Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IC622LzoZKipyTixBmrcENmh5S8.roa
File: IC622LzoZKipyTixBmrcENmh5S8.roa (raw, json)
Hash identifier: ppYligUJc59Eyrb2uoq27uZ/Ay19dIqo3H1fT5Kw4BM=
Subject key identifier: 20:2E:B6:D8:BC:E8:64:A8:A9:C9:38:B1:06:6A:DC:10:D9:A1:E5:2F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B6154E857915341865FEDC6054D44E355
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IC622LzoZKipyTixBmrcENmh5S8.roa
Signing time: Tue 24 Oct 2023 10:57:16 +0000
ROA not before: Tue 24 Oct 2023 10:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212861
IP address blocks: 185.105.12.0/22 maxlen: 24
185.197.216.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:54:e8:57:91:53:41:86:5f:ed:c6:05:4d:44:e3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 24 10:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=202eb6d8bce864a8a9c938b1066adc10d9a1e52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:4b:eb:8e:d4:1a:1e:a9:be:41:b7:00:8a:
dd:4e:26:9b:d1:d2:c1:ec:21:1c:19:07:2a:20:4f:
bc:30:2c:6c:d6:61:3f:35:6d:3b:e8:ba:c7:3b:bf:
af:8b:8d:df:e6:52:34:a6:be:66:41:14:b5:47:3a:
c9:3e:05:6a:90:8d:1d:9c:37:26:13:60:89:08:21:
7d:d8:1b:7b:be:d5:ec:78:da:d7:e8:95:82:2f:0a:
d0:3a:cd:ad:90:ad:13:80:e1:02:00:57:53:cf:63:
28:75:95:bc:80:b2:12:93:de:dd:52:ac:a0:d7:ce:
21:45:06:2d:e5:f1:9f:2b:83:e6:0e:61:be:1b:69:
e2:e7:e1:26:62:df:03:25:46:af:0f:f8:0a:5e:31:
4c:2d:44:00:ea:67:b3:4a:17:53:aa:1f:05:65:17:
67:dd:31:57:75:cc:0e:d4:d1:bb:20:bf:64:56:e4:
fc:01:60:86:fe:78:29:30:01:05:12:6d:6d:23:ee:
ca:ff:a4:9e:f5:4b:98:c8:d7:06:29:7d:37:26:5f:
96:06:e4:14:68:6f:c6:90:ca:a7:b0:40:4f:24:95:
03:57:8c:42:dd:67:77:77:d0:58:f4:fe:23:37:19:
c3:9c:85:5c:9f:ed:14:cc:fe:22:33:04:66:ef:d9:
ef:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2E:B6:D8:BC:E8:64:A8:A9:C9:38:B1:06:6A:DC:10:D9:A1:E5:2F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IC622LzoZKipyTixBmrcENmh5S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.12.0/22
185.163.232.0/22
185.197.216.0/22
185.222.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:52:c7:f5:f3:20:6e:83:13:1a:05:d1:a5:c9:a5:60:61:08:
f1:53:6b:e7:49:f5:7d:73:bd:99:70:9d:04:c6:d2:bc:84:42:
0a:39:42:89:99:4a:3b:27:bf:16:b1:a5:2e:1b:69:32:48:e3:
3c:12:1c:2e:a7:8c:15:f3:76:ab:3e:b3:b9:12:3d:f9:0d:8c:
bc:c8:ce:c1:95:db:33:1a:c9:07:da:a2:23:88:4e:51:a4:98:
74:21:f7:8c:e0:f3:84:63:1a:b9:3a:4b:8e:7a:d2:b7:84:38:
3e:56:fe:88:c1:d1:18:e4:04:63:ae:71:c1:dd:75:95:71:82:
a6:70:6c:27:0d:60:c9:93:97:bc:a3:b5:b7:ce:65:1a:49:39:
45:17:cc:0e:77:ac:ab:ec:eb:b2:cf:18:24:61:d2:81:c6:b5:
5b:ee:c4:10:9a:ee:de:b9:d6:68:74:15:bb:e0:bf:dc:f2:0f:
1b:8e:b8:5a:1c:64:17:45:be:1e:d2:4d:75:0d:f2:f9:84:8f:
c5:6b:fd:c4:12:e8:2e:8a:f0:6c:c9:0d:ae:d9:67:0b:34:fc:
dd:92:3f:95:29:d2:24:21:4f:29:41:1f:9d:fe:31:c4:40:3b:
71:1d:25:f2:cb:c1:53:66:5d:b0:14:9d:bc:3b:7c:b8:7f:64:
dc:57:c9:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYthVOhXkVNBhl/txgVNRONVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI0MTA1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJlYjZkOGJjZTg2NGE4YTljOTM4YjEwNjZhZGMxMGQ5YTFlNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlElL647UGh6pvkG3AIrdTiab0dLB
7CEcGQcqIE+8MCxs1mE/NW076LrHO7+vi43f5lI0pr5mQRS1RzrJPgVqkI0dnDcm
E2CJCCF92Bt7vtXseNrX6JWCLwrQOs2tkK0TgOECAFdTz2ModZW8gLISk97dUqyg
184hRQYt5fGfK4PmDmG+G2ni5+EmYt8DJUavD/gKXjFMLUQA6mezShdTqh8FZRdn
3TFXdcwO1NG7IL9kVuT8AWCG/ngpMAEFEm1tI+7K/6Se9UuYyNcGKX03Jl+WBuQU
aG/GkMqnsEBPJJUDV4xC3Wd3d9BY9P4jNxnDnIVcn+0UzP4iMwRm79nvCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCAutti86GSoqck4sQZq3BDZoeUvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSUM2MjJMem9aS2lweVRpeEJtcmNFTm1oNVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuWkMAwQC
uaPoAwQCucXYAwQCud68MA0GCSqGSIb3DQEBCwUAA4IBAQBuUsf18yBugxMaBdGl
yaVgYQjxU2vnSfV9c72ZcJ0ExtK8hEIKOUKJmUo7J78WsaUuG2kySOM8Ehwup4wV
83arPrO5Ej35DYy8yM7BldszGskH2qIjiE5RpJh0IfeM4POEYxq5OkuOetK3hDg+
Vv6IwdEY5ARjrnHB3XWVcYKmcGwnDWDJk5e8o7W3zmUaSTlFF8wOd6yr7Ouyzxgk
YdKBxrVb7sQQmu7eudZodBW74L/c8g8bjrhaHGQXRb4e0k11DfL5hI/Fa/3EEugu
ivBsyQ2u2WcLNPzdkj+VKdIkIU8pQR+d/jHEQDtxHSXyy8FTZl2wFJ28O3y4f2Tc
V8mz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org