Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/xC6n_YyC-369PsWt7AUBtV93Zpk.roa
File: xC6n_YyC-369PsWt7AUBtV93Zpk.roa (raw, json)
Hash identifier: vyGdzINg+nM34DHwU42MWQl4+8JBAuMMAWHL6iK0aAg=
Subject key identifier: C4:2E:A7:FD:8C:82:FB:7E:BD:3E:C5:AD:EC:05:01:B5:5F:77:66:99
Certificate issuer: /CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Certificate serial: 018B9042730AAC469DE64C57D26C86753250
Authority key identifier: 52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/xC6n_YyC-369PsWt7AUBtV93Zpk.roa
Signing time: Thu 02 Nov 2023 13:39:15 +0000
ROA not before: Thu 02 Nov 2023 13:39:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205385
IP address blocks: 185.231.36.0/22 maxlen: 24
185.220.48.0/22 maxlen: 24
2a0b:eec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:90:42:73:0a:ac:46:9d:e6:4c:57:d2:6c:86:75:32:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529ca5a6e5d67421f3f2cd21138cb70704850955
Validity
Not Before: Nov 2 13:39:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42ea7fd8c82fb7ebd3ec5adec0501b55f776699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:47:23:e8:b0:fa:68:0d:36:3a:a4:b6:08:21:
79:bf:45:66:a2:bf:d3:51:a5:c7:2f:29:66:6c:f9:
eb:ab:c9:a4:dc:2d:87:25:3d:01:40:62:95:18:ab:
ed:87:c1:1e:bc:13:b6:20:28:33:9c:8e:a1:58:b1:
d9:ed:bf:b4:ef:fe:b9:38:7e:63:d8:a3:fc:27:29:
4c:42:52:0a:22:74:55:d8:2d:60:6c:87:3a:31:5f:
bb:9e:0a:54:8e:08:50:54:70:1a:e3:59:3b:c7:7a:
27:5d:f9:68:29:9b:8d:b6:ad:7a:3c:9c:81:c6:8d:
35:c2:34:53:cd:e5:33:c8:f9:46:5f:f6:e2:54:e9:
b9:92:f9:af:ea:ae:49:a4:ea:dd:e1:bb:c4:d5:f3:
67:15:37:e3:5b:01:84:b6:a9:eb:99:8d:b3:02:7f:
c5:0f:89:ef:1d:07:fd:48:24:8d:89:3b:a2:00:6b:
41:45:70:fe:fd:a8:5a:8c:d2:51:bd:1b:dd:3a:0c:
84:a6:90:11:a3:e2:44:c5:ac:eb:ef:96:1e:49:a1:
24:63:13:8a:be:ea:2a:ed:e4:ba:2e:f2:2f:fa:08:
d2:dc:d3:25:2d:1b:d4:0e:32:22:18:5c:17:30:5b:
a1:9f:bf:aa:23:ee:e7:2f:3d:56:46:c2:d4:c3:c1:
a5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2E:A7:FD:8C:82:FB:7E:BD:3E:C5:AD:EC:05:01:B5:5F:77:66:99
X509v3 Authority Key Identifier:
keyid:52:9C:A5:A6:E5:D6:74:21:F3:F2:CD:21:13:8C:B7:07:04:85:09:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpylpuXWdCHz8s0hE4y3BwSFCVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/xC6n_YyC-369PsWt7AUBtV93Zpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/60f9ac-053a-4689-b081-3a3a9f0242b8/1/UpylpuXWdCHz8s0hE4y3BwSFCVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.48.0/22
185.231.36.0/22
IPv6:
2a0b:eec0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:6b:1e:52:dd:17:12:e3:18:01:cb:bd:6c:9f:08:fd:5f:e4:
d2:ea:73:de:65:69:25:13:5e:c7:1d:dd:2b:9c:43:be:4f:ad:
eb:e3:91:ef:99:5c:6e:60:f2:11:e6:09:b7:f9:73:c1:e9:e8:
06:99:81:99:c4:bb:b2:82:24:95:e6:c9:b2:35:5f:2c:d2:3e:
78:28:2e:08:73:ce:30:a3:d9:fe:17:73:de:fd:b0:cf:25:d0:
d5:35:90:a4:df:3f:bf:78:07:71:da:9b:27:a5:a8:15:56:5f:
b2:68:56:7a:1c:e7:8e:f9:61:e0:c7:a3:1e:5f:ad:09:a1:2a:
a0:f7:4a:4d:9b:38:80:b1:c6:ef:95:d8:50:0e:f0:96:fb:bc:
b1:00:0e:54:86:f4:83:75:27:60:29:65:7a:ec:2a:44:0b:12:
09:f5:c8:58:a5:cc:b4:ce:29:5f:0e:e5:1e:88:e1:3c:eb:03:
c6:fb:6e:6c:16:5c:c1:66:3f:10:04:b1:16:19:a0:c1:b1:ea:
ce:d2:cc:4e:3f:d6:53:d9:c9:15:87:01:a1:f4:0e:7e:99:15:
69:3f:47:6e:4f:c7:b2:f9:93:81:9a:21:db:b3:ad:00:df:cf:
6b:fb:26:e5:28:7a:11:bc:78:da:1c:fe:3e:ae:8b:f3:94:01:
13:27:4a:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuQQnMKrEad5kxX0myGdTJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWNhNWE2ZTVkNjc0MjFmM2YyY2QyMTEzOGNiNzA3MDQ4
NTA5NTUwHhcNMjMxMTAyMTMzOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJlYTdmZDhjODJmYjdlYmQzZWM1YWRlYzA1MDFiNTVmNzc2Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0cj6LD6aA02OqS2CCF5v0Vmor/T
UaXHLylmbPnrq8mk3C2HJT0BQGKVGKvth8EevBO2ICgznI6hWLHZ7b+07/65OH5j
2KP8JylMQlIKInRV2C1gbIc6MV+7ngpUjghQVHAa41k7x3onXfloKZuNtq16PJyB
xo01wjRTzeUzyPlGX/biVOm5kvmv6q5JpOrd4bvE1fNnFTfjWwGEtqnrmY2zAn/F
D4nvHQf9SCSNiTuiAGtBRXD+/ahajNJRvRvdOgyEppARo+JExazr75YeSaEkYxOK
vuoq7eS6LvIv+gjS3NMlLRvUDjIiGFwXMFuhn7+qI+7nLz1WRsLUw8GlGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMQup/2Mgvt+vT7FrewFAbVfd2aZMB8GA1UdIwQY
MBaAFFKcpabl1nQh8/LNIROMtwcEhQlVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEt
M2EzYTlmMDI0MmI4LzEveEM2bl9ZeUMtMzY5UHNXdDdBVUJ0VjkzWnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82MGY5YWMtMDUzYS00Njg5LWIwODEtM2EzYTlmMDI0MmI4
LzEvVXB5bHB1WFdkQ0h6OHMwaEU0eTNCd1NGQ1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudwwAwQC
ueckMA0EAgACMAcDBQAqC+7AMA0GCSqGSIb3DQEBCwUAA4IBAQCPax5S3RcS4xgB
y71snwj9X+TS6nPeZWklE17HHd0rnEO+T63r45HvmVxuYPIR5gm3+XPB6egGmYGZ
xLuygiSV5smyNV8s0j54KC4Ic84wo9n+F3Pe/bDPJdDVNZCk3z+/eAdx2psnpagV
Vl+yaFZ6HOeO+WHgx6MeX60JoSqg90pNmziAscbvldhQDvCW+7yxAA5UhvSDdSdg
KWV67CpECxIJ9chYpcy0zilfDuUeiOE86wPG+25sFlzBZj8QBLEWGaDBserO0sxO
P9ZT2ckVhwGh9A5+mRVpP0duT8ey+ZOBmiHbs60A389r+yblKHoRvHjaHP4+rovz
lAETJ0pE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:18 2024 by rpki-client on console-fra.rpki-client.org