Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z65MP-txPubnmbFdrL5kPYzUhXY.roa
File: z65MP-txPubnmbFdrL5kPYzUhXY.roa (raw, json)
Hash identifier: UXzOLSiJLDbJ/5doMCDqEpSwTTBO+3IrgIvIFr7PuL8=
Subject key identifier: CF:AE:4C:3F:EB:71:3E:E6:E7:99:B1:5D:AC:BE:64:3D:8C:D4:85:76
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AC6CD4B8954EDC4535DBA104F90C2E122
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z65MP-txPubnmbFdrL5kPYzUhXY.roa
Signing time: Sun 24 Sep 2023 10:47:37 +0000
ROA not before: Sun 24 Sep 2023 10:47:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.222.29.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Nov 2023 21:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:cd:4b:89:54:ed:c4:53:5d:ba:10:4f:90:c2:e1:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 24 10:47:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfae4c3feb713ee6e799b15dacbe643d8cd48576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f7:65:1c:e8:59:bc:7f:a9:ed:32:23:24:b4:
67:f8:8c:0a:e0:bd:bb:75:c2:52:e6:74:2d:e4:86:
01:bc:e0:69:09:4f:ba:67:9e:33:30:86:d5:13:f6:
b9:91:3e:36:38:b0:26:e3:9a:b7:0d:0e:f9:32:9a:
66:91:d7:6e:aa:24:8c:ca:8e:8e:f4:96:a5:f5:2e:
ea:d4:33:23:0c:4c:f2:50:cb:00:18:be:33:b6:55:
19:62:5a:55:70:4c:d3:c7:66:05:4c:40:16:0a:72:
e8:f6:ff:b3:ba:b1:48:ee:e3:e4:2f:bd:0f:65:6f:
7c:35:36:d1:e6:cf:5b:ff:99:f2:a7:e9:d4:7c:ea:
f2:f0:a5:7f:5d:49:f4:01:56:0c:5b:20:da:24:ec:
24:72:6a:1e:a7:7d:be:ef:c1:4a:fe:ab:04:fa:cc:
31:82:1d:4d:40:8d:b1:0a:54:25:ae:cf:78:7f:69:
62:0d:62:4c:0c:c6:a7:66:69:5b:87:2f:a8:5d:98:
3c:b1:c5:cc:8e:f1:50:58:3f:e6:fd:f7:be:68:f8:
ee:d4:d4:eb:aa:28:43:49:b7:d9:e2:8b:f3:16:36:
15:94:17:49:e5:9f:c5:dc:e3:ee:d2:6d:9d:7e:11:
f8:29:bf:56:9d:68:d3:de:40:f3:be:25:84:a3:f3:
96:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AE:4C:3F:EB:71:3E:E6:E7:99:B1:5D:AC:BE:64:3D:8C:D4:85:76
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/z65MP-txPubnmbFdrL5kPYzUhXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.73.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:66:35:0d:69:2e:aa:e6:d1:fa:04:dd:22:fb:8a:33:38:25:
cd:08:fc:61:24:fe:b7:d1:49:9a:ae:d7:ed:79:18:d2:e0:ef:
6d:7d:7a:0e:97:8f:28:0c:bb:de:73:8b:37:e8:11:4d:c1:a1:
e7:b5:40:c4:ac:c9:6b:7b:7c:6a:c6:8c:78:53:0a:0c:ac:0b:
dc:25:7d:ad:2a:e4:5d:af:96:47:64:d5:ce:9b:79:04:a7:b9:
c2:0a:53:8f:74:53:4d:fc:3d:09:c9:7a:22:f1:ea:01:e3:7b:
db:23:d9:35:96:9b:80:3d:f6:05:19:64:e2:74:7a:5a:f7:69:
1a:76:5d:17:32:27:ff:bb:18:85:d0:7c:c8:17:f7:8a:b8:b1:
bf:1d:4b:37:b4:9a:08:8a:62:fa:5f:96:03:d9:9d:77:ae:03:
65:d0:0b:b4:6c:be:68:bd:cc:1f:bd:22:e2:1d:9f:ac:6c:e1:
75:23:82:9c:c3:29:e1:de:ee:a7:d3:d9:dd:dd:a3:6b:a4:a9:
6b:bd:36:23:2e:80:c6:84:98:6e:4b:01:9a:6f:8d:a8:c8:6c:
ad:36:a0:63:23:5c:01:a9:c8:56:1e:c2:5d:27:b3:53:e0:44:
68:ce:46:4e:9f:03:68:5b:43:1a:8a:6e:d2:a9:a6:8e:1d:b8:
35:55:40:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrGzUuJVO3EU126EE+QwuEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTI0MTA0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFlNGMzZmViNzEzZWU2ZTc5OWIxNWRhY2JlNjQzZDhjZDQ4NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/dlHOhZvH+p7TIjJLRn+IwK4L27
dcJS5nQt5IYBvOBpCU+6Z54zMIbVE/a5kT42OLAm45q3DQ75MppmkdduqiSMyo6O
9Jal9S7q1DMjDEzyUMsAGL4ztlUZYlpVcEzTx2YFTEAWCnLo9v+zurFI7uPkL70P
ZW98NTbR5s9b/5nyp+nUfOry8KV/XUn0AVYMWyDaJOwkcmoep32+78FK/qsE+swx
gh1NQI2xClQlrs94f2liDWJMDManZmlbhy+oXZg8scXMjvFQWD/m/fe+aPju1NTr
qihDSbfZ4ovzFjYVlBdJ5Z/F3OPu0m2dfhH4Kb9WnWjT3kDzviWEo/OWSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM+uTD/rcT7m55mxXay+ZD2M1IV2MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvejY1TVAtdHhQdWJubWJGZHJMNWtQWXpVaFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAucKxAwQA
udFJAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQALZjUNaS6q
5tH6BN0i+4ozOCXNCPxhJP630UmartfteRjS4O9tfXoOl48oDLvec4s36BFNwaHn
tUDErMlre3xqxox4UwoMrAvcJX2tKuRdr5ZHZNXOm3kEp7nCClOPdFNN/D0JyXoi
8eoB43vbI9k1lpuAPfYFGWTidHpa92kadl0XMif/uxiF0HzIF/eKuLG/HUs3tJoI
imL6X5YD2Z13rgNl0Au0bL5ovcwfvSLiHZ+sbOF1I4Kcwynh3u6n09nd3aNrpKlr
vTYjLoDGhJhuSwGab42oyGytNqBjI1wBqchWHsJdJ7NT4ERozkZOnwNoW0Maim7S
qaaOHbg1VUAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org