Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0JFNSumOUKMDtBmv_Lf4TDyQHjA.roa
File: 0JFNSumOUKMDtBmv_Lf4TDyQHjA.roa (raw, json)
Hash identifier: ok3cO9isr8UrXBsKOE3x/5EJGSfs+bUsZpP2aJm8R3A=
Subject key identifier: D0:91:4D:4A:E9:8E:50:A3:03:B4:19:AF:FC:B7:F8:4C:3C:90:1E:30
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8028113A1970D569276B11D399428EA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0JFNSumOUKMDtBmv_Lf4TDyQHjA.roa
Signing time: Tue 02 Jan 2024 02:30:56 +0000
ROA not before: Tue 02 Jan 2024 02:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60458
IP address blocks: 185.248.200.0/22 maxlen: 22
45.90.238.0/24 maxlen: 24
185.199.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 17:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:81:13:a1:97:0d:56:92:76:b1:1d:39:94:28:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0914d4ae98e50a303b419affcb7f84c3c901e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:98:1d:4f:17:5c:b7:d5:55:b9:3b:d0:97:ae:
57:3d:35:d6:5f:97:61:49:9d:55:37:e2:3a:4f:7c:
02:3d:c7:b8:b8:9a:c5:07:f1:89:c3:8b:3b:83:ef:
8f:41:61:1d:90:b7:5b:74:55:41:a6:b1:c5:cd:d9:
7b:3e:c9:a5:05:5e:98:d7:91:44:1b:bc:b1:42:82:
a9:c9:19:4a:83:0b:73:a6:a0:1b:9f:69:bb:3c:c4:
f2:a4:c7:52:02:33:32:70:42:ec:10:7b:ee:2c:38:
5b:59:a3:c0:96:ca:08:c1:ee:4a:d3:b3:21:27:ed:
e7:08:ee:90:58:b1:29:92:e4:77:b8:bc:66:4a:42:
ba:07:75:72:0d:20:59:c8:24:89:a7:d3:3e:ca:f6:
6c:a9:c6:ac:b5:7c:6c:20:19:0a:f2:2a:04:b9:a0:
9a:c5:93:b5:9f:1c:42:d3:3b:15:38:48:e0:c5:1c:
4e:c1:9f:73:35:0b:46:a5:02:7c:8f:d9:f8:48:c1:
8c:a4:9a:66:b3:de:15:81:ea:5b:c3:51:c8:26:4c:
6e:6a:c4:28:49:06:be:23:e2:5f:37:38:f4:65:c0:
1a:76:2c:a8:21:be:47:37:d3:0d:ec:93:4a:21:cb:
c9:c3:e2:45:77:c4:9b:43:06:a6:2b:d1:e2:86:4f:
1d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:91:4D:4A:E9:8E:50:A3:03:B4:19:AF:FC:B7:F8:4C:3C:90:1E:30
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0JFNSumOUKMDtBmv_Lf4TDyQHjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.238.0/24
185.199.55.0/24
185.248.200.0/22
Signature Algorithm: sha256WithRSAEncryption
00:20:d6:46:8c:fb:0e:e3:34:69:df:1e:bf:d6:f6:55:6c:84:
ce:92:95:fb:e0:28:a6:6d:c8:d2:e2:c6:38:d9:d0:5e:5a:77:
9e:95:fb:02:86:bf:cb:c2:ea:cc:55:f4:31:b0:04:40:2d:56:
e5:bf:f0:34:20:d1:65:4c:4c:bb:b4:94:27:18:1f:3c:37:d9:
e5:e4:b0:9a:f4:07:82:6d:ca:78:55:f4:b7:6b:a3:a4:18:5a:
f0:20:d6:6f:9e:71:b7:4e:61:b4:72:b6:91:b8:02:e3:ad:d7:
34:3f:ff:ed:0f:fc:7a:09:b2:80:9d:07:91:e1:05:9b:c2:1e:
6e:0a:cf:c2:e1:28:d2:7d:77:81:c3:1d:ae:92:1d:44:c2:95:
01:c4:11:3a:cc:50:75:bb:45:f4:26:5b:c4:f4:ec:1b:ec:0b:
59:93:d2:31:3f:9f:69:d9:8a:c3:2e:e8:fc:a2:d6:eb:eb:81:
d1:1e:5e:5c:96:22:ae:c0:b7:49:ea:03:e6:87:0c:11:6b:16:
59:1d:af:88:93:1d:d8:c0:c3:e5:6c:6b:18:02:fb:a6:21:58:
cb:ca:56:b7:87:0b:57:b7:18:f3:f8:4b:07:8d:f0:46:78:7f:
71:47:eb:20:49:ef:f3:e2:bd:74:fe:a7:ea:ec:98:38:4f:32:
26:6b:37:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAoEToZcNVpJ2sR05lCjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkxNGQ0YWU5OGU1MGEzMDNiNDE5YWZmY2I3Zjg0YzNjOTAxZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJgdTxdct9VVuTvQl65XPTXWX5dh
SZ1VN+I6T3wCPce4uJrFB/GJw4s7g++PQWEdkLdbdFVBprHFzdl7PsmlBV6Y15FE
G7yxQoKpyRlKgwtzpqAbn2m7PMTypMdSAjMycELsEHvuLDhbWaPAlsoIwe5K07Mh
J+3nCO6QWLEpkuR3uLxmSkK6B3VyDSBZyCSJp9M+yvZsqcastXxsIBkK8ioEuaCa
xZO1nxxC0zsVOEjgxRxOwZ9zNQtGpQJ8j9n4SMGMpJpms94Vgepbw1HIJkxuasQo
SQa+I+JfNzj0ZcAadiyoIb5HN9MN7JNKIcvJw+JFd8SbQwamK9Hihk8diwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNCRTUrpjlCjA7QZr/y3+Ew8kB4wMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMEpGTlN1bU9VS01EdEJtdl9MZjRURHlRSGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVruAwQA
ucc3AwQCufjIMA0GCSqGSIb3DQEBCwUAA4IBAQAAINZGjPsO4zRp3x6/1vZVbITO
kpX74CimbcjS4sY42dBeWneelfsChr/LwurMVfQxsARALVblv/A0INFlTEy7tJQn
GB88N9nl5LCa9AeCbcp4VfS3a6OkGFrwINZvnnG3TmG0craRuALjrdc0P//tD/x6
CbKAnQeR4QWbwh5uCs/C4SjSfXeBwx2ukh1EwpUBxBE6zFB1u0X0JlvE9Owb7AtZ
k9IxP59p2YrDLuj8otbr64HRHl5cliKuwLdJ6gPmhwwRaxZZHa+Ikx3YwMPlbGsY
AvumIVjLyla3hwtXtxjz+EsHjfBGeH9xR+sgSe/z4r10/qfq7Jg4TzImazde
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org