Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/syBSjOz-mY_aD_TZOUt8_ZHsIco.roa
File: syBSjOz-mY_aD_TZOUt8_ZHsIco.roa (raw, json)
Hash identifier: H8tQibpP2nueEujYBc6e7HvvCsKg3fluyPjcnP/E2Bk=
Subject key identifier: B3:20:52:8C:EC:FE:99:8F:DA:0F:F4:D9:39:4B:7C:FD:91:EC:21:CA
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01857142D65F937BDD50ADF3C680D56BDE8A
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/syBSjOz-mY_aD_TZOUt8_ZHsIco.roa
Signing time: Mon 02 Jan 2023 06:54:43 +0000
ROA not before: Mon 02 Jan 2023 06:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29423
IP address blocks: 185.211.60.0/24 maxlen: 24
185.207.229.0/24 maxlen: 24
2a0b:6340::/32 maxlen: 32
2a0b:2a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d6:5f:93:7b:dd:50:ad:f3:c6:80:d5:6b:de:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 2 06:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b320528cecfe998fda0ff4d9394b7cfd91ec21ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:06:1a:36:97:db:da:8b:29:d5:52:0c:6b:8b:
36:cc:c3:f1:a9:45:cd:53:c6:88:89:35:a9:d5:da:
9d:52:a5:2d:e1:35:4c:45:88:4c:d2:57:e9:9b:b7:
aa:74:83:79:99:57:9e:05:34:18:8b:56:68:99:19:
76:52:1a:99:36:df:ed:24:80:ab:89:90:39:65:0f:
22:a3:34:9e:86:a4:dd:9f:56:ff:9d:a0:26:92:96:
39:ef:53:36:e8:7c:7e:28:da:b3:ca:3a:74:aa:6b:
58:4d:c7:c6:13:f6:12:3a:2f:ff:6c:aa:3f:a2:b4:
07:92:91:fe:76:8e:5d:a8:f5:72:3f:dd:f2:6c:99:
29:59:a4:b2:8a:05:31:27:9f:4d:4c:53:06:4f:63:
3e:fd:85:f9:f4:35:3a:ce:e5:64:e9:a0:38:43:c0:
69:f7:22:e9:df:80:b6:ad:50:e6:7a:bb:53:61:09:
45:f0:ca:1a:cb:01:91:0b:e8:e8:5c:3a:ec:bf:b7:
aa:18:10:b7:ae:03:9d:28:16:5a:00:45:bc:cd:f2:
00:3d:9e:0e:32:65:58:4b:dd:a6:4c:24:3f:06:31:
ce:7c:38:ed:f7:28:b4:a5:73:4c:be:26:57:5b:17:
83:1a:25:58:ca:d9:ae:94:19:c8:4a:2d:dc:f7:3d:
f1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:20:52:8C:EC:FE:99:8F:DA:0F:F4:D9:39:4B:7C:FD:91:EC:21:CA
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/syBSjOz-mY_aD_TZOUt8_ZHsIco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.229.0/24
185.211.60.0/24
IPv6:
2a0b:2a40::/32
2a0b:6340::/32
Signature Algorithm: sha256WithRSAEncryption
71:82:4b:c0:8c:ec:85:9f:17:0a:64:32:d0:94:5b:15:09:42:
f9:04:44:a9:c5:f4:c9:5e:37:cf:b6:68:f6:eb:55:2d:c2:2f:
fd:9f:fc:ab:40:d8:4e:53:de:81:cd:fb:fb:08:47:f3:cf:03:
df:ba:cb:ed:67:cc:b5:5e:46:10:f2:16:6b:26:80:4d:0d:32:
1d:73:aa:db:df:a9:c2:b7:59:9c:ce:da:20:ed:07:2b:e6:1a:
6e:14:ce:31:78:3a:22:d7:40:04:7e:b8:03:58:b2:5f:97:24:
4c:e1:81:da:48:1e:5f:71:c3:f9:d8:92:df:d0:1e:c7:93:2f:
1e:1e:0f:17:8d:ee:1f:a1:66:d5:f1:ad:ba:7c:20:ec:e0:07:
34:b0:0f:70:93:45:92:3d:17:16:c2:3c:4a:5a:7f:91:2f:b8:
e7:ff:c3:f0:44:a5:9f:87:2c:a8:e3:df:e1:93:14:29:bb:34:
7c:30:06:e9:23:8b:62:73:90:df:10:1d:86:6b:fb:86:c0:14:
94:1f:9f:bf:3b:5a:50:cc:3e:d6:9a:74:57:79:7b:49:4c:79:
9c:62:60:a1:39:2c:83:16:ff:26:90:76:82:84:ef:f6:67:3c:
bb:99:01:10:8c:d9:e0:fa:b6:fe:8b:c0:9f:aa:8d:57:ff:7f:
01:74:eb:4d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVxQtZfk3vdUK3zxoDVa96KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzIwNTI4Y2VjZmU5OThmZGEwZmY0ZDkzOTRiN2NmZDkxZWMyMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngYaNpfb2osp1VIMa4s2zMPxqUXN
U8aIiTWp1dqdUqUt4TVMRYhM0lfpm7eqdIN5mVeeBTQYi1ZomRl2UhqZNt/tJICr
iZA5ZQ8iozSehqTdn1b/naAmkpY571M26Hx+KNqzyjp0qmtYTcfGE/YSOi//bKo/
orQHkpH+do5dqPVyP93ybJkpWaSyigUxJ59NTFMGT2M+/YX59DU6zuVk6aA4Q8Bp
9yLp34C2rVDmertTYQlF8MoaywGRC+joXDrsv7eqGBC3rgOdKBZaAEW8zfIAPZ4O
MmVYS92mTCQ/BjHOfDjt9yi0pXNMviZXWxeDGiVYytmulBnISi3c9z3x6QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLMgUozs/pmP2g/02TlLfP2R7CHKMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvc3lCU2pPei1tWV9hRF9UWk9VdDhfWkhzSWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuc/lAwQA
udM8MBQEAgACMA4DBQAqCypAAwUAKgtjQDANBgkqhkiG9w0BAQsFAAOCAQEAcYJL
wIzshZ8XCmQy0JRbFQlC+QREqcX0yV43z7Zo9utVLcIv/Z/8q0DYTlPegc37+whH
888D37rL7WfMtV5GEPIWayaATQ0yHXOq29+pwrdZnM7aIO0HK+YabhTOMXg6ItdA
BH64A1iyX5ckTOGB2kgeX3HD+diS39Aex5MvHh4PF43uH6Fm1fGtunwg7OAHNLAP
cJNFkj0XFsI8Slp/kS+45//D8ESln4csqOPf4ZMUKbs0fDAG6SOLYnOQ3xAdhmv7
hsAUlB+fvztaUMw+1pp0V3l7SUx5nGJgoTksgxb/JpB2goTv9mc8u5kBEIzZ4Pq2
/ovAn6qNV/9/AXTrTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org