Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/sydrlevRphbcTtcO-Vx2HDSFuLI.roa
File: sydrlevRphbcTtcO-Vx2HDSFuLI.roa (raw, json)
Hash identifier: g5a+157SCEAmmqvNqn/HxyRTIdjUtOmXiWw/E3vIgks=
Subject key identifier: B3:27:6B:95:EB:D1:A6:16:DC:4E:D7:0E:F9:5C:76:1C:34:85:B8:B2
Certificate issuer: /CN=52f629f34cd083bc68054069b1cc5ee7971f8bbb
Certificate serial: 018F38F34017418B8200349C05AE601CCAD2
Authority key identifier: 52:F6:29:F3:4C:D0:83:BC:68:05:40:69:B1:CC:5E:E7:97:1F:8B:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UvYp80zQg7xoBUBpscxe55cfi7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/sydrlevRphbcTtcO-Vx2HDSFuLI.roa
Signing time: Thu 02 May 2024 10:56:56 +0000
ROA not before: Thu 02 May 2024 10:56:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200432
IP address blocks: 185.107.60.0/22 maxlen: 22
185.107.60.0/24 maxlen: 24
185.107.61.0/24 maxlen: 24
185.107.62.0/24 maxlen: 24
185.107.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:f3:40:17:41:8b:82:00:34:9c:05:ae:60:1c:ca:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52f629f34cd083bc68054069b1cc5ee7971f8bbb
Validity
Not Before: May 2 10:56:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3276b95ebd1a616dc4ed70ef95c761c3485b8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:a4:9d:35:91:ac:ae:7e:26:e0:70:b3:fb:
60:00:41:fa:3c:ea:23:bd:0e:85:16:95:88:05:23:
cc:33:b7:c9:15:be:25:17:7a:84:68:d4:f0:6a:df:
58:e6:6b:fe:2d:d7:da:4c:37:07:3f:a2:e1:59:3c:
1a:58:df:f8:8d:64:23:5d:45:64:46:a6:39:15:2a:
f0:02:69:6f:33:62:b8:50:01:0d:49:66:eb:e1:45:
10:cf:c8:10:6f:f6:5d:30:44:cb:36:0e:7a:92:bd:
55:61:48:9d:66:61:22:9a:25:3d:42:fc:02:e4:8f:
d0:a5:f3:8d:7c:8e:d9:46:99:fc:be:68:12:ec:c3:
96:4e:48:5e:45:1a:b3:36:3b:e3:c7:a6:f5:c5:3f:
61:65:6c:a3:93:f5:68:cf:d2:29:4b:a2:4b:ef:5d:
5f:bf:01:b5:35:88:44:f1:e6:15:77:b4:97:77:96:
1c:14:4c:f9:69:7c:0b:e4:1d:9f:02:b3:13:80:c0:
dc:27:38:46:3a:a8:5d:22:26:a9:9e:ef:da:a8:96:
9d:d9:5c:57:06:08:d2:c2:b6:96:db:5c:cc:0c:da:
c5:a8:f0:f0:e0:e6:9f:b8:50:7b:aa:cf:95:f9:fa:
28:df:1e:75:66:6b:d9:a9:e7:d1:81:3c:a2:14:ba:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:27:6B:95:EB:D1:A6:16:DC:4E:D7:0E:F9:5C:76:1C:34:85:B8:B2
X509v3 Authority Key Identifier:
keyid:52:F6:29:F3:4C:D0:83:BC:68:05:40:69:B1:CC:5E:E7:97:1F:8B:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvYp80zQg7xoBUBpscxe55cfi7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/sydrlevRphbcTtcO-Vx2HDSFuLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/932fb7-db05-409c-a16a-97a4283b6292/1/UvYp80zQg7xoBUBpscxe55cfi7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.60.0/22
Signature Algorithm: sha256WithRSAEncryption
94:01:98:c5:fb:8e:5f:01:63:74:25:23:17:5e:6e:d9:b9:a1:
9d:b7:c2:79:3c:d6:8e:87:22:23:c6:23:c7:66:44:55:e5:93:
13:e2:59:28:33:f7:ec:eb:93:4b:d9:9e:88:bc:8c:ba:23:54:
64:d0:e5:bd:0e:0a:e3:42:33:01:39:18:6c:d4:c6:77:b1:3c:
24:c8:d1:6a:f3:06:e7:b7:7d:ea:4d:fc:16:fe:8f:c0:fa:5e:
ad:ec:79:d6:ca:d9:78:a0:02:10:00:13:f4:48:9e:31:bf:f8:
1d:1c:5e:b1:97:19:7a:d1:42:98:4c:40:00:7b:f1:66:3c:ef:
3f:74:92:d4:49:3c:66:3b:93:91:7d:00:f4:b8:69:69:e6:a3:
66:14:66:36:5d:3f:2c:d7:f7:94:c1:94:49:04:ae:d1:f0:e9:
eb:d0:c8:7b:12:24:83:3b:ba:86:0b:a1:28:26:14:f1:ac:22:
7e:58:53:be:f1:f0:0d:b5:99:6f:91:be:a9:0a:b2:78:1c:b2:
81:d8:5a:de:a7:ce:d4:61:56:da:76:8b:0e:5d:21:8c:35:53:
c2:dc:c2:81:c4:de:dc:45:16:97:37:75:de:2a:46:8e:8f:a8:
82:9c:09:6e:0b:ed:01:82:88:1e:a5:a4:de:24:bb:1a:43:fc:
f7:15:b8:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8480AXQYuCADScBa5gHMrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZjYyOWYzNGNkMDgzYmM2ODA1NDA2OWIxY2M1ZWU3OTcx
ZjhiYmIwHhcNMjQwNTAyMTA1NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzI3NmI5NWViZDFhNjE2ZGM0ZWQ3MGVmOTVjNzYxYzM0ODViOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotyknTWRrK5+JuBws/tgAEH6POoj
vQ6FFpWIBSPMM7fJFb4lF3qEaNTwat9Y5mv+LdfaTDcHP6LhWTwaWN/4jWQjXUVk
RqY5FSrwAmlvM2K4UAENSWbr4UUQz8gQb/ZdMETLNg56kr1VYUidZmEimiU9QvwC
5I/QpfONfI7ZRpn8vmgS7MOWTkheRRqzNjvjx6b1xT9hZWyjk/Voz9IpS6JL711f
vwG1NYhE8eYVd7SXd5YcFEz5aXwL5B2fArMTgMDcJzhGOqhdIiapnu/aqJad2VxX
BgjSwraW21zMDNrFqPDw4OafuFB7qs+V+foo3x51ZmvZqefRgTyiFLpGlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMna5Xr0aYW3E7XDvlcdhw0hbiyMB8GA1UdIwQY
MBaAFFL2KfNM0IO8aAVAabHMXueXH4u7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXZZcDgwelFnN3hvQlVCcHNjeGU1NWNmaTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MzJmYjctZGIwNS00MDljLWExNmEt
OTdhNDI4M2I2MjkyLzEvc3lkcmxldlJwaGJjVHRjTy1WeDJIRFNGdUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MzJmYjctZGIwNS00MDljLWExNmEtOTdhNDI4M2I2Mjky
LzEvVXZZcDgwelFnN3hvQlVCcHNjeGU1NWNmaTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWs8MA0G
CSqGSIb3DQEBCwUAA4IBAQCUAZjF+45fAWN0JSMXXm7ZuaGdt8J5PNaOhyIjxiPH
ZkRV5ZMT4lkoM/fs65NL2Z6IvIy6I1Rk0OW9DgrjQjMBORhs1MZ3sTwkyNFq8wbn
t33qTfwW/o/A+l6t7HnWytl4oAIQABP0SJ4xv/gdHF6xlxl60UKYTEAAe/FmPO8/
dJLUSTxmO5ORfQD0uGlp5qNmFGY2XT8s1/eUwZRJBK7R8Onr0Mh7EiSDO7qGC6Eo
JhTxrCJ+WFO+8fANtZlvkb6pCrJ4HLKB2Frep87UYVbadosOXSGMNVPC3MKBxN7c
RRaXN3XeKkaOj6iCnAluC+0BgogepaTeJLsaQ/z3FbgX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:15 2025 by rpki-client