Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CumzY-3CcmmFBYXvSCyRag5yxrE.roa
File: CumzY-3CcmmFBYXvSCyRag5yxrE.roa (raw, json)
Hash identifier: mcIENJZjnwsGP+SHIk+6QFK/91U2WKWlvIlNvu4RE6U=
Subject key identifier: 0A:E9:B3:63:ED:C2:72:69:85:05:85:EF:48:2C:91:6A:0E:72:C6:B1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189E44474879A78957B2CC88BAEC4A08EB0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CumzY-3CcmmFBYXvSCyRag5yxrE.roa
Signing time: Fri 11 Aug 2023 11:03:58 +0000
ROA not before: Fri 11 Aug 2023 11:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 185.222.29.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 12:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:44:74:87:9a:78:95:7b:2c:c8:8b:ae:c4:a0:8e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 11 11:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ae9b363edc27269850585ef482c916a0e72c6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a5:a0:6c:50:e9:7f:b5:2a:e1:c4:85:82:18:
12:66:04:76:20:31:74:fe:b7:7e:6d:7c:e3:d6:05:
e7:fa:57:cd:d6:da:6f:1d:2e:8d:84:f3:88:9d:0b:
45:88:7e:f0:f8:fd:11:f8:61:5f:68:45:0e:6d:38:
8f:8f:6f:08:fb:8d:00:20:5e:fb:2b:75:0c:15:3f:
33:14:ea:74:68:ab:9b:4f:5e:e3:13:91:85:24:1f:
57:12:aa:f1:3e:6e:4a:2b:de:57:5b:9d:44:7c:e7:
ec:af:92:58:93:c4:5b:92:13:e3:00:a0:2b:27:86:
be:22:48:79:6a:02:b8:a9:03:eb:58:eb:3b:cd:ef:
b6:c5:75:35:be:cf:d7:dc:f6:58:88:72:51:51:e0:
f5:a8:4a:af:69:64:1d:12:57:76:01:49:64:53:42:
5f:bc:b5:d7:e8:3b:e9:7f:49:2d:e9:9b:a6:d5:e5:
a0:f6:59:04:f7:db:61:4e:2b:b8:14:55:1d:f6:91:
c8:ce:b9:19:ad:81:79:c8:d2:2f:18:96:6b:e5:f9:
ea:fa:80:a7:e4:ed:b2:bf:b1:d0:8f:7f:a7:f2:84:
88:48:33:79:22:92:6b:c5:f4:71:92:59:fb:fa:92:
f0:5c:5a:a0:14:f9:68:cc:65:5d:35:40:f3:5e:00:
bb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E9:B3:63:ED:C2:72:69:85:05:85:EF:48:2C:91:6A:0E:72:C6:B1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CumzY-3CcmmFBYXvSCyRag5yxrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.249.0/24
185.222.29.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:08:eb:aa:11:63:e0:c1:b0:e1:f7:58:aa:68:02:3a:75:cc:
bb:ad:d2:09:e8:3b:a3:e0:47:26:cd:a4:53:98:a5:4d:e9:f3:
30:fb:b8:4f:44:36:3f:ac:52:13:d9:a8:35:84:4c:a2:d8:36:
56:6b:d9:dd:8c:cf:03:6f:19:2d:38:e6:08:e0:45:25:36:eb:
59:7f:a2:ae:84:26:92:ff:81:b6:59:0d:17:8d:92:32:6b:ab:
9f:c2:b0:a0:99:78:13:0e:db:64:3d:f7:07:a8:4f:a7:17:07:
24:cf:31:52:1f:d2:bd:6f:45:43:ae:0b:fa:5e:5e:5f:72:37:
b4:fe:97:83:5a:cf:0c:7f:22:b3:60:4a:d4:2c:03:56:df:68:
5b:7e:7a:7c:d6:05:8b:21:f4:c2:4b:29:14:66:c8:67:34:05:
ec:d7:35:f7:da:9c:08:eb:b4:57:f5:00:ce:15:75:8d:ab:cb:
1b:7c:e0:78:e8:4c:7c:ff:87:66:95:21:91:43:fc:96:96:bd:
c1:24:9e:5d:52:3e:5c:2e:03:ed:92:90:c6:e2:81:d1:24:12:
2f:60:93:69:c1:9a:96:cb:41:2a:65:89:d5:ab:0c:43:e5:80:
81:a2:a5:c1:28:bb:b9:64:04:e5:54:c8:e9:ea:09:9d:67:9f:
67:ed:5e:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnkRHSHmniVeyzIi67EoI6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODExMTEwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU5YjM2M2VkYzI3MjY5ODUwNTg1ZWY0ODJjOTE2YTBlNzJjNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qWgbFDpf7Uq4cSFghgSZgR2IDF0
/rd+bXzj1gXn+lfN1tpvHS6NhPOInQtFiH7w+P0R+GFfaEUObTiPj28I+40AIF77
K3UMFT8zFOp0aKubT17jE5GFJB9XEqrxPm5KK95XW51EfOfsr5JYk8RbkhPjAKAr
J4a+Ikh5agK4qQPrWOs7ze+2xXU1vs/X3PZYiHJRUeD1qEqvaWQdEld2AUlkU0Jf
vLXX6Dvpf0kt6Zum1eWg9lkE99thTiu4FFUd9pHIzrkZrYF5yNIvGJZr5fnq+oCn
5O2yv7HQj3+n8oSISDN5IpJrxfRxkln7+pLwXFqgFPlozGVdNUDzXgC7SQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFArps2PtwnJphQWF70gskWoOcsaxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ3VtelktM0NjbW1GQllYdlNDeVJhZzV5eHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudz5AwQA
ud4dMA0GCSqGSIb3DQEBCwUAA4IBAQDFCOuqEWPgwbDh91iqaAI6dcy7rdIJ6Duj
4EcmzaRTmKVN6fMw+7hPRDY/rFIT2ag1hEyi2DZWa9ndjM8DbxktOOYI4EUlNutZ
f6KuhCaS/4G2WQ0XjZIya6ufwrCgmXgTDttkPfcHqE+nFwckzzFSH9K9b0VDrgv6
Xl5fcje0/peDWs8MfyKzYErULANW32hbfnp81gWLIfTCSykUZshnNAXs1zX32pwI
67RX9QDOFXWNq8sbfOB46Ex8/4dmlSGRQ/yWlr3BJJ5dUj5cLgPtkpDG4oHRJBIv
YJNpwZqWy0EqZYnVqwxD5YCBoqXBKLu5ZATlVMjp6gmdZ59n7V67
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org