Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/K-dI6yc3HnOt0CxRX_Vy-SJrz8E.roa
File: K-dI6yc3HnOt0CxRX_Vy-SJrz8E.roa (raw, json)
Hash identifier: YrLDjIsHfz1gQgrwKLlVdIsgfKeCJy9N4wHxrnQwTU0=
Subject key identifier: 2B:E7:48:EB:27:37:1E:73:AD:D0:2C:51:5F:F5:72:F9:22:6B:CF:C1
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 018CC727348068521FFFD9390F5B9D3D90A1
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/K-dI6yc3HnOt0CxRX_Vy-SJrz8E.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204229
IP address blocks: 178.212.60.0/22 maxlen: 22
185.191.60.0/23 maxlen: 23
185.191.62.0/23 maxlen: 23
185.241.118.0/23 maxlen: 23
185.241.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 29 Mar 2024 14:46:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:34:80:68:52:1f:ff:d9:39:0f:5b:9d:3d:90:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2be748eb27371e73add02c515ff572f9226bcfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:d6:cf:32:58:66:54:9c:00:cf:5c:45:b3:
f0:e1:74:22:c9:4f:b0:4a:41:f1:96:1d:64:0e:0d:
bc:b6:9e:60:e3:4d:b5:3a:a4:1a:9b:4a:17:0e:53:
2f:c4:3d:39:ef:64:75:c5:d5:db:4b:c4:72:a5:d6:
16:56:3e:a0:7d:e4:fe:d7:8c:17:09:da:17:95:79:
f4:07:06:51:08:a6:5a:d6:14:45:86:ab:24:fd:34:
80:cb:06:f8:a6:9b:ef:bd:78:64:ae:3c:45:8f:27:
08:be:db:d7:1c:f4:c1:1c:3a:8b:05:34:70:bd:ea:
36:57:e4:5e:c6:4a:3b:a8:e3:cf:7f:74:b1:0c:e3:
60:c3:c6:e4:8a:33:8f:0e:ee:99:1a:7a:89:a0:bc:
5b:0b:e0:22:87:8b:ea:ae:47:12:41:fd:76:fa:b0:
3d:69:05:3d:a2:fd:cc:83:57:93:1e:c5:18:fc:e6:
27:86:96:95:21:c1:fe:aa:14:91:47:97:42:60:5d:
32:df:d9:1e:ba:bd:9f:e4:9c:51:db:65:be:4a:c7:
df:fe:d4:90:76:e2:81:32:a6:ef:62:4e:01:81:80:
b8:f6:8c:3c:e6:58:d4:1c:be:93:85:cb:31:5e:a6:
3d:10:17:2d:e2:77:66:4a:c8:9b:37:bc:9c:d8:9e:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E7:48:EB:27:37:1E:73:AD:D0:2C:51:5F:F5:72:F9:22:6B:CF:C1
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/K-dI6yc3HnOt0CxRX_Vy-SJrz8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.60.0/22
185.191.60.0/22
185.241.116.0/22
Signature Algorithm: sha256WithRSAEncryption
46:f0:c1:98:1c:ee:76:56:05:23:33:86:5b:0a:34:51:d4:c9:
7e:ce:9a:4c:a9:8b:1d:24:dd:43:c9:a1:2a:83:56:85:83:16:
9a:a4:d9:bc:12:dc:12:86:74:3b:e5:a9:f6:37:35:e7:a0:4d:
fc:de:b0:6e:dd:16:ae:d5:a2:82:84:20:f3:f3:c9:5f:12:5f:
5c:3b:95:e9:a4:b7:cb:da:0f:05:79:87:95:74:15:3e:52:9c:
c7:59:8a:ca:57:94:9d:f6:73:0c:72:b2:04:ae:99:91:e7:31:
51:46:00:c1:4c:09:66:64:e7:78:a6:37:27:1d:9b:41:28:51:
44:fa:15:20:9c:4e:7e:f1:10:b7:c5:71:b3:5e:74:0e:ff:75:
7a:5f:8c:d8:11:99:32:58:b5:ae:4a:7f:7d:8b:01:f9:5e:58:
7a:f2:5e:0c:fa:03:b2:cf:34:19:93:33:5a:33:c4:a1:85:32:
cc:cc:a7:b8:37:4e:12:76:cd:25:f6:e6:6e:5c:f3:ab:c1:61:
1e:7f:a8:da:80:3e:86:8d:5d:d6:85:ef:01:23:b8:15:03:b0:
55:d1:df:8e:ab:ae:13:76:38:19:6a:b4:64:02:07:22:c4:c4:
97:5d:7e:f8:6c:24:4f:e6:51:0d:6b:cc:d3:2d:30:97:1d:96:
20:e7:8b:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJzSAaFIf/9k5D1udPZChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmU3NDhlYjI3MzcxZTczYWRkMDJjNTE1ZmY1NzJmOTIyNmJjZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopjWzzJYZlScAM9cRbPw4XQiyU+w
SkHxlh1kDg28tp5g4021OqQam0oXDlMvxD0572R1xdXbS8RypdYWVj6gfeT+14wX
CdoXlXn0BwZRCKZa1hRFhqsk/TSAywb4ppvvvXhkrjxFjycIvtvXHPTBHDqLBTRw
veo2V+Rexko7qOPPf3SxDONgw8bkijOPDu6ZGnqJoLxbC+Aih4vqrkcSQf12+rA9
aQU9ov3Mg1eTHsUY/OYnhpaVIcH+qhSRR5dCYF0y39keur2f5JxR22W+Ssff/tSQ
duKBMqbvYk4BgYC49ow85ljUHL6ThcsxXqY9EBct4ndmSsibN7yc2J6qAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCvnSOsnNx5zrdAsUV/1cvkia8/BMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvSy1kSTZ5YzNIbk90MEN4UlhfVnktU0pyejhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCstQ8AwQC
ub88AwQCufF0MA0GCSqGSIb3DQEBCwUAA4IBAQBG8MGYHO52VgUjM4ZbCjRR1Ml+
zppMqYsdJN1DyaEqg1aFgxaapNm8EtwShnQ75an2NzXnoE383rBu3Rau1aKChCDz
88lfEl9cO5XppLfL2g8FeYeVdBU+UpzHWYrKV5Sd9nMMcrIErpmR5zFRRgDBTAlm
ZOd4pjcnHZtBKFFE+hUgnE5+8RC3xXGzXnQO/3V6X4zYEZkyWLWuSn99iwH5Xlh6
8l4M+gOyzzQZkzNaM8ShhTLMzKe4N04Sds0l9uZuXPOrwWEef6jagD6GjV3Whe8B
I7gVA7BV0d+Oq64TdjgZarRkAgcixMSXXX74bCRP5lENa8zTLTCXHZYg54ub
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org