Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-KBKWa9fxo56z_jKP-PkRIU5Bhg.roa
File: 1-KBKWa9fxo56z_jKP-PkRIU5Bhg.roa (raw, json)
Hash identifier: f+Nl9nleADNkRPJV5m46dp8HmHY/E+YVJOkfz7TP2Q4=
Subject key identifier: F8:A0:4A:59:AF:5F:C6:8E:7A:CF:F8:CA:3F:E3:E4:44:85:39:06:18
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8029C66A8ECB6376FF006736948A265
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-KBKWa9fxo56z_jKP-PkRIU5Bhg.roa
Signing time: Tue 02 Jan 2024 02:31:03 +0000
ROA not before: Tue 02 Jan 2024 02:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 270564
IP address blocks: 185.228.72.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 18:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:9c:66:a8:ec:b6:37:6f:f0:06:73:69:48:a2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8a04a59af5fc68e7acff8ca3fe3e44485390618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:b3:9d:f6:39:20:c9:d9:7b:2b:0d:d9:52:
f7:39:2d:4b:4d:d4:f2:07:49:c8:30:b2:93:30:61:
fb:88:d5:42:92:ad:83:c0:22:95:31:16:b7:c9:6e:
0e:4c:61:b5:87:94:9b:db:a6:23:91:d9:4d:6d:4d:
5f:3d:ea:1a:b9:fa:f1:26:68:23:2e:6f:16:e3:09:
f8:8c:ec:19:42:4d:92:73:75:ab:82:b1:c9:db:0e:
67:29:81:39:ea:37:12:1f:72:9e:74:d0:ca:cf:0b:
7f:19:a1:2b:0f:68:8a:c0:be:b1:7e:1c:36:8b:a4:
a3:b7:a6:e3:18:67:64:db:04:04:a6:9e:c6:c3:94:
69:a7:49:1f:61:c7:a8:10:31:23:1a:1a:b2:fb:7e:
82:e5:a7:da:1a:3d:57:09:1b:04:13:7b:4e:31:0f:
ca:32:2e:1b:e5:2b:d8:93:c7:f2:27:b2:40:ff:c6:
81:92:f4:59:44:e8:3e:ff:d2:ec:2b:87:e1:a6:53:
5b:3f:a6:09:9a:94:7e:16:17:2a:0c:66:33:20:52:
a8:20:56:41:0b:17:ac:dc:18:72:66:e6:70:21:0e:
08:1a:5f:13:6c:3d:60:52:43:12:1b:60:02:04:ad:
fe:c5:ed:f7:cd:89:b5:5a:bd:06:b0:d5:96:73:ff:
1c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A0:4A:59:AF:5F:C6:8E:7A:CF:F8:CA:3F:E3:E4:44:85:39:06:18
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-KBKWa9fxo56z_jKP-PkRIU5Bhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.83.0/24
185.228.72.0/24
Signature Algorithm: sha256WithRSAEncryption
34:92:60:3a:b3:68:32:6b:a2:f4:ca:35:eb:70:92:d2:d8:85:
4a:dd:bb:80:6b:ee:7c:e6:6e:12:40:8e:27:84:63:5e:6e:59:
21:b7:7c:b5:d0:0a:c2:b6:dd:da:91:a1:1c:95:5b:b8:f5:07:
0f:03:1d:e2:2b:1c:b6:f2:17:7b:19:d8:36:ff:81:a2:28:ad:
39:de:e7:9e:33:95:62:a7:ba:bb:36:f9:6f:0c:5b:ec:c6:61:
fb:e9:0c:f0:a5:6f:c0:ed:d3:c4:9e:17:66:13:7b:d6:e4:bd:
05:2e:c3:8e:8b:b8:2a:c3:cc:71:ea:9f:f3:5d:f4:46:7d:b9:
16:44:eb:ab:a3:06:67:ce:dc:f8:22:5f:ba:08:11:fe:fa:6c:
6e:bf:28:03:7c:98:31:b1:64:88:3a:eb:26:f0:ad:a0:4d:d3:
66:e2:fd:be:2e:81:45:68:83:18:e9:5a:8b:3c:68:20:01:c2:
89:41:85:70:21:74:fe:af:a0:fb:0e:41:52:26:25:ac:ad:37:
6b:1f:88:1b:df:b5:d6:6d:45:77:9b:22:85:08:ce:f8:73:ee:
8f:8c:ff:c6:f0:11:1b:6d:cd:60:c4:7c:a4:de:a7:56:2b:87:
1a:e7:7b:a1:a9:be:c9:46:dd:29:c4:f9:ed:3b:13:72:f2:e9:
2e:64:3c:ac
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzIApxmqOy2N2/wBnNpSKJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEwNGE1OWFmNWZjNjhlN2FjZmY4Y2EzZmUzZTQ0NDg1MzkwNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFWznfY5IMnZeysN2VL3OS1LTdTy
B0nIMLKTMGH7iNVCkq2DwCKVMRa3yW4OTGG1h5Sb26YjkdlNbU1fPeoaufrxJmgj
Lm8W4wn4jOwZQk2Sc3WrgrHJ2w5nKYE56jcSH3KedNDKzwt/GaErD2iKwL6xfhw2
i6Sjt6bjGGdk2wQEpp7Gw5Rpp0kfYceoEDEjGhqy+36C5afaGj1XCRsEE3tOMQ/K
Mi4b5SvYk8fyJ7JA/8aBkvRZROg+/9LsK4fhplNbP6YJmpR+FhcqDGYzIFKoIFZB
Cxes3BhyZuZwIQ4IGl8TbD1gUkMSG2ACBK3+xe33zYm1Wr0GsNWWc/8c7QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPigSlmvX8aOes/4yj/j5ESFOQYYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1LQktXYTlmeG81NnpfaktQLVBrUklVNUJoZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnfUwME
ALnkSDANBgkqhkiG9w0BAQsFAAOCAQEANJJgOrNoMmui9Mo163CS0tiFSt27gGvu
fOZuEkCOJ4RjXm5ZIbd8tdAKwrbd2pGhHJVbuPUHDwMd4isctvIXexnYNv+Boiit
Od7nnjOVYqe6uzb5bwxb7MZh++kM8KVvwO3TxJ4XZhN71uS9BS7Djou4KsPMceqf
8130Rn25FkTrq6MGZ87c+CJfuggR/vpsbr8oA3yYMbFkiDrrJvCtoE3TZuL9vi6B
RWiDGOlaizxoIAHCiUGFcCF0/q+g+w5BUiYlrK03ax+IG9+11m1Fd5sihQjO+HPu
j4z/xvARG23NYMR8pN6nViuHGud7oam+yUbdKcT57TsTcvLpLmQ8rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org