Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/spXITZTO8pGdKJaLenRjDrxpyPg.roa
File: spXITZTO8pGdKJaLenRjDrxpyPg.roa (raw, json)
Hash identifier: NdNjken0HNsYnthwDbDHbszPv4oJaNfoq5RmzG0UK2c=
Subject key identifier: B2:95:C8:4D:94:CE:F2:91:9D:28:96:8B:7A:74:63:0E:BC:69:C8:F8
Certificate issuer: /CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Certificate serial: 01856FDDD80A80EF2F5A6DE5E485DED7F922
Authority key identifier: 88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/spXITZTO8pGdKJaLenRjDrxpyPg.roa
Signing time: Mon 02 Jan 2023 00:24:47 +0000
ROA not before: Mon 02 Jan 2023 00:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47704
IP address blocks: 185.60.120.0/24 maxlen: 24
185.60.120.0/23 maxlen: 23
185.60.123.0/24 maxlen: 24
185.60.122.0/23 maxlen: 23
185.60.122.0/24 maxlen: 24
185.60.121.0/24 maxlen: 24
185.96.200.0/22 maxlen: 22
2a04:e840::/29 maxlen: 29
2a06:140::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:d8:0a:80:ef:2f:5a:6d:e5:e4:85:de:d7:f9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a559dcdd5bc4b66cb2496f2e6fb0e8f954aaeb
Validity
Not Before: Jan 2 00:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b295c84d94cef2919d28968b7a74630ebc69c8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:16:f8:6c:21:c9:c0:e4:60:95:4c:fc:1c:fe:
d9:b1:8e:51:53:56:f1:d8:84:0f:dd:f9:ae:61:d2:
ce:e4:75:29:43:32:84:0b:a9:10:88:71:ff:9f:48:
78:3f:a5:4f:8b:2d:be:ce:d9:65:f0:54:b3:d7:c2:
08:0a:c4:b7:95:8e:dd:e1:52:90:39:5d:76:a1:39:
21:2f:d9:cf:2e:c1:e9:de:47:af:f3:ca:a5:b7:f6:
4c:ee:8a:c4:1b:15:b7:d9:bc:58:25:ab:8a:4f:7e:
d2:7c:ce:fb:30:fb:34:a2:57:3d:05:d4:92:24:8b:
06:fd:4d:ac:d1:d9:32:f8:d3:3a:58:70:d9:4d:29:
62:71:1f:05:ee:00:8c:4f:38:30:32:d7:39:e8:6b:
20:27:a3:b4:77:3e:c4:02:b3:db:ce:7b:9e:65:21:
df:07:a2:c8:d3:52:77:41:b8:2d:76:a1:1b:f7:17:
3c:e1:e7:d2:85:c6:bc:c2:67:1b:2f:35:9d:36:16:
a2:7d:28:20:55:a2:66:ce:87:7d:21:1a:6d:7c:68:
91:14:1b:8c:86:58:9d:93:17:c6:15:5f:27:25:42:
15:35:80:63:1f:ac:a7:73:db:51:44:3a:6b:4c:4c:
21:9f:27:2f:07:1a:a5:c6:1f:0e:85:89:d1:a0:e1:
75:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:95:C8:4D:94:CE:F2:91:9D:28:96:8B:7A:74:63:0E:BC:69:C8:F8
X509v3 Authority Key Identifier:
keyid:88:A5:59:DC:DD:5B:C4:B6:6C:B2:49:6F:2E:6F:B0:E8:F9:54:AA:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKVZ3N1bxLZssklvLm-w6PlUqus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/spXITZTO8pGdKJaLenRjDrxpyPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a84cd2-45d9-4179-a997-920d2a6207a4/1/iKVZ3N1bxLZssklvLm-w6PlUqus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.120.0/22
185.96.200.0/22
IPv6:
2a04:e840::/29
2a06:140::/29
Signature Algorithm: sha256WithRSAEncryption
18:75:ac:8e:2b:e6:4c:db:ce:da:03:e9:86:12:4e:be:23:d0:
0a:e7:25:a1:86:6e:ef:70:3f:30:a8:d2:d7:78:14:78:32:b5:
21:46:1b:ff:ae:f8:8c:7b:46:b0:11:ab:98:dd:e0:61:19:6e:
46:c4:45:f4:9e:b6:b0:6f:21:06:ec:91:a5:39:56:54:9b:99:
c1:f7:50:27:bf:fd:4b:10:c3:06:b1:ef:c9:46:b7:60:d9:c6:
e6:3a:a1:5f:51:95:72:07:9d:56:f6:26:3a:62:90:3a:4f:21:
c7:ef:4d:d9:67:fd:4c:f5:1a:17:ca:1f:15:d5:b3:ee:65:a2:
dc:d1:f1:4c:bf:b4:51:79:cc:4c:5f:da:b3:b7:97:fc:00:90:
41:af:a9:6a:a0:9f:16:c1:fd:82:61:54:94:e5:05:32:1e:38:
20:a4:3a:c1:62:b2:d0:7e:91:a9:93:57:14:6f:36:4d:42:65:
7a:10:72:5a:69:9b:be:db:54:c3:04:92:b4:d9:50:d6:87:19:
7a:a1:bd:b0:af:32:ae:2a:b5:d6:e3:72:81:b4:c9:08:86:e9:
2e:f8:18:05:ee:8c:c2:dc:94:0e:cf:e5:a5:25:da:96:54:e6:
66:9c:33:18:aa:29:66:e8:95:a4:b9:bd:a5:74:c5:b2:e5:7c:
6d:65:d7:52
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVv3dgKgO8vWm3l5IXe1/kiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTU1OWRjZGQ1YmM0YjY2Y2IyNDk2ZjJlNmZiMGU4Zjk1
NGFhZWIwHhcNMjMwMTAyMDAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk1Yzg0ZDk0Y2VmMjkxOWQyODk2OGI3YTc0NjMwZWJjNjljOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRb4bCHJwORglUz8HP7ZsY5RU1bx
2IQP3fmuYdLO5HUpQzKEC6kQiHH/n0h4P6VPiy2+ztll8FSz18IICsS3lY7d4VKQ
OV12oTkhL9nPLsHp3kev88qlt/ZM7orEGxW32bxYJauKT37SfM77MPs0olc9BdSS
JIsG/U2s0dky+NM6WHDZTSlicR8F7gCMTzgwMtc56GsgJ6O0dz7EArPbznueZSHf
B6LI01J3QbgtdqEb9xc84efShca8wmcbLzWdNhaifSggVaJmzod9IRptfGiRFBuM
hlidkxfGFV8nJUIVNYBjH6ync9tRRDprTEwhnycvBxqlxh8OhYnRoOF1BQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLKVyE2UzvKRnSiWi3p0Yw68acj4MB8GA1UdIwQY
MBaAFIilWdzdW8S2bLJJby5vsOj5VKrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTct
OTIwZDJhNjIwN2E0LzEvc3BYSVRaVE84cEdkS0phTGVuUmpEcnhweVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hODRjZDItNDVkOS00MTc5LWE5OTctOTIwZDJhNjIwN2E0
LzEvaUtWWjNOMWJ4TFpzc2tsdkxtLXc2UGxVcXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTx4AwQC
uWDIMBQEAgACMA4DBQMqBOhAAwUDKgYBQDANBgkqhkiG9w0BAQsFAAOCAQEAGHWs
jivmTNvO2gPphhJOviPQCucloYZu73A/MKjS13gUeDK1IUYb/674jHtGsBGrmN3g
YRluRsRF9J62sG8hBuyRpTlWVJuZwfdQJ7/9SxDDBrHvyUa3YNnG5jqhX1GVcged
VvYmOmKQOk8hx+9N2Wf9TPUaF8ofFdWz7mWi3NHxTL+0UXnMTF/as7eX/ACQQa+p
aqCfFsH9gmFUlOUFMh44IKQ6wWKy0H6RqZNXFG82TUJlehByWmmbvttUwwSStNlQ
1ocZeqG9sK8yriq11uNygbTJCIbpLvgYBe6MwtyUDs/lpSXallTmZpwzGKopZuiV
pLm9pXTFsuV8bWXXUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:15 2024 by rpki-client on console-ams.rpki-client.org