Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/kQdTUQSdmk3HDTGYM73tORQOWbA.roa
File: kQdTUQSdmk3HDTGYM73tORQOWbA.roa (raw, json)
Hash identifier: iwLhnfDAfD2t0zkz8FXH1ocnpfuXgbo4N0TUPajO62k=
Subject key identifier: 91:07:53:51:04:9D:9A:4D:C7:0D:31:98:33:BD:ED:39:14:0E:59:B0
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 01856DD3E903F8933C4FF74296102333F81C
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/kQdTUQSdmk3HDTGYM73tORQOWbA.roa
Signing time: Sun 01 Jan 2023 14:54:42 +0000
ROA not before: Sun 01 Jan 2023 14:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203614
IP address blocks: 185.128.60.0/22 maxlen: 22
185.128.61.0/24 maxlen: 24
185.128.60.0/24 maxlen: 24
185.128.63.0/24 maxlen: 24
185.128.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 08:09:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d3:e9:03:f8:93:3c:4f:f7:42:96:10:23:33:f8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jan 1 14:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91075351049d9a4dc70d319833bded39140e59b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:25:a0:f1:da:a3:4b:ee:e9:b4:b8:27:66:9f:
64:21:8c:42:53:38:c2:34:f3:66:a9:91:9b:16:9d:
b8:eb:ba:46:75:87:33:08:3f:6b:92:14:71:30:41:
9f:f6:8c:e1:1f:e2:2b:9e:02:a3:5e:e5:26:92:1f:
14:3d:f7:89:19:ee:9a:18:08:b8:b1:04:f3:02:c8:
f1:41:1c:1d:56:56:40:ae:50:c2:03:af:8a:03:89:
9b:38:d9:45:91:d4:2b:57:73:0e:0a:cc:35:82:49:
c5:51:9c:36:f4:f0:2d:85:0e:ba:6e:5f:bd:5a:7c:
78:81:a0:25:d4:ab:62:b7:23:bd:04:f2:6f:a7:27:
61:b9:92:0c:6f:c1:8e:64:10:d8:6a:1b:76:07:d1:
68:3d:f9:e1:0a:e6:f1:49:2c:11:96:7d:98:90:b4:
08:95:00:7b:d7:e6:f8:d3:26:15:b0:d8:fc:14:69:
16:3a:1e:59:e2:af:1b:58:13:88:3a:e6:fd:59:69:
84:8e:07:79:67:09:8b:75:39:72:ca:6a:91:89:c0:
85:d9:de:9e:9b:cd:e9:e2:97:65:e4:35:80:81:5a:
b6:49:d2:68:1a:d5:59:19:93:09:e7:2f:25:f2:65:
4d:97:aa:92:8f:fd:20:f7:4c:fd:12:14:27:4b:bf:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:53:51:04:9D:9A:4D:C7:0D:31:98:33:BD:ED:39:14:0E:59:B0
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/kQdTUQSdmk3HDTGYM73tORQOWbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
73:cc:62:df:81:40:5f:ad:2c:c7:b7:8c:1d:6c:a6:7e:64:82:
1e:c6:3f:c4:7e:7e:c3:a2:a1:47:aa:9b:3a:1c:0b:0e:16:94:
cb:3b:02:dd:70:c9:90:28:9e:fa:63:cc:a9:51:07:ab:d4:4b:
2f:15:60:36:01:9b:7c:5c:6b:6f:e8:6a:a0:77:91:a5:84:fd:
c9:43:64:ea:5d:62:cf:9a:87:14:34:b1:c4:e1:a8:89:d4:19:
a7:21:7f:68:cd:b5:7b:eb:da:8c:64:da:a0:ef:4d:0c:b4:67:
b6:c6:bd:14:32:b4:50:a6:f4:35:e9:a1:b2:f2:c6:ee:5d:ed:
35:f8:6a:25:06:8a:3c:ac:cf:f9:98:3f:2d:ea:81:64:b0:25:
ae:06:44:88:7e:fb:d4:e0:56:ea:05:73:15:00:66:bd:fb:e3:
76:6a:e0:71:30:f9:81:7e:7b:44:ee:33:40:68:d6:b6:37:48:
d6:9a:14:c8:8b:01:9e:92:93:d0:74:10:f6:af:a7:a0:1b:0d:
76:ac:e6:b9:cc:4b:3d:9e:37:ab:3a:64:a1:fc:90:94:dd:82:
1d:fe:9e:46:2c:72:ab:7f:02:c7:df:87:9f:bc:e3:70:a4:37:
b3:3d:c2:25:17:2e:1f:c9:39:52:2c:d1:26:e4:0a:18:72:a9:
0e:11:f1:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt0+kD+JM8T/dClhAjM/gcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwMTAxMTQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTA3NTM1MTA0OWQ5YTRkYzcwZDMxOTgzM2JkZWQzOTE0MGU1OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCWg8dqjS+7ptLgnZp9kIYxCUzjC
NPNmqZGbFp2467pGdYczCD9rkhRxMEGf9ozhH+IrngKjXuUmkh8UPfeJGe6aGAi4
sQTzAsjxQRwdVlZArlDCA6+KA4mbONlFkdQrV3MOCsw1gknFUZw29PAthQ66bl+9
Wnx4gaAl1KtityO9BPJvpydhuZIMb8GOZBDYaht2B9FoPfnhCubxSSwRln2YkLQI
lQB71+b40yYVsNj8FGkWOh5Z4q8bWBOIOub9WWmEjgd5ZwmLdTlyymqRicCF2d6e
m83p4pdl5DWAgVq2SdJoGtVZGZMJ5y8l8mVNl6qSj/0g90z9EhQnS7+/0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEHU1EEnZpNxw0xmDO97TkUDlmwMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEva1FkVFVRU2RtazNIRFRHWU03M3RPUlFPV2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA8MA0G
CSqGSIb3DQEBCwUAA4IBAQBzzGLfgUBfrSzHt4wdbKZ+ZIIexj/Efn7DoqFHqps6
HAsOFpTLOwLdcMmQKJ76Y8ypUQer1EsvFWA2AZt8XGtv6Gqgd5GlhP3JQ2TqXWLP
mocUNLHE4aiJ1BmnIX9ozbV769qMZNqg700MtGe2xr0UMrRQpvQ16aGy8sbuXe01
+GolBoo8rM/5mD8t6oFksCWuBkSIfvvU4FbqBXMVAGa9++N2auBxMPmBfntE7jNA
aNa2N0jWmhTIiwGekpPQdBD2r6egGw12rOa5zEs9njerOmSh/JCU3YId/p5GLHKr
fwLH34efvONwpDezPcIlFy4fyTlSLNEm5AoYcqkOEfFC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:39 2024 by rpki-client on console-ams.rpki-client.org