Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z63zKFjsHzO9PfmuTN8cMGXfFb4.roa
File: Z63zKFjsHzO9PfmuTN8cMGXfFb4.roa (raw, json)
Hash identifier: myNmwqNXDrlaVHfGPdi6YCz6qFbhJf4lpAWc0itoUkw=
Subject key identifier: 67:AD:F3:28:58:EC:1F:33:BD:3D:F9:AE:4C:DF:1C:30:65:DF:15:BE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A4341E06EBFA42DB6DFCD6376827B511B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z63zKFjsHzO9PfmuTN8cMGXfFb4.roa
Signing time: Tue 29 Aug 2023 21:45:05 +0000
ROA not before: Tue 29 Aug 2023 21:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399073
IP address blocks: 185.222.30.0/23 maxlen: 24
185.220.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 15:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:43:41:e0:6e:bf:a4:2d:b6:df:cd:63:76:82:7b:51:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 29 21:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67adf32858ec1f33bd3df9ae4cdf1c3065df15be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:39:06:2f:94:88:1d:bc:2e:b5:90:96:9b:ce:
d1:cf:cc:a9:3d:29:c0:d4:23:79:d7:c3:95:4c:ec:
d7:a1:1b:ef:42:91:2e:c3:62:a5:5c:87:d2:07:31:
02:9e:52:e3:9e:fb:79:aa:25:1c:87:7c:6a:cb:c5:
2d:7d:a4:8d:47:f3:a5:fb:71:33:db:a0:57:cc:63:
47:ac:41:1f:a0:82:83:38:15:16:b9:92:14:ff:b1:
1d:b7:1c:af:0d:aa:87:c4:7b:fa:d4:f8:b8:54:cf:
99:ce:d9:83:b4:5a:ce:f7:e8:de:e9:92:a7:59:10:
fd:30:b4:01:15:53:ce:6c:7a:a1:1b:fc:21:64:3b:
4d:89:14:cb:d3:65:cf:07:da:bf:17:47:d8:3a:9d:
47:5e:ea:d5:e1:fc:b3:1c:43:1c:76:19:2d:b5:66:
15:54:41:46:fa:81:a5:f7:ec:e2:52:9f:0b:37:af:
40:72:73:e5:bc:77:73:39:38:4e:e8:a2:86:bb:38:
6f:5d:44:94:5d:01:d5:bc:5a:82:63:7a:4b:24:e8:
50:f1:fd:54:29:09:99:9c:1f:9c:c4:e5:b1:be:88:
2e:bd:f2:7a:10:71:37:6d:f1:6f:95:52:65:5a:95:
80:a8:e5:4a:43:1d:58:93:ba:85:67:66:48:53:f2:
fc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AD:F3:28:58:EC:1F:33:BD:3D:F9:AE:4C:DF:1C:30:65:DF:15:BE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Z63zKFjsHzO9PfmuTN8cMGXfFb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.250.0/23
185.222.30.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:10:29:d1:c8:84:ae:23:17:7a:b1:bb:50:18:6a:0d:c1:e4:
ee:25:f8:f3:28:d7:8c:14:db:31:e2:6a:e2:5b:15:40:f8:a7:
62:63:b8:34:26:28:42:7c:13:e6:ef:27:59:d0:92:42:a5:b9:
be:7d:7f:7e:19:5f:a9:4f:e6:89:b7:87:9c:3d:e4:49:17:22:
f4:67:9d:11:03:29:dd:ab:16:95:f2:32:8e:46:d4:60:7f:a7:
eb:be:bd:5a:ae:c5:a4:83:2c:26:20:9e:83:63:7e:51:86:5a:
fa:a4:9b:17:b2:32:d2:4d:aa:f9:d7:29:ab:ae:ba:4c:77:3d:
b6:85:97:43:e0:a5:0a:c1:75:2a:da:91:f1:ed:2c:a7:79:ef:
20:32:d9:cb:e6:e1:49:0a:f2:f9:fa:5b:e9:e9:ba:57:ab:01:
f1:cf:f7:83:90:d9:c4:e0:6f:07:22:52:12:5a:fd:4e:7b:93:
7d:bf:52:9a:bf:d8:fb:21:a8:07:99:e9:4f:f4:b3:bf:87:69:
83:12:a2:7e:14:4b:3b:f5:7e:da:d5:a2:98:32:12:c2:0c:65:
cf:e8:b7:94:ca:28:0c:e0:db:de:e1:07:8b:28:b0:81:1c:5d:
89:9b:73:f5:f9:60:43:52:67:8d:11:9d:a3:8b:e0:46:bd:8f:
e5:d3:83:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpDQeBuv6Qttt/NY3aCe1EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODI5MjE0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2FkZjMyODU4ZWMxZjMzYmQzZGY5YWU0Y2RmMWMzMDY1ZGYxNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDkGL5SIHbwutZCWm87Rz8ypPSnA
1CN518OVTOzXoRvvQpEuw2KlXIfSBzECnlLjnvt5qiUch3xqy8UtfaSNR/Ol+3Ez
26BXzGNHrEEfoIKDOBUWuZIU/7EdtxyvDaqHxHv61Pi4VM+ZztmDtFrO9+je6ZKn
WRD9MLQBFVPObHqhG/whZDtNiRTL02XPB9q/F0fYOp1HXurV4fyzHEMcdhkttWYV
VEFG+oGl9+ziUp8LN69AcnPlvHdzOThO6KKGuzhvXUSUXQHVvFqCY3pLJOhQ8f1U
KQmZnB+cxOWxvoguvfJ6EHE3bfFvlVJlWpWAqOVKQx1Yk7qFZ2ZIU/L8GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGet8yhY7B8zvT35rkzfHDBl3xW+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWjYzektGanNIek85UGZtdVROOGNNR1hmRmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBudz6AwQB
ud4eMA0GCSqGSIb3DQEBCwUAA4IBAQDBECnRyISuIxd6sbtQGGoNweTuJfjzKNeM
FNsx4mriWxVA+KdiY7g0JihCfBPm7ydZ0JJCpbm+fX9+GV+pT+aJt4ecPeRJFyL0
Z50RAyndqxaV8jKORtRgf6frvr1arsWkgywmIJ6DY35Rhlr6pJsXsjLSTar51ymr
rrpMdz22hZdD4KUKwXUq2pHx7Synee8gMtnL5uFJCvL5+lvp6bpXqwHxz/eDkNnE
4G8HIlISWv1Oe5N9v1Kav9j7IagHmelP9LO/h2mDEqJ+FEs79X7a1aKYMhLCDGXP
6LeUyigM4Nve4QeLKLCBHF2Jm3P1+WBDUmeNEZ2ji+BGvY/l04MK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org