Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/KNz8lQD-IyjmW-xSUiBvP06UN58.roa
File: KNz8lQD-IyjmW-xSUiBvP06UN58.roa (raw, json)
Hash identifier: 7mDZEWdenK3RQr1UDHQE6JkvD22aZu7QA/WBI/QANZk=
Subject key identifier: 28:DC:FC:95:00:FE:23:28:E6:5B:EC:52:52:20:6F:3F:4E:94:37:9F
Certificate issuer: /CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Certificate serial: 01857142DE8926309B4A462749CC00D7082F
Authority key identifier: 5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/KNz8lQD-IyjmW-xSUiBvP06UN58.roa
Signing time: Mon 02 Jan 2023 06:54:45 +0000
ROA not before: Mon 02 Jan 2023 06:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57860
IP address blocks: 185.129.60.0/22 maxlen: 24
2a06:d380::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 03 Nov 2023 15:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:de:89:26:30:9b:4a:46:27:49:cc:00:d7:08:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd23c7ac6e682fbc53be1a0e9318f6ccae7193d
Validity
Not Before: Jan 2 06:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28dcfc9500fe2328e65bec5252206f3f4e94379f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e0:64:b0:74:46:9a:42:86:c0:8d:b6:0a:5d:
cf:af:f8:06:6c:7e:a5:d5:83:a6:90:85:01:b3:8d:
b0:3e:70:35:77:0b:82:3b:bb:74:52:bb:69:fc:be:
85:b5:49:9b:46:a6:86:25:a1:d4:d6:a1:d5:7a:62:
6f:93:45:b9:74:cd:7f:eb:dc:fa:39:c7:26:28:78:
d8:55:02:08:da:d8:cd:a2:59:71:ac:df:fd:92:95:
91:7b:2b:03:4c:6f:5d:8c:b8:fa:79:bc:76:f2:55:
d7:73:62:9a:bb:6d:b2:f2:27:ae:40:17:12:f5:65:
11:da:5d:5b:1c:10:54:eb:8f:5f:3b:35:b1:4e:d8:
cd:56:95:4e:64:f0:5e:3d:3e:64:e2:3f:5b:67:5f:
04:66:86:77:c5:2a:39:ee:f7:4b:c1:bb:fb:b9:de:
97:27:07:bd:02:e5:a7:2f:46:d4:e1:7f:d6:9d:4e:
de:77:98:54:c1:81:86:62:db:d8:69:60:fa:03:92:
bf:48:61:a7:35:49:23:c3:f7:50:2e:02:8e:9e:e8:
79:8c:0d:8f:28:d4:35:d5:a8:93:1a:11:1a:60:12:
f9:cf:b3:25:df:f9:ec:78:6c:aa:4f:6e:45:c5:1e:
27:cb:80:bd:6c:20:03:8c:de:ea:70:e3:fa:e1:98:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DC:FC:95:00:FE:23:28:E6:5B:EC:52:52:20:6F:3F:4E:94:37:9F
X509v3 Authority Key Identifier:
keyid:5D:D2:3C:7A:C6:E6:82:FB:C5:3B:E1:A0:E9:31:8F:6C:CA:E7:19:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdI8esbmgvvFO-Gg6TGPbMrnGT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/KNz8lQD-IyjmW-xSUiBvP06UN58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a42e9c-d92d-4b20-a5eb-ebe2332caf1c/1/XdI8esbmgvvFO-Gg6TGPbMrnGT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.60.0/22
IPv6:
2a06:d380::/29
Signature Algorithm: sha256WithRSAEncryption
03:2e:89:3d:b2:c8:3e:6f:b1:6b:f7:46:8c:ca:5d:39:92:fe:
5f:d3:a8:e3:a4:99:b5:c1:a1:44:76:9c:5a:2f:53:ab:5e:b9:
7e:93:37:0b:9a:70:51:43:d6:89:83:24:46:b4:f7:e9:e0:a6:
86:bc:b7:ac:79:f8:4c:02:1b:3f:ad:73:ac:a3:ef:8a:b3:b0:
a9:ae:d4:8f:0f:f6:90:72:c4:76:4b:99:e5:11:36:8b:59:b9:
a3:76:01:65:b9:f1:69:bc:42:0d:c5:3e:ac:e1:0c:f4:20:f2:
d8:d0:a3:95:5b:58:12:8c:96:1d:b9:99:40:10:08:5d:63:a1:
aa:5b:bc:cb:3e:e7:c3:af:5e:95:c1:41:8b:4f:99:06:12:42:
7f:55:76:0a:99:f8:6d:c2:f6:b8:57:ee:26:e9:b2:f3:97:7f:
f1:05:ee:ad:ee:0e:ab:29:41:77:4c:32:45:f6:7b:29:d2:2d:
cf:e9:ed:d6:19:8f:3b:29:86:ec:ae:0c:b8:90:0e:1c:77:3e:
ee:79:78:cb:a0:77:ac:02:90:8d:3b:10:34:17:46:a4:f1:82:
6f:ef:54:14:1f:d2:9e:d3:f7:51:11:fa:b0:ed:eb:f0:de:5f:
5d:5d:11:bf:a5:7c:cc:8f:2f:43:d1:06:c6:75:87:ef:b7:4e:
31:55:69:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxQt6JJjCbSkYnScwA1wgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDIzYzdhYzZlNjgyZmJjNTNiZTFhMGU5MzE4ZjZjY2Fl
NzE5M2QwHhcNMjMwMTAyMDY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRjZmM5NTAwZmUyMzI4ZTY1YmVjNTI1MjIwNmYzZjRlOTQzNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+BksHRGmkKGwI22Cl3Pr/gGbH6l
1YOmkIUBs42wPnA1dwuCO7t0Urtp/L6FtUmbRqaGJaHU1qHVemJvk0W5dM1/69z6
OccmKHjYVQII2tjNollxrN/9kpWReysDTG9djLj6ebx28lXXc2Kau22y8ieuQBcS
9WUR2l1bHBBU649fOzWxTtjNVpVOZPBePT5k4j9bZ18EZoZ3xSo57vdLwbv7ud6X
Jwe9AuWnL0bU4X/WnU7ed5hUwYGGYtvYaWD6A5K/SGGnNUkjw/dQLgKOnuh5jA2P
KNQ11aiTGhEaYBL5z7Ml3/nseGyqT25FxR4ny4C9bCADjN7qcOP64Zj7OQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCjc/JUA/iMo5lvsUlIgbz9OlDefMB8GA1UdIwQY
MBaAFF3SPHrG5oL7xTvhoOkxj2zK5xk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRJOGVzYm1ndnZGTy1HZzZUR1BiTXJuR1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hNDJlOWMtZDkyZC00YjIwLWE1ZWIt
ZWJlMjMzMmNhZjFjLzEvS056OGxRRC1JeWptVy14U1VpQnZQMDZVTjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hNDJlOWMtZDkyZC00YjIwLWE1ZWItZWJlMjMzMmNhZjFj
LzEvWGRJOGVzYm1ndnZGTy1HZzZUR1BiTXJuR1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYE8MA0E
AgACMAcDBQMqBtOAMA0GCSqGSIb3DQEBCwUAA4IBAQADLok9ssg+b7Fr90aMyl05
kv5f06jjpJm1waFEdpxaL1OrXrl+kzcLmnBRQ9aJgyRGtPfp4KaGvLesefhMAhs/
rXOso++Ks7CprtSPD/aQcsR2S5nlETaLWbmjdgFlufFpvEINxT6s4Qz0IPLY0KOV
W1gSjJYduZlAEAhdY6GqW7zLPufDr16VwUGLT5kGEkJ/VXYKmfhtwva4V+4m6bLz
l3/xBe6t7g6rKUF3TDJF9nsp0i3P6e3WGY87KYbsrgy4kA4cdz7ueXjLoHesApCN
OxA0F0ak8YJv71QUH9Ke0/dREfqw7evw3l9dXRG/pXzMjy9D0QbGdYfvt04xVWne
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:31 2024 by rpki-client on console-ams.rpki-client.org