Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YOq26RI4hJWVejwLYmbdUhPDhA0.roa
File: YOq26RI4hJWVejwLYmbdUhPDhA0.roa (raw, json)
Hash identifier: VPGvcZAO/6445uBiL6Qdk86iyGVSl8PqLY3YszwmGlM=
Subject key identifier: 60:EA:B6:E9:12:38:84:95:95:7A:3C:0B:62:66:DD:52:13:C3:84:0D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C454DB652C5D082C88BB8E1CD39919EC7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YOq26RI4hJWVejwLYmbdUhPDhA0.roa
Signing time: Thu 07 Dec 2023 17:22:50 +0000
ROA not before: Thu 07 Dec 2023 17:22:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 185.121.120.0/24 maxlen: 24
2.56.56.0/22 maxlen: 24
185.239.243.0/24 maxlen: 24
2.58.148.0/22 maxlen: 24
89.37.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:4d:b6:52:c5:d0:82:c8:8b:b8:e1:cd:39:91:9e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 7 17:22:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60eab6e912388495957a3c0b6266dd5213c3840d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:df:ae:66:46:64:13:1d:eb:f2:6d:5c:90:d6:
af:99:71:fb:6b:9c:f6:76:41:fa:80:cf:3d:16:d4:
ab:05:cc:ed:d5:44:eb:51:78:76:58:90:44:b9:25:
97:50:25:2f:24:36:be:21:a4:79:bd:82:f2:a2:5e:
6b:ef:ba:ba:1b:b5:0a:04:ff:6d:1d:06:fb:62:20:
fe:db:b7:1b:69:d1:de:60:76:b3:f2:7a:38:b8:9e:
24:91:ac:b7:b6:53:8f:a9:9b:d6:89:9a:c4:3e:1b:
00:95:15:95:30:2d:6c:3f:7f:5d:74:dd:e3:23:19:
0b:0a:aa:51:30:5c:7a:33:39:8e:44:e3:5c:59:ea:
77:23:ae:24:41:4d:40:33:0c:3d:e7:0b:3b:a5:b7:
09:3b:5d:f5:85:61:ad:73:eb:99:24:c2:ec:d5:e3:
fe:af:85:0c:06:d5:4b:d3:f1:57:f8:4c:e8:56:8a:
18:6d:c5:30:1c:ae:af:62:dc:e0:1a:1b:d1:5c:47:
69:f5:5e:33:8a:99:51:ca:a0:f9:6f:6f:a2:28:15:
90:c9:69:fa:06:07:e0:82:f9:33:3a:71:c8:b2:6f:
29:83:a4:d3:e8:ae:fc:8d:e8:43:ef:36:86:be:8f:
a6:ca:c2:d9:64:f7:86:2e:48:fb:8b:e2:b7:9f:e3:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EA:B6:E9:12:38:84:95:95:7A:3C:0B:62:66:DD:52:13:C3:84:0D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YOq26RI4hJWVejwLYmbdUhPDhA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.56.0/22
2.58.148.0/22
89.37.63.0/24
185.121.120.0/24
185.239.243.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:98:ca:a8:39:42:58:8a:d5:2f:a9:31:7e:0a:2e:a5:83:24:
6f:fc:e9:87:bb:3e:13:ca:f1:c9:82:d2:16:14:d0:0d:dd:cd:
9c:6a:61:5d:52:f6:63:b3:3c:1f:90:67:67:15:e7:03:c9:5d:
86:c6:f0:6d:44:a4:61:34:fd:50:10:d3:19:c4:a5:35:b9:ec:
c8:09:60:db:6f:28:df:20:34:35:a0:67:a9:d6:32:d8:ab:39:
f7:c7:ec:69:3b:59:bb:ab:d0:58:23:0c:97:85:bf:1f:5b:3b:
cc:3a:fd:6d:3b:49:26:a3:51:06:f3:81:3f:bd:39:fe:d8:a3:
40:44:e4:1f:19:79:04:47:a7:55:4f:c6:94:4a:56:b8:ed:70:
58:9e:47:c5:22:24:63:ed:a8:7b:82:76:c2:e7:0e:e0:c5:cd:
6b:ca:29:fb:a5:d3:33:9b:79:13:f4:ac:08:9f:76:bf:34:f5:
c6:2c:4b:56:dc:93:11:18:8e:e1:56:6d:c1:ca:02:0e:c6:ae:
91:3e:31:ad:73:32:0e:c5:88:28:17:b8:71:8e:c9:e3:64:f8:
6c:21:4d:75:61:71:5e:0c:21:58:38:f5:e1:d8:51:b8:fa:9f:
ea:85:08:0b:c5:9e:5e:3c:56:68:e7:fb:b7:23:48:6a:78:72:
bd:4a:b3:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYxFTbZSxdCCyIu44c05kZ7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjA3MTcyMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVhYjZlOTEyMzg4NDk1OTU3YTNjMGI2MjY2ZGQ1MjEzYzM4NDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9+uZkZkEx3r8m1ckNavmXH7a5z2
dkH6gM89FtSrBczt1UTrUXh2WJBEuSWXUCUvJDa+IaR5vYLyol5r77q6G7UKBP9t
HQb7YiD+27cbadHeYHaz8no4uJ4kkay3tlOPqZvWiZrEPhsAlRWVMC1sP39ddN3j
IxkLCqpRMFx6MzmORONcWep3I64kQU1AMww95ws7pbcJO131hWGtc+uZJMLs1eP+
r4UMBtVL0/FX+EzoVooYbcUwHK6vYtzgGhvRXEdp9V4ziplRyqD5b2+iKBWQyWn6
BgfggvkzOnHIsm8pg6TT6K78jehD7zaGvo+mysLZZPeGLkj7i+K3n+MKvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGDqtukSOISVlXo8C2Jm3VITw4QNMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWU9xMjZSSTRoSldWZWp3TFltYmRVaFBEaEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjg4AwQC
AjqUAwQAWSU/AwQAuXl4AwQAue/zMA0GCSqGSIb3DQEBCwUAA4IBAQCKmMqoOUJY
itUvqTF+Ci6lgyRv/OmHuz4TyvHJgtIWFNAN3c2camFdUvZjszwfkGdnFecDyV2G
xvBtRKRhNP1QENMZxKU1uezICWDbbyjfIDQ1oGep1jLYqzn3x+xpO1m7q9BYIwyX
hb8fWzvMOv1tO0kmo1EG84E/vTn+2KNAROQfGXkER6dVT8aUSla47XBYnkfFIiRj
7ah7gnbC5w7gxc1ryin7pdMzm3kT9KwIn3a/NPXGLEtW3JMRGI7hVm3BygIOxq6R
PjGtczIOxYgoF7hxjsnjZPhsIU11YXFeDCFYOPXh2FG4+p/qhQgLxZ5ePFZo5/u3
I0hqeHK9SrMe
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org