Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/60-sfOohvXr30JdJrCrih4W-678.roa
File: 60-sfOohvXr30JdJrCrih4W-678.roa (raw, json)
Hash identifier: YGnXu7/gtUzP+6vcZdrSrtp3uN4o+NSujyMvjHTspvQ=
Subject key identifier: EB:4F:AC:7C:EA:21:BD:7A:F7:D0:97:49:AC:2A:E2:87:85:BE:EB:BF
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018B05FFADB919E6A411E76252B090A2986A
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/60-sfOohvXr30JdJrCrih4W-678.roa
Signing time: Fri 06 Oct 2023 17:18:44 +0000
ROA not before: Fri 06 Oct 2023 17:18:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 168.199.204.0/24 maxlen: 24
168.199.205.0/24 maxlen: 24
168.199.206.0/24 maxlen: 24
168.199.211.0/24 maxlen: 24
168.199.208.0/24 maxlen: 24
168.199.209.0/24 maxlen: 24
168.199.210.0/24 maxlen: 24
168.199.207.0/24 maxlen: 24
168.199.216.0/24 maxlen: 24
168.199.217.0/24 maxlen: 24
168.199.218.0/24 maxlen: 24
168.199.219.0/24 maxlen: 24
168.199.225.0/24 maxlen: 24
168.199.226.0/24 maxlen: 24
168.199.222.0/24 maxlen: 24
168.199.223.0/24 maxlen: 24
168.199.224.0/24 maxlen: 24
168.199.220.0/24 maxlen: 24
168.199.221.0/24 maxlen: 24
168.199.229.0/24 maxlen: 24
168.199.230.0/24 maxlen: 24
168.199.231.0/24 maxlen: 24
168.199.227.0/24 maxlen: 24
168.199.228.0/24 maxlen: 24
168.199.232.0/24 maxlen: 24
168.199.233.0/24 maxlen: 24
168.199.239.0/24 maxlen: 24
168.199.236.0/24 maxlen: 24
168.199.237.0/24 maxlen: 24
168.199.238.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:ff:ad:b9:19:e6:a4:11:e7:62:52:b0:90:a2:98:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Oct 6 17:18:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb4fac7cea21bd7af7d09749ac2ae28785beebbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:23:b3:1d:9d:df:f6:c2:ca:61:d8:81:33:57:
e2:a6:b7:ca:de:9e:04:ef:e5:e4:ae:83:1e:aa:20:
f6:9d:c1:25:2f:0b:f4:35:95:89:7e:f7:db:94:ac:
30:d2:de:8d:07:1d:fd:9c:29:4f:3e:a2:2b:85:4f:
e4:6b:49:50:30:3f:c5:07:8c:8a:c5:41:ed:62:e4:
ea:f6:68:41:37:ca:02:45:9e:de:9b:bb:73:8e:51:
f2:ce:e3:65:d9:1f:c0:a9:c5:1e:a3:27:6e:2f:91:
ad:9b:0d:12:47:d8:fd:52:2a:af:e3:da:3a:5a:8a:
cd:d7:33:6e:53:25:d1:45:20:74:2a:0b:3c:26:ee:
b0:eb:aa:3e:5e:6c:86:fb:4f:da:14:39:d3:cb:fc:
c6:84:cd:3e:80:03:30:0e:c4:1b:66:7b:32:1b:2f:
63:89:07:e3:8c:94:90:b1:5f:ed:2d:ed:e6:39:8a:
bd:4f:41:bb:87:08:2f:7f:4f:e4:8a:a9:98:90:e9:
55:e6:6e:d9:84:2a:44:a5:ed:23:53:d5:0c:04:dc:
ac:41:48:5d:b5:f3:a1:6e:2b:3e:1c:72:7b:1e:21:
e2:c9:24:5a:75:2a:0b:5d:4d:3d:77:09:2d:80:ef:
3a:01:ff:fb:ea:08:1f:c6:c6:4b:4b:c3:fd:f4:5a:
9a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:4F:AC:7C:EA:21:BD:7A:F7:D0:97:49:AC:2A:E2:87:85:BE:EB:BF
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/60-sfOohvXr30JdJrCrih4W-678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.204.0-168.199.211.255
168.199.216.0-168.199.239.255
Signature Algorithm: sha256WithRSAEncryption
32:a8:ff:5b:90:f7:f5:80:9d:d9:59:df:72:1e:b5:04:ef:d1:
03:b2:55:73:25:5c:62:a0:1a:31:13:87:c5:bb:6f:5a:83:f2:
8e:ec:84:b1:b1:39:dc:86:05:38:de:4b:6d:e0:65:64:78:1f:
a9:50:6d:f5:3a:8f:f4:e4:c7:d2:25:b7:fb:9b:5a:c4:99:0f:
77:f1:63:b9:f1:4a:a4:18:8a:15:f1:26:9f:44:a9:db:7d:ae:
5c:84:b5:4f:85:75:98:e8:ec:3a:e0:ae:8a:5c:b4:0f:a0:6e:
fa:f0:d1:da:91:81:26:55:fb:d1:6c:14:87:4a:d0:20:43:c7:
8f:d2:cb:c0:0d:28:a5:ce:55:d7:c1:ca:dc:0e:27:20:da:e4:
96:3a:c4:23:94:05:cf:45:83:9a:7a:d5:ef:bb:23:9f:3b:e9:
30:48:b1:8d:85:8c:53:a5:6d:c4:52:de:d8:1b:f3:30:36:1a:
9c:54:25:19:66:6d:b8:c9:2b:a4:cd:76:3e:cd:ca:ac:9c:5a:
fb:7f:e4:51:20:89:4a:32:18:b7:13:21:a0:a9:f4:b1:19:7b:
21:99:a1:35:de:b3:91:8d:f6:8a:03:f3:da:b1:77:20:2b:83:
69:d6:ad:8f:7e:27:5d:47:ad:25:ed:7f:df:dc:38:03:10:87:
67:b4:bf:2f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYsF/625GeakEediUrCQophqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMxMDA2MTcxODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjRmYWM3Y2VhMjFiZDdhZjdkMDk3NDlhYzJhZTI4Nzg1YmVlYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCOzHZ3f9sLKYdiBM1fiprfK3p4E
7+XkroMeqiD2ncElLwv0NZWJfvfblKww0t6NBx39nClPPqIrhU/ka0lQMD/FB4yK
xUHtYuTq9mhBN8oCRZ7em7tzjlHyzuNl2R/AqcUeoyduL5Gtmw0SR9j9Uiqv49o6
WorN1zNuUyXRRSB0Kgs8Ju6w66o+XmyG+0/aFDnTy/zGhM0+gAMwDsQbZnsyGy9j
iQfjjJSQsV/tLe3mOYq9T0G7hwgvf0/kiqmYkOlV5m7ZhCpEpe0jU9UMBNysQUhd
tfOhbis+HHJ7HiHiySRadSoLXU09dwktgO86Af/76ggfxsZLS8P99FqaTwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOtPrHzqIb1699CXSawq4oeFvuu/MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvNjAtc2ZPb2h2WHIzMEpkSnJDcmloNFctNjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAKox8wD
BAKox9AwDAMEA6jH2AMEBKjH4DANBgkqhkiG9w0BAQsFAAOCAQEAMqj/W5D39YCd
2Vnfch61BO/RA7JVcyVcYqAaMROHxbtvWoPyjuyEsbE53IYFON5LbeBlZHgfqVBt
9TqP9OTH0iW3+5taxJkPd/FjufFKpBiKFfEmn0Sp232uXIS1T4V1mOjsOuCuily0
D6Bu+vDR2pGBJlX70WwUh0rQIEPHj9LLwA0opc5V18HK3A4nINrkljrEI5QFz0WD
mnrV77sjnzvpMEixjYWMU6VtxFLe2BvzMDYanFQlGWZtuMkrpM12Ps3KrJxa+3/k
USCJSjIYtxMhoKn0sRl7IZmhNd6zkY32igPz2rF3ICuDadatj34nXUetJe1/39w4
AxCHZ7S/Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:50 2024 by rpki-client on console-fra.rpki-client.org