Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/rer5BbufNEq-e2NbxxVrEXnt-rQ.roa
File: rer5BbufNEq-e2NbxxVrEXnt-rQ.roa (raw, json)
Hash identifier: cBG6N8Yy/MbrcQeAzjdASsfjXgoTMZTXeG6PCCq1nsA=
Subject key identifier: AD:EA:F9:05:BB:9F:34:4A:BE:7B:63:5B:C7:15:6B:11:79:ED:FA:B4
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 018FE3FA11ACEA6FD2014DF75CC6478B2C13
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/rer5BbufNEq-e2NbxxVrEXnt-rQ.roa
Signing time: Tue 04 Jun 2024 15:59:27 +0000
ROA not before: Tue 04 Jun 2024 15:59:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 185.5.147.0/24 maxlen: 24
195.64.120.0/24 maxlen: 24
195.64.121.0/24 maxlen: 24
195.64.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 16:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:fa:11:ac:ea:6f:d2:01:4d:f7:5c:c6:47:8b:2c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jun 4 15:59:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adeaf905bb9f344abe7b635bc7156b1179edfab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:ae:39:d0:36:ec:16:a0:07:34:1b:f8:a3:
24:57:aa:82:0e:81:f5:28:01:be:a6:b4:40:3f:85:
dc:25:90:8c:e1:f4:77:fb:8a:61:b9:91:ac:44:a5:
d0:7c:c6:3a:08:0d:bb:2c:72:a1:a8:91:c9:05:25:
cf:18:27:f1:d8:a0:e5:4c:1c:29:75:fa:f1:f2:78:
78:71:82:02:21:7a:30:9f:89:d0:7b:07:a6:07:80:
f7:95:60:a1:de:71:20:0b:a9:35:da:07:85:8b:14:
99:f2:f7:c7:32:3a:fc:57:02:44:d9:23:af:25:d2:
1f:99:d1:7d:16:8e:78:e4:22:20:d7:2c:95:51:08:
21:f4:88:99:30:8d:ef:cb:81:df:96:ad:39:08:8c:
c4:7a:55:5a:7a:3a:ec:49:7f:12:d4:d6:63:1e:5c:
37:d1:8b:a0:77:c2:3c:cf:86:3e:a7:e0:be:9c:84:
13:92:31:1d:ef:f5:e1:6c:f6:44:c1:87:d8:63:99:
47:30:ee:d6:1c:65:7b:52:79:91:75:9e:98:25:c2:
ce:d7:2f:9b:57:d5:bd:c8:1a:a8:08:91:36:4b:2c:
8d:f2:22:67:b8:26:0e:c1:9f:05:b5:84:2c:8d:f7:
10:ed:a8:97:f8:bc:a5:2d:25:aa:db:af:1d:1b:78:
09:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:EA:F9:05:BB:9F:34:4A:BE:7B:63:5B:C7:15:6B:11:79:ED:FA:B4
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/rer5BbufNEq-e2NbxxVrEXnt-rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.147.0/24
195.64.120.0/23
195.64.123.0/24
Signature Algorithm: sha256WithRSAEncryption
11:03:a5:9e:e2:7d:94:e4:18:97:99:cf:31:7d:11:29:a3:5c:
9c:de:2b:d0:1f:69:69:c2:ec:06:fa:d8:7a:d6:ed:70:20:c6:
68:fd:8b:c2:fa:4a:72:5e:11:b6:fb:58:cf:37:29:72:f7:e8:
ad:fe:8c:27:71:43:e1:5a:19:cb:3b:7e:fe:db:51:c5:5f:7c:
a3:0d:62:49:c1:cb:d3:37:93:f9:fa:76:60:97:98:17:ea:af:
10:be:cb:65:f1:10:77:53:3d:d1:2f:ef:de:e3:80:85:5c:37:
27:e1:25:61:d6:cd:b5:5d:37:3c:a2:90:2c:ca:7a:e6:9e:fe:
5e:46:7d:1b:a5:40:f1:ed:09:fe:b1:82:91:2b:a6:38:86:69:
b0:8f:5e:6e:1d:b9:e9:00:e0:cf:87:b3:c2:b8:75:da:66:89:
8b:69:44:0f:64:5d:ed:d2:62:87:94:55:c2:25:f5:86:b7:14:
a3:14:78:e8:cf:4e:ee:91:43:da:4d:11:76:db:ba:18:bf:bf:
7c:6a:33:77:ed:86:85:0e:7c:32:66:6e:1d:fc:42:90:d7:33:
5e:91:ad:78:55:7b:42:a5:11:44:a9:ea:a4:70:0d:b0:20:61:
b2:2b:1d:cc:ab:f7:b6:3e:18:cf:cd:26:ab:b4:b5:9a:d8:6d:
a5:38:68:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/j+hGs6m/SAU33XMZHiywTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjQwNjA0MTU1OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGVhZjkwNWJiOWYzNDRhYmU3YjYzNWJjNzE1NmIxMTc5ZWRmYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/WuOdA27BagBzQb+KMkV6qCDoH1
KAG+prRAP4XcJZCM4fR3+4phuZGsRKXQfMY6CA27LHKhqJHJBSXPGCfx2KDlTBwp
dfrx8nh4cYICIXown4nQewemB4D3lWCh3nEgC6k12geFixSZ8vfHMjr8VwJE2SOv
JdIfmdF9Fo545CIg1yyVUQgh9IiZMI3vy4Hflq05CIzEelVaejrsSX8S1NZjHlw3
0Yugd8I8z4Y+p+C+nIQTkjEd7/XhbPZEwYfYY5lHMO7WHGV7UnmRdZ6YJcLO1y+b
V9W9yBqoCJE2SyyN8iJnuCYOwZ8FtYQsjfcQ7aiX+LylLSWq268dG3gJRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK3q+QW7nzRKvntjW8cVaxF57fq0MB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvcmVyNUJidWZORXEtZTJOYnh4VnJFWG50LXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuQWTAwQB
w0B4AwQAw0B7MA0GCSqGSIb3DQEBCwUAA4IBAQARA6We4n2U5BiXmc8xfREpo1yc
3ivQH2lpwuwG+th61u1wIMZo/YvC+kpyXhG2+1jPNyly9+it/owncUPhWhnLO37+
21HFX3yjDWJJwcvTN5P5+nZgl5gX6q8Qvstl8RB3Uz3RL+/e44CFXDcn4SVh1s21
XTc8opAsynrmnv5eRn0bpUDx7Qn+sYKRK6Y4hmmwj15uHbnpAODPh7PCuHXaZomL
aUQPZF3t0mKHlFXCJfWGtxSjFHjoz07ukUPaTRF227oYv798ajN37YaFDnwyZm4d
/EKQ1zNeka14VXtCpRFEqeqkcA2wIGGyKx3Mq/e2PhjPzSartLWa2G2lOGjs
-----END CERTIFICATE-----
Generated at Wed Jun 19 20:09:56 2024 by rpki-client on console-ams.rpki-client.org