:d7:a1:b2:7a:
f2:2d:78:f4:d1:de:33:c8:82:e7:d9:d7:7f:3f:36:
55:5c:67:ad:9b:48:53:df:15:1e:72:ae:5c:4b:47:
6c:5e:10:61:99:d6:05:6f:5a:a5:92:21:cb:35:34:
cb:60:1f:8d:fd:b2:9b:a5:da:98:a8:7c:fc:23:ec:
1c:19:cb:35:84:c1:3d:ad:bd:9b:0d:89:ba:ff:2b:
a3:23:c5:d4:4f:c3:05:1f:08:9c:6e:c0:e5:22:f1:
a5:7a:8c:e5:bf:e5:e9:54:1e:f1:a4:9a:98:44:80:
1b:74:27:d5:5f:0e:e8:5f:1a:97:05:5b:d8:c5:0e:
44:1e:81:08:db:3b:d4:be:53:e6:37:15:ad:48:99:
94:3b:8c:3b:f6:b9:2d:2b:3b:ec:92:c7:ab:95:57:
d4:e4:d8:c9:ee:86:22:50:e6:c0:6f:9a:36:ea:e0:
f1:0e:8f:c4:ed:8b:a6:8f:80:89:a1:51:4e:ab:e8:
84:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A6:CA:82:9D:7E:8C:24:A7:E5:B7:0E:5C:19:BF:FC:16:15:B1:8E
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/VKbKgp1-jCSn5bcOXBm__BYVsY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:f6:26:e9:4d:9e:50:21:f2:eb:03:63:07:47:26:03:05:68:
d0:e9:2b:bb:37:82:dd:82:71:cc:7f:22:5a:8b:98:61:94:89:
45:9e:1c:0c:95:e3:29:70:67:9e:f6:c9:b1:f1:04:e2:44:46:
8c:30:e4:f2:f6:7e:88:69:34:1e:05:d5:88:0b:30:7b:42:6a:
fe:56:48:74:b6:dc:46:13:ac:7a:16:ce:6e:c2:88:a5:30:ae:
2a:59:07:c4:f4:a9:e3:d5:a1:86:58:34:4e:df:f3:10:c9:f2:
1f:11:91:02:c0:52:e3:51:44:d4:99:12:30:9b:96:be:87:3e:
ef:e7:81:0c:7d:dc:62:29:98:4c:1d:29:8f:07:35:d5:4a:2e:
7a:6d:1b:c4:82:1f:27:86:5d:64:ae:51:a9:53:78:e1:1d:3c:
31:26:c0:fc:fa:20:56:fe:4a:d4:43:4b:31:2b:9b:4d:8c:54:
13:d2:69:92:81:06:a9:dc:52:17:cd:41:e8:21:69:66:2d:f7:
57:41:cc:97:7d:71:62:0e:7e:95:27:8f:b5:3b:f3:eb:d3:a1:
8a:0f:60:e7:98:3f:45:ca:9b:00:c8:d2:ad:87:28:8d:bc:11:
a4:a9:d3:fd:67:24:fa:6d:66:b5:8d:b1:05:18:07:10:6c:87:
e0:64:f8:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlo/qkGquFkZH/lQxikF6zvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwNzE4MTIzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGE2Y2E4MjlkN2U4YzI0YTdlNWI3MGU1YzE5YmZmYzE2MTViMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFevIsI1Nlfx7Aevr1lcGdiweGey
yS/LEYfQkD1h1bKI3NAU6Q6osaN1dDXVr0QnQHPmH075Dg7XXFb/4Mtuo/U9gjOL
wNehsnryLXj00d4zyILn2dd/PzZVXGetm0hT3xUecq5cS0dsXhBhmdYFb1qlkiHL
NTTLYB+N/bKbpdqYqHz8I+wcGcs1hME9rb2bDYm6/yujI8XUT8MFHwicbsDlIvGl
eozlv+XpVB7xpJqYRIAbdCfVXw7oXxqXBVvYxQ5EHoEI2zvUvlPmNxWtSJmUO4w7
9rktKzvskserlVfU5NjJ7oYiUObAb5o26uDxDo/E7Yumj4CJoVFOq+iEeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSmyoKdfowkp+W3DlwZv/wWFbGOMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvVktiS2dwMS1qQ1NuNWJjT1hCbV9fQllWc1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA8MA0G
CSqGSIb3DQEBCwUAA4IBAQCw9ibpTZ5QIfLrA2MHRyYDBWjQ6Su7N4LdgnHMfyJa
i5hhlIlFnhwMleMpcGee9smx8QTiREaMMOTy9n6IaTQeBdWICzB7Qmr+Vkh0ttxG
E6x6Fs5uwoilMK4qWQfE9Knj1aGGWDRO3/MQyfIfEZECwFLjUUTUmRIwm5a+hz7v
54EMfdxiKZhMHSmPBzXVSi56bRvEgh8nhl1krlGpU3jhHTwxJsD8+iBW/krUQ0sx
K5tNjFQT0mmSgQap3FIXzUHoIWlmLfdXQcyXfXFiDn6VJ4+1O/Pr06GKD2DnmD9F
ypsAyNKthyiNvBGkqdP9ZyT6bWa1jbEFGAcQbIfgZPgz
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:06 2024 by rpki-client on console-ams.rpki-client.org