Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/m04NWf1Fq19FAl0MsU0bLnekaKg.roa
File: m04NWf1Fq19FAl0MsU0bLnekaKg.roa (raw, json)
Hash identifier: 61D1EUQSsldLFDB1plvH1x6mUN6E8O0KJONaYBklDvs=
Subject key identifier: 9B:4E:0D:59:FD:45:AB:5F:45:02:5D:0C:B1:4D:1B:2E:77:A4:68:A8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F62253684AE2AE0E962A12BA72AD04A1E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/m04NWf1Fq19FAl0MsU0bLnekaKg.roa
Signing time: Fri 10 May 2024 10:55:57 +0000
ROA not before: Fri 10 May 2024 10:55:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49600
IP address blocks: 92.60.35.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.230.54.0/23 maxlen: 23
185.230.55.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
193.37.64.0/24 maxlen: 24
193.37.65.0/24 maxlen: 24
194.35.41.0/24 maxlen: 24
194.35.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 10:28:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:25:36:84:ae:2a:e0:e9:62:a1:2b:a7:2a:d0:4a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 10 10:55:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b4e0d59fd45ab5f45025d0cb14d1b2e77a468a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:27:b2:f0:1a:3d:f0:ef:ca:03:54:7e:33:27:
36:66:46:fe:0e:05:33:9e:c8:d9:6f:00:70:8c:c6:
8c:1f:0c:b1:5f:35:b5:31:83:d0:07:3a:72:e2:a1:
98:2e:67:41:f2:c8:ec:28:4a:7d:84:af:d9:3f:df:
bb:14:7a:99:87:c6:2c:d6:80:a3:ce:2e:6f:85:92:
fb:d7:a1:df:2b:34:60:07:fc:7e:57:09:9d:1c:bf:
ee:cb:37:e4:4a:a3:97:ed:c5:b8:7e:c6:81:6f:ed:
00:12:b7:89:0f:e0:de:8e:65:88:68:9b:73:5b:0a:
f4:f1:12:e4:02:4c:8d:e2:d1:57:01:62:ac:f7:63:
c1:32:cd:41:f5:85:08:a6:d6:4c:52:6c:ad:de:96:
1b:cd:80:3e:c4:98:dd:b5:1d:03:bb:f7:c9:8c:97:
27:4b:3a:45:17:4d:c0:a7:68:fe:5e:92:6f:0b:36:
c6:a1:fb:51:bf:47:bd:bd:91:a5:ba:53:f2:bb:a0:
0a:a9:cc:d5:12:95:7e:48:11:cb:0a:56:cc:7c:33:
ee:88:a6:fa:b7:10:0c:07:10:48:89:de:b1:79:d5:
dd:fe:06:6f:21:15:50:d5:74:2f:58:9d:5a:b0:b2:
ef:89:64:b5:56:dc:cf:cf:df:1a:14:0d:42:34:e5:
78:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4E:0D:59:FD:45:AB:5F:45:02:5D:0C:B1:4D:1B:2E:77:A4:68:A8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/m04NWf1Fq19FAl0MsU0bLnekaKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.35.0/24
185.196.43.0/24
185.230.54.0/23
193.17.183.0/24
193.37.64.0/23
194.35.41.0-194.35.42.255
Signature Algorithm: sha256WithRSAEncryption
68:41:6a:ff:ef:fa:d4:cc:c5:1f:da:7f:66:06:03:82:d4:3b:
0a:89:6d:d8:9f:fe:55:86:0f:fe:24:1a:cc:dd:9a:7a:72:59:
d3:c7:0d:d6:c7:ca:d4:c3:79:56:8f:ff:f6:a6:33:a0:82:66:
f9:9b:b6:6e:5c:78:79:ed:d4:e2:6b:8d:72:6b:5f:e6:55:ec:
06:c8:a7:23:c4:35:80:97:b9:99:e2:4a:bb:12:37:1c:bc:33:
b1:43:db:28:2e:b3:c3:92:a4:27:48:75:f4:36:fd:70:6f:a9:
e7:0d:24:b7:d6:9d:2f:ad:3e:94:06:35:cf:cc:4d:a8:35:00:
ab:b5:33:fb:69:be:40:96:38:a2:b1:a9:9e:58:10:a7:a8:af:
26:d1:05:22:2d:54:79:d9:6a:6b:a1:51:5c:b3:aa:ac:0f:c5:
f5:4a:de:24:36:3a:9b:fc:48:bb:f3:e1:0d:0f:17:f0:82:38:
e9:de:8a:1b:85:cf:45:36:fc:2c:d5:7a:58:3d:2f:9a:37:a2:
c3:77:77:ae:c8:de:ae:cd:f0:f1:10:fe:d0:30:5d:3d:0d:ef:
7e:55:bb:47:b9:39:44:28:52:1c:da:d3:96:58:70:eb:09:aa:
31:73:f2:a1:b9:a1:73:38:8c:a6:56:a5:6c:25:93:2d:c6:87:
f1:5b:b9:75
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY9iJTaErirg6WKhK6cq0EoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNTEwMTA1NTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjRlMGQ1OWZkNDVhYjVmNDUwMjVkMGNiMTRkMWIyZTc3YTQ2OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCey8Bo98O/KA1R+Myc2Zkb+DgUz
nsjZbwBwjMaMHwyxXzW1MYPQBzpy4qGYLmdB8sjsKEp9hK/ZP9+7FHqZh8Ys1oCj
zi5vhZL716HfKzRgB/x+VwmdHL/uyzfkSqOX7cW4fsaBb+0AEreJD+DejmWIaJtz
Wwr08RLkAkyN4tFXAWKs92PBMs1B9YUIptZMUmyt3pYbzYA+xJjdtR0Du/fJjJcn
SzpFF03Ap2j+XpJvCzbGoftRv0e9vZGlulPyu6AKqczVEpV+SBHLClbMfDPuiKb6
txAMBxBIid6xedXd/gZvIRVQ1XQvWJ1asLLviWS1VtzPz98aFA1CNOV4LwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJtODVn9RatfRQJdDLFNGy53pGioMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbTA0TldmMUZxMTlGQWwwTXNVMGJMbmVrYUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAXDwjAwQA
ucQrAwQBueY2AwQAwRG3AwQBwSVAMAwDBADCIykDBADCIyowDQYJKoZIhvcNAQEL
BQADggEBAGhBav/v+tTMxR/af2YGA4LUOwqJbdif/lWGD/4kGszdmnpyWdPHDdbH
ytTDeVaP//amM6CCZvmbtm5ceHnt1OJrjXJrX+ZV7AbIpyPENYCXuZniSrsSNxy8
M7FD2ygus8OSpCdIdfQ2/XBvqecNJLfWnS+tPpQGNc/MTag1AKu1M/tpvkCWOKKx
qZ5YEKeorybRBSItVHnZamuhUVyzqqwPxfVK3iQ2Opv8SLvz4Q0PF/CCOOneihuF
z0U2/CzVelg9L5o3osN3d67I3q7N8PEQ/tAwXT0N735Vu0e5OUQoUhza05ZYcOsJ
qjFz8qG5oXM4jKZWpWwlky3Gh/FbuXU=
-----END CERTIFICATE-----
Generated at Mon Oct 28 14:24:43 2024 by rpki-client on console-ams.rpki-client.org