Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/60wEqLH7ezJMjllRpdNxfzHQW6A.roa
File: 60wEqLH7ezJMjllRpdNxfzHQW6A.roa (raw, json)
Hash identifier: ihnx35O1z8WulR2lPFw5dTcZC7sHkLNFqhUwQH1zQMg=
Subject key identifier: EB:4C:04:A8:B1:FB:7B:32:4C:8E:59:51:A5:D3:71:7F:31:D0:5B:A0
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 018CC86F07E1146DC081B381AFCA59A15751
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/60wEqLH7ezJMjllRpdNxfzHQW6A.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197068
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 14:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:07:e1:14:6d:c0:81:b3:81:af:ca:59:a1:57:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb4c04a8b1fb7b324c8e5951a5d3717f31d05ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:94:25:ff:e4:a3:51:a7:f9:fb:96:02:1a:82:
3b:e1:17:80:3e:d6:76:c3:2b:41:9e:e3:da:9e:43:
e0:be:ed:cc:87:03:6e:7c:27:50:a0:3b:be:49:52:
e7:43:43:cb:f0:b8:a6:b8:45:68:4b:c7:32:b7:8b:
7a:c5:09:fe:da:f2:a7:5b:7b:d3:ca:36:37:f7:19:
7e:a8:ef:f1:86:94:0b:fe:69:25:e5:51:9b:51:3a:
81:5b:33:c4:ad:65:87:5c:08:f7:96:b7:ec:f7:58:
97:41:b9:d7:4b:c0:d6:16:e3:ce:33:29:60:33:c2:
7f:de:39:4a:e3:65:37:36:16:bf:ef:cb:6b:a3:d1:
ff:f9:76:a3:7d:4c:7d:9b:1d:24:9a:4a:f6:bb:95:
31:e5:e7:74:24:98:b0:32:ee:7a:c1:85:72:63:8c:
56:fc:db:bd:1b:48:9a:3c:09:04:e3:ab:d7:91:87:
d0:aa:08:6d:c7:8a:28:f3:fb:5c:0e:01:85:b8:eb:
26:dc:bf:2e:9d:7d:a3:d4:0f:9a:70:65:60:c3:26:
2c:36:eb:80:df:1d:16:4b:32:32:c8:70:57:f1:d0:
b0:1e:c5:2b:7b:3b:97:35:c8:5b:8f:7c:e2:cd:6d:
ef:0c:78:2b:10:06:93:c7:1a:21:61:9c:23:c9:c1:
d2:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4C:04:A8:B1:FB:7B:32:4C:8E:59:51:A5:D3:71:7F:31:D0:5B:A0
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/60wEqLH7ezJMjllRpdNxfzHQW6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:c9:6a:0f:b8:a1:e6:05:83:b7:6b:1f:36:1d:7e:fc:0f:7d:
01:a0:be:e9:0f:bc:d4:52:48:77:6f:a6:cd:40:6d:a6:55:1a:
23:91:ea:7a:a9:cf:7f:13:2e:07:de:c6:12:54:e2:de:3e:40:
2e:2e:7f:4f:3a:77:d6:63:22:7d:15:92:04:48:26:59:f3:9e:
d9:b7:73:46:ec:ba:e9:dd:4e:a6:11:d7:3c:36:cc:27:76:07:
6e:ef:52:a6:c2:00:4b:d5:22:63:9d:0a:ff:8e:29:5c:b4:96:
34:1b:a2:ff:92:c3:d4:32:d6:c6:a3:39:3b:ce:8e:66:f4:99:
72:d1:a8:2c:04:14:63:b0:ff:15:2e:d3:3e:b4:06:ff:38:1b:
7e:4b:2f:55:f6:04:65:33:fe:65:87:bc:3e:06:42:7a:6b:82:
df:31:a5:6d:e9:74:6a:88:1d:0b:9a:e0:11:bc:fa:1f:3e:c3:
07:f0:01:aa:52:a9:a0:92:42:eb:6b:ac:9e:9c:3f:15:82:47:
97:1e:38:9c:f8:f2:2b:0b:3d:29:f8:62:ab:d5:8d:05:70:84:
11:c7:e9:24:8c:79:90:68:fb:63:aa:59:19:ee:da:02:48:5a:
e6:f9:82:4d:a0:18:78:23:60:bf:01:95:69:4e:b6:16:31:b4:
bb:d7:c6:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIbwfhFG3AgbOBr8pZoVdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjRjMDRhOGIxZmI3YjMyNGM4ZTU5NTFhNWQzNzE3ZjMxZDA1YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZQl/+SjUaf5+5YCGoI74ReAPtZ2
wytBnuPankPgvu3MhwNufCdQoDu+SVLnQ0PL8LimuEVoS8cyt4t6xQn+2vKnW3vT
yjY39xl+qO/xhpQL/mkl5VGbUTqBWzPErWWHXAj3lrfs91iXQbnXS8DWFuPOMylg
M8J/3jlK42U3Nha/78tro9H/+XajfUx9mx0kmkr2u5Ux5ed0JJiwMu56wYVyY4xW
/Nu9G0iaPAkE46vXkYfQqghtx4oo8/tcDgGFuOsm3L8unX2j1A+acGVgwyYsNuuA
3x0WSzIyyHBX8dCwHsUrezuXNchbj3zizW3vDHgrEAaTxxohYZwjycHSSQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOtMBKix+3syTI5ZUaXTcX8x0FugMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvNjB3RXFMSDdlekpNamxsUnBkTnhmekhRVzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsvjoAwQC
uUGUAwQCuV5sMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEBCwUAA4IBAQAuyWoP
uKHmBYO3ax82HX78D30BoL7pD7zUUkh3b6bNQG2mVRojkep6qc9/Ey4H3sYSVOLe
PkAuLn9POnfWYyJ9FZIESCZZ857Zt3NG7Lrp3U6mEdc8Nswndgdu71KmwgBL1SJj
nQr/jilctJY0G6L/ksPUMtbGozk7zo5m9Jly0agsBBRjsP8VLtM+tAb/OBt+Sy9V
9gRlM/5lh7w+BkJ6a4LfMaVt6XRqiB0LmuARvPofPsMH8AGqUqmgkkLra6yenD8V
gkeXHjic+PIrCz0p+GKr1Y0FcIQRx+kkjHmQaPtjqlkZ7toCSFrm+YJNoBh4I2C/
AZVpTrYWMbS718YE
-----END CERTIFICATE-----
Generated at Wed Mar 13 19:59:49 2024 by rpki-client on console-ams.rpki-client.org