Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/4_xidmGF1lPWah_DisIWEC8n9AY.roa
File: 4_xidmGF1lPWah_DisIWEC8n9AY.roa (raw, json)
Hash identifier: /Kc8UmKz3ZOJ7RiacQTnIyA5AuidKvQZnnkqGedS6Ec=
Subject key identifier: E3:FC:62:76:61:85:D6:53:D6:6A:1F:C3:8A:C2:16:10:2F:27:F4:06
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 0187BEB404DCB68B144D4B9CA0911A5D80F5
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/4_xidmGF1lPWah_DisIWEC8n9AY.roa
Signing time: Wed 26 Apr 2023 17:54:41 +0000
ROA not before: Wed 26 Apr 2023 17:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8903
IP address blocks: 92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
185.66.60.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.62.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
2001:ac0::/32 maxlen: 32
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
Validation: Failed, certificate revoked on Wed 26 Apr 2023 18:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:b4:04:dc:b6:8b:14:4d:4b:9c:a0:91:1a:5d:80:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: Apr 26 17:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3fc62766185d653d66a1fc38ac216102f27f406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:ec:88:25:31:a8:f1:75:a1:a0:60:11:32:
91:40:a3:07:40:4b:14:32:0b:b8:08:cd:5b:bf:aa:
1c:a7:79:32:3f:56:28:d2:37:9e:e2:48:96:45:d4:
85:51:3b:4d:26:12:6d:f1:ea:c3:47:30:5f:55:31:
1e:07:97:a1:62:20:64:0c:d4:3e:4b:46:4a:ee:2c:
50:6a:9a:89:70:8a:1a:f0:de:59:c6:e4:c3:8d:d6:
a3:88:19:c7:06:2c:51:58:4a:4a:ad:73:f6:2e:47:
c0:aa:db:f0:29:c2:22:35:fb:60:5c:00:73:ea:54:
84:95:89:7a:a5:47:f1:4a:90:69:b1:5e:e2:01:d1:
44:78:75:84:96:82:13:e0:9d:07:b6:9c:69:52:39:
b5:51:9c:0a:52:47:e9:08:83:bc:2a:44:67:94:15:
49:6c:6d:40:3a:69:5e:f6:98:dd:c9:d2:92:c8:16:
60:90:fe:c7:7b:29:8b:cc:ef:41:a8:95:5c:40:50:
c0:8a:05:21:8c:77:36:e0:4f:0c:e5:d3:54:01:64:
69:73:9d:23:9c:9a:6a:0d:7a:52:4f:b4:fa:bd:6c:
0e:56:28:b7:ba:04:16:39:6e:f3:09:b2:56:5d:08:
1e:29:d1:f3:ee:6c:e2:10:cc:62:50:18:a2:af:15:
e8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FC:62:76:61:85:D6:53:D6:6A:1F:C3:8A:C2:16:10:2F:27:F4:06
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/4_xidmGF1lPWah_DisIWEC8n9AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.160.0/20
185.66.60.0/22
IPv6:
2001:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
56:19:ef:ba:a0:51:03:8c:1e:54:b4:58:c8:9b:95:54:8a:35:
c4:34:a0:e4:95:b0:ca:2a:64:9c:46:58:af:42:55:f9:2f:82:
9c:7d:a5:ae:bb:83:68:06:25:5d:f8:35:af:10:fa:fa:c5:f7:
41:e2:55:5f:97:b6:6f:a2:6e:f7:fa:1c:34:13:9d:9f:bb:7b:
36:29:73:01:e9:70:25:f2:2f:2c:51:8b:66:9c:5c:4d:ac:e8:
1a:c1:ee:a6:9c:8f:50:30:31:90:cc:e8:6c:fe:03:09:1a:00:
94:79:3c:1b:48:db:be:88:83:d5:80:54:1b:a7:d7:c3:ce:0c:
0c:2a:b5:c4:ee:d4:e0:8a:6f:22:92:8c:d0:6d:b6:aa:a4:49:
8f:0a:eb:90:1d:aa:ce:de:46:77:d7:73:1b:a4:01:95:84:9b:
df:88:b6:e1:1d:b0:47:16:a5:85:7e:a6:f2:59:07:69:b8:13:
79:79:a1:31:e1:fc:7f:2a:d1:6f:c5:7e:e4:f3:6e:a8:22:4b:
91:79:fb:af:5f:e8:af:de:0e:7e:79:ff:0c:3b:a3:aa:68:28:
2e:20:1e:d6:67:30:6b:b1:24:d7:f1:ce:30:f4:a7:df:0c:2e:
f3:02:76:12:eb:02:03:6a:69:02:89:19:ff:4e:2f:0a:6f:12:
e5:6e:7f:aa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe+tATctosUTUucoJEaXYD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjMwNDI2MTc1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZjNjI3NjYxODVkNjUzZDY2YTFmYzM4YWMyMTYxMDJmMjdmNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbfsiCUxqPF1oaBgETKRQKMHQEsU
Mgu4CM1bv6ocp3kyP1Yo0jee4kiWRdSFUTtNJhJt8erDRzBfVTEeB5ehYiBkDNQ+
S0ZK7ixQapqJcIoa8N5ZxuTDjdajiBnHBixRWEpKrXP2LkfAqtvwKcIiNftgXABz
6lSElYl6pUfxSpBpsV7iAdFEeHWEloIT4J0HtpxpUjm1UZwKUkfpCIO8KkRnlBVJ
bG1AOmle9pjdydKSyBZgkP7HeymLzO9BqJVcQFDAigUhjHc24E8M5dNUAWRpc50j
nJpqDXpST7T6vWwOVii3ugQWOW7zCbJWXQgeKdHz7mziEMxiUBiirxXoDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOP8YnZhhdZT1mofw4rCFhAvJ/QGMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvNF94aWRtR0YxbFBXYWhfRGlzSVdFQzhuOUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXDygAwQC
uUI8MA0EAgACMAcDBQAgAQrAMA0GCSqGSIb3DQEBCwUAA4IBAQBWGe+6oFEDjB5U
tFjIm5VUijXENKDklbDKKmScRlivQlX5L4KcfaWuu4NoBiVd+DWvEPr6xfdB4lVf
l7Zvom73+hw0E52fu3s2KXMB6XAl8i8sUYtmnFxNrOgawe6mnI9QMDGQzOhs/gMJ
GgCUeTwbSNu+iIPVgFQbp9fDzgwMKrXE7tTgim8ikozQbbaqpEmPCuuQHarO3kZ3
13MbpAGVhJvfiLbhHbBHFqWFfqbyWQdpuBN5eaEx4fx/KtFvxX7k826oIkuRefuv
X+iv3g5+ef8MO6OqaCguIB7WZzBrsSTX8c4w9KffDC7zAnYS6wIDamkCiRn/Ti8K
bxLlbn+q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:57 2024 by rpki-client on console-ams.rpki-client.org