Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4YmKnKe8SMH0id7GGplXUbScxi8.roa
File: 4YmKnKe8SMH0id7GGplXUbScxi8.roa (raw, json)
Hash identifier: MQ5sNCrS1oxpA5ZeiAJmHyOcHPkeJNDS///Jm0G+HxY=
Subject key identifier: E1:89:8A:9C:A7:BC:48:C1:F4:89:DE:C6:1A:99:57:51:B4:9C:C6:2F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AFF0DF35F3315F15A8F971A31E4D371CB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4YmKnKe8SMH0id7GGplXUbScxi8.roa
Signing time: Thu 05 Oct 2023 08:56:58 +0000
ROA not before: Thu 05 Oct 2023 08:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 185.222.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:0d:f3:5f:33:15:f1:5a:8f:97:1a:31:e4:d3:71:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 5 08:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1898a9ca7bc48c1f489dec61a995751b49cc62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b2:c6:e7:d0:fc:4a:2d:3e:4e:40:bc:ee:d0:
2d:3e:98:89:ab:e9:13:ac:90:b1:0f:fc:16:e4:d7:
f1:83:1a:d2:08:56:4c:b8:97:ac:6b:44:46:1c:98:
51:31:dd:6b:e2:2c:92:e1:09:a9:5f:7f:28:f2:cc:
54:a1:60:44:5d:4e:ac:d6:6e:fc:38:8f:8f:62:a3:
ff:d2:33:61:d5:c6:6c:e0:c8:74:25:d5:a9:9c:e1:
57:07:49:e7:53:31:cb:3d:8d:d6:00:1c:52:22:9e:
1d:86:6a:2a:92:6c:d1:e5:20:50:20:89:e5:59:21:
b4:c0:f0:d2:e5:89:fa:7c:4c:9b:84:26:ba:4c:bc:
99:c9:43:62:65:6f:e9:1b:09:06:f8:27:ed:b8:b6:
6f:7c:35:d5:aa:58:fe:a0:7e:88:da:fa:04:98:1f:
7d:67:a3:fc:e2:59:c7:36:c7:dc:45:80:10:3a:a0:
c8:ad:19:ea:75:f8:36:40:b1:c8:08:15:a1:00:86:
e1:99:d4:2b:cc:37:29:ad:25:c9:dd:e9:e8:22:50:
20:49:7c:00:aa:91:81:cc:88:d4:18:ec:1a:48:f9:
d5:5e:aa:eb:05:97:2b:6d:b2:b4:33:d8:26:8b:21:
5a:c8:8b:94:04:a3:1c:63:ad:e7:45:f4:32:e2:22:
c2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:89:8A:9C:A7:BC:48:C1:F4:89:DE:C6:1A:99:57:51:B4:9C:C6:2F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4YmKnKe8SMH0id7GGplXUbScxi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.28.0/24
Signature Algorithm: sha256WithRSAEncryption
87:89:3d:65:fd:69:e9:42:e0:ba:ea:91:7c:fa:df:e8:cb:8f:
39:75:6a:c4:20:c9:2b:a1:e3:63:2a:69:80:82:c6:2e:f7:bc:
84:9f:06:e2:88:6b:9e:bc:a5:2f:6b:39:b7:b1:75:f5:2f:0a:
8b:6e:21:7a:8c:e7:78:3d:7b:53:76:5d:ef:27:16:da:e4:56:
af:c8:7d:d5:15:05:11:64:19:74:86:c6:09:3e:d1:b7:5d:9c:
d3:e7:0f:ad:12:7d:8e:ca:3e:5a:5f:d1:cf:03:50:ee:57:dd:
6a:6c:a8:15:d9:63:36:e2:72:25:bf:43:e3:a2:7f:46:4d:e2:
64:43:55:13:2b:f5:24:a1:87:0c:65:7f:ae:f7:43:2b:be:cc:
69:ce:f2:50:08:b3:6b:09:23:e1:73:5f:88:00:4e:25:00:50:
85:90:ed:e2:21:1d:cf:3b:fa:a6:5b:8b:d1:c1:38:1a:59:34:
dd:23:93:cb:77:19:49:21:87:f8:9b:65:6c:50:47:9d:68:a1:
61:50:25:69:f2:e0:7f:2f:62:4d:59:19:54:90:b6:b9:b4:c2:
1c:e9:1f:56:0b:79:3b:fb:30:e1:b7:cb:33:d0:2d:9a:16:d3:
11:4c:5c:28:21:64:bf:af:4b:42:2f:16:94:fc:40:93:6b:36:
4c:f8:96:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr/DfNfMxXxWo+XGjHk03HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDA1MDg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg5OGE5Y2E3YmM0OGMxZjQ4OWRlYzYxYTk5NTc1MWI0OWNjNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7LG59D8Si0+TkC87tAtPpiJq+kT
rJCxD/wW5NfxgxrSCFZMuJesa0RGHJhRMd1r4iyS4QmpX38o8sxUoWBEXU6s1m78
OI+PYqP/0jNh1cZs4Mh0JdWpnOFXB0nnUzHLPY3WABxSIp4dhmoqkmzR5SBQIInl
WSG0wPDS5Yn6fEybhCa6TLyZyUNiZW/pGwkG+CftuLZvfDXVqlj+oH6I2voEmB99
Z6P84lnHNsfcRYAQOqDIrRnqdfg2QLHICBWhAIbhmdQrzDcprSXJ3enoIlAgSXwA
qpGBzIjUGOwaSPnVXqrrBZcrbbK0M9gmiyFayIuUBKMcY63nRfQy4iLCxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGJipynvEjB9InexhqZV1G0nMYvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNFltS25LZThTTUgwaWQ3R0dwbFhVYlNjeGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4cMA0G
CSqGSIb3DQEBCwUAA4IBAQCHiT1l/WnpQuC66pF8+t/oy485dWrEIMkroeNjKmmA
gsYu97yEnwbiiGuevKUvazm3sXX1LwqLbiF6jOd4PXtTdl3vJxba5FavyH3VFQUR
ZBl0hsYJPtG3XZzT5w+tEn2Oyj5aX9HPA1DuV91qbKgV2WM24nIlv0Pjon9GTeJk
Q1UTK/UkoYcMZX+u90MrvsxpzvJQCLNrCSPhc1+IAE4lAFCFkO3iIR3PO/qmW4vR
wTgaWTTdI5PLdxlJIYf4m2VsUEedaKFhUCVp8uB/L2JNWRlUkLa5tMIc6R9WC3k7
+zDht8sz0C2aFtMRTFwoIWS/r0tCLxaU/ECTazZM+Jbr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org