Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/s3CFUQOb3guYnm-4e8SZ8VcjTcQ.roa
File: s3CFUQOb3guYnm-4e8SZ8VcjTcQ.roa (raw, json)
Hash identifier: icK8ke/uhygqHkQVORh60TXuhh+SWMbupQ3QwI5piK8=
Subject key identifier: B3:70:85:51:03:9B:DE:0B:98:9E:6F:B8:7B:C4:99:F1:57:23:4D:C4
Certificate issuer: /CN=6d6d1f110f595c635ccbe9fbb3090dbb5fcfbd6e
Certificate serial: 0185707066C4672C793B3AA03A428DC73A27
Authority key identifier: 6D:6D:1F:11:0F:59:5C:63:5C:CB:E9:FB:B3:09:0D:BB:5F:CF:BD:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/s3CFUQOb3guYnm-4e8SZ8VcjTcQ.roa
Signing time: Mon 02 Jan 2023 03:04:52 +0000
ROA not before: Mon 02 Jan 2023 03:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211906
IP address blocks: 185.235.60.0/24 maxlen: 24
2a0c:8cc0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:66:c4:67:2c:79:3b:3a:a0:3a:42:8d:c7:3a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6d1f110f595c635ccbe9fbb3090dbb5fcfbd6e
Validity
Not Before: Jan 2 03:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3708551039bde0b989e6fb87bc499f157234dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:36:a2:08:41:ed:b0:59:98:6a:90:5d:49:90:
70:10:ff:a8:9a:75:05:3f:0e:ce:6f:4d:27:c0:e5:
c8:ab:ad:14:89:c5:2a:b6:ba:fb:35:a5:7e:50:9b:
d3:41:65:45:31:b1:40:67:3d:6c:b5:a9:48:41:6e:
fd:36:67:f1:f8:a2:f8:33:cf:1d:5d:98:39:57:0e:
4e:77:34:45:a5:e4:a3:12:23:c9:2b:cc:0f:80:72:
8a:ab:fc:5f:2f:04:8f:20:1c:d2:14:06:fc:16:c8:
9c:b9:9b:2f:2c:03:a4:05:1b:ef:ec:8c:20:1e:2f:
b5:54:24:6b:7a:90:e0:3e:82:d5:dc:8f:56:53:c0:
bf:eb:48:11:ed:c4:63:7a:38:d0:5d:9c:5d:bd:4f:
13:83:1d:db:eb:b7:4d:34:99:69:36:de:bb:16:f1:
f1:e1:d4:eb:8e:96:e8:d2:35:ff:d7:0d:2d:6f:03:
df:da:c5:5c:35:da:59:e4:7e:9e:96:6b:0d:b6:a6:
91:7c:97:df:91:1e:ba:17:3b:4a:b3:be:7a:e9:16:
e3:5b:7c:57:06:7d:db:5a:ea:19:ce:7c:4f:d3:dd:
ef:61:1d:53:db:e4:c7:f7:4c:78:36:67:24:66:b5:
d6:a5:52:b0:99:63:89:9d:c4:83:d9:74:0e:2a:3f:
ad:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:70:85:51:03:9B:DE:0B:98:9E:6F:B8:7B:C4:99:F1:57:23:4D:C4
X509v3 Authority Key Identifier:
keyid:6D:6D:1F:11:0F:59:5C:63:5C:CB:E9:FB:B3:09:0D:BB:5F:CF:BD:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/s3CFUQOb3guYnm-4e8SZ8VcjTcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.60.0/24
IPv6:
2a0c:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:00:3a:95:9e:af:92:f8:7a:ca:b7:f4:b5:16:4e:1c:21:98:
9e:bb:f6:cf:85:79:5e:a3:ed:cc:70:8d:21:f2:e2:00:f2:43:
ad:f1:03:c6:e4:43:3f:c5:f1:37:d3:0b:bc:b1:ad:f9:88:18:
f0:7a:59:15:27:64:2c:10:5c:3c:fa:67:90:f7:a3:1c:d3:32:
43:4a:80:64:03:be:2c:6d:b6:a4:36:41:61:4f:7f:33:69:56:
b5:02:68:82:a3:8e:28:f8:c1:ec:90:ec:3c:a5:2a:40:d8:d3:
44:b9:aa:38:e2:40:6b:9b:36:c1:9a:31:84:dc:e9:20:56:e3:
97:11:56:6c:40:4b:24:44:68:77:79:36:50:4a:2d:3b:0b:1f:
3d:ff:77:d9:b2:3d:00:13:bd:8a:e9:4d:b9:02:16:fd:f1:57:
43:cc:53:dc:82:0b:f7:c9:ec:af:37:03:29:2f:fb:d2:db:b0:
2a:34:17:c9:10:59:54:f2:fb:0c:e4:2f:42:f7:00:da:bf:dc:
0d:1f:4c:32:97:d5:17:b0:d8:c5:a3:5f:73:20:37:b7:ec:a1:
29:fa:10:0d:33:85:c6:0f:25:e1:45:75:97:f7:ec:7e:51:28:
06:ca:76:ff:be:bd:8d:ad:b3:3c:d8:97:9a:54:94:63:8d:87:
a6:cc:e2:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcGbEZyx5OzqgOkKNxzonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNmQxZjExMGY1OTVjNjM1Y2NiZTlmYmIzMDkwZGJiNWZj
ZmJkNmUwHhcNMjMwMTAyMDMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzcwODU1MTAzOWJkZTBiOTg5ZTZmYjg3YmM0OTlmMTU3MjM0ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzaiCEHtsFmYapBdSZBwEP+omnUF
Pw7Ob00nwOXIq60UicUqtrr7NaV+UJvTQWVFMbFAZz1stalIQW79Nmfx+KL4M88d
XZg5Vw5OdzRFpeSjEiPJK8wPgHKKq/xfLwSPIBzSFAb8FsicuZsvLAOkBRvv7Iwg
Hi+1VCRrepDgPoLV3I9WU8C/60gR7cRjejjQXZxdvU8Tgx3b67dNNJlpNt67FvHx
4dTrjpbo0jX/1w0tbwPf2sVcNdpZ5H6elmsNtqaRfJffkR66FztKs7566RbjW3xX
Bn3bWuoZznxP093vYR1T2+TH90x4NmckZrXWpVKwmWOJncSD2XQOKj+t1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLNwhVEDm94LmJ5vuHvEmfFXI03EMB8GA1UdIwQY
MBaAFG1tHxEPWVxjXMvp+7MJDbtfz71uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlcwZkVROVpYR05jeS1uN3N3a051MV9Qdlc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iMjQ3ZGEtMzE5Mi00ODEzLWJmZjQt
MmM3ZTJlNGE5NzQ3LzEvczNDRlVRT2IzZ3VZbm0tNGU4U1o4VmNqVGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iMjQ3ZGEtMzE5Mi00ODEzLWJmZjQtMmM3ZTJlNGE5NzQ3
LzEvYlcwZkVROVpYR05jeS1uN3N3a051MV9Qdlc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAues8MA0E
AgACMAcDBQMqDIzAMA0GCSqGSIb3DQEBCwUAA4IBAQB3ADqVnq+S+HrKt/S1Fk4c
IZieu/bPhXleo+3McI0h8uIA8kOt8QPG5EM/xfE30wu8sa35iBjwelkVJ2QsEFw8
+meQ96Mc0zJDSoBkA74sbbakNkFhT38zaVa1AmiCo44o+MHskOw8pSpA2NNEuao4
4kBrmzbBmjGE3OkgVuOXEVZsQEskRGh3eTZQSi07Cx89/3fZsj0AE72K6U25Ahb9
8VdDzFPcggv3yeyvNwMpL/vS27AqNBfJEFlU8vsM5C9C9wDav9wNH0wyl9UXsNjF
o19zIDe37KEp+hANM4XGDyXhRXWX9+x+USgGynb/vr2NrbM82JeaVJRjjYemzOK9
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:01 2024 by rpki-client on console-fra.rpki-client.org