Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/CGYUzKYzMEIA2cn29tR33MfDG4g.roa
File: CGYUzKYzMEIA2cn29tR33MfDG4g.roa (raw, json)
Hash identifier: AUXevGh/3U8iZElTyenhoALmXrbNuBai4jGhroLc58g=
Subject key identifier: 08:66:14:CC:A6:33:30:42:00:D9:C9:F6:F6:D4:77:DC:C7:C3:1B:88
Certificate issuer: /CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Certificate serial: 01856ECB72219F69C5CBA521C4C961D42ECB
Authority key identifier: 86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/CGYUzKYzMEIA2cn29tR33MfDG4g.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60680
IP address blocks: 185.27.89.0/24 maxlen: 24
185.27.88.0/24 maxlen: 24
2a00:9120:2::/48 maxlen: 48
2a00:9120:1::/48 maxlen: 48
2a00:9120:1:3::/64 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:72:21:9f:69:c5:cb:a5:21:c4:c9:61:d4:2e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=086614cca633304200d9c9f6f6d477dcc7c31b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ab:69:a8:c1:01:a9:32:4c:29:65:49:2f:d4:
45:fd:68:71:3f:64:d3:56:18:cb:d2:a2:31:51:63:
37:98:df:85:9e:f5:e7:a5:91:9a:1a:1a:40:c3:40:
2a:c0:c7:16:96:58:36:61:f0:ca:07:f5:ed:6b:03:
94:14:ac:01:2c:12:3f:20:76:95:3a:c8:9f:1e:b8:
51:8f:61:d6:a9:b4:6f:60:58:be:e7:73:7c:e2:93:
75:13:1a:02:9e:dc:fb:7f:32:2e:ad:17:22:e6:2e:
97:0c:d2:33:f8:74:aa:9e:d8:39:ae:02:33:52:ce:
84:f6:f5:3f:8b:3c:ba:5d:fb:33:5d:9a:a0:80:fd:
4d:9a:43:cc:a7:5c:e1:a4:61:5f:d0:03:9c:9e:8c:
b9:e3:de:15:13:6f:68:b1:10:62:be:21:29:ce:f9:
ce:b4:d5:da:73:6e:12:0e:61:03:91:be:2a:79:f3:
93:49:ee:0d:c8:c5:ec:0a:fb:d6:49:e3:ff:36:95:
ef:48:fb:c2:45:b5:e5:e6:b3:c0:47:9e:43:0f:4c:
d7:7e:ca:ab:84:60:97:38:d6:33:9d:16:9f:13:38:
76:20:0f:12:54:de:62:69:96:fd:ba:70:b5:44:bf:
86:fe:b0:00:d3:3b:93:b7:38:a3:41:2d:32:49:c8:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:66:14:CC:A6:33:30:42:00:D9:C9:F6:F6:D4:77:DC:C7:C3:1B:88
X509v3 Authority Key Identifier:
keyid:86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/CGYUzKYzMEIA2cn29tR33MfDG4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.88.0/23
IPv6:
2a00:9120:1::-2a00:9120:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:55:aa:83:4d:a8:9e:48:51:6b:a7:8d:7b:c3:87:89:8c:17:
d2:af:75:a7:23:03:94:af:31:c3:5c:20:c2:56:54:d0:d2:38:
01:01:05:b3:70:19:d3:30:17:c9:db:d5:0f:b8:2e:08:a7:b8:
54:83:42:42:b5:f0:cd:72:fb:c0:b4:bd:de:37:88:bc:e5:04:
a6:8b:f1:8a:56:41:87:45:07:ce:9a:83:89:9c:5c:f6:9b:d6:
07:b7:05:22:13:de:d4:14:5b:ea:ad:d1:22:98:41:7e:19:6c:
18:76:3c:6a:a7:73:5c:a4:40:75:20:15:47:ed:6d:5c:06:61:
69:c0:8e:a0:6a:04:1f:3f:93:71:ba:a8:66:cd:85:88:99:59:
76:8b:16:24:b0:b6:7c:1f:37:b1:f0:90:ba:68:96:a3:3a:b1:
c8:e4:49:cd:15:4e:a6:08:5c:a3:15:e8:25:36:19:90:ab:9a:
8e:4d:36:3f:12:88:a5:01:75:19:05:de:3f:d1:44:82:cd:b8:
0c:70:09:82:3f:1e:80:29:09:56:f2:e2:e9:d8:a9:45:d5:ad:
db:ef:5f:bc:f0:6f:ba:5b:9a:52:40:36:c7:f5:3b:10:60:eb:
77:82:0b:9b:fd:8b:d0:a6:af:e1:89:83:52:e9:21:23:cd:61:
3d:57:33:22
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVuy3Ihn2nFy6UhxMlh1C7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGEzNTZjMmE4NjEwZDExZDM0Y2RiOGE0N2QyYjkwNTE5
ZmJkMzUwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY2MTRjY2E2MzMzMDQyMDBkOWM5ZjZmNmQ0NzdkY2M3YzMxYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsatpqMEBqTJMKWVJL9RF/WhxP2TT
VhjL0qIxUWM3mN+FnvXnpZGaGhpAw0AqwMcWllg2YfDKB/XtawOUFKwBLBI/IHaV
OsifHrhRj2HWqbRvYFi+53N84pN1ExoCntz7fzIurRci5i6XDNIz+HSqntg5rgIz
Us6E9vU/izy6XfszXZqggP1NmkPMp1zhpGFf0AOcnoy5494VE29osRBiviEpzvnO
tNXac24SDmEDkb4qefOTSe4NyMXsCvvWSeP/NpXvSPvCRbXl5rPAR55DD0zXfsqr
hGCXONYznRafEzh2IA8SVN5iaZb9unC1RL+G/rAA0zuTtzijQS0yScj9jwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAhmFMymMzBCANnJ9vbUd9zHwxuIMB8GA1UdIwQY
MBaAFIbaNWwqhhDRHTTNuKR9K5BRn701MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzIt
OGE5NjYwNGM4MjZkLzEvQ0dZVXpLWXpNRUlBMmNuMjl0UjMzTWZERzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzItOGE5NjYwNGM4MjZk
LzEvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQBuRtYMBoE
AgACMBQwEgMHACoAkSAAAQMHACoAkSAAAjANBgkqhkiG9w0BAQsFAAOCAQEAZFWq
g02onkhRa6eNe8OHiYwX0q91pyMDlK8xw1wgwlZU0NI4AQEFs3AZ0zAXydvVD7gu
CKe4VINCQrXwzXL7wLS93jeIvOUEpovxilZBh0UHzpqDiZxc9pvWB7cFIhPe1BRb
6q3RIphBfhlsGHY8aqdzXKRAdSAVR+1tXAZhacCOoGoEHz+TcbqoZs2FiJlZdosW
JLC2fB83sfCQumiWozqxyORJzRVOpghcoxXoJTYZkKuajk02PxKIpQF1GQXeP9FE
gs24DHAJgj8egCkJVvLi6dipRdWt2+9fvPBvuluaUkA2x/U7EGDrd4ILm/2L0Kav
4YmDUukhI81hPVczIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:40 2024 by rpki-client on console-fra.rpki-client.org