Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/hTq52h75uAqPmcmAm6vjWKbU_Vc.roa
File: hTq52h75uAqPmcmAm6vjWKbU_Vc.roa (raw, json)
Hash identifier: lD9exLvE1RuHS+pFv8Tq8TMVOLq5x1OfeQFKQSRNKWY=
Subject key identifier: 85:3A:B9:DA:1E:F9:B8:0A:8F:99:C9:80:9B:AB:E3:58:A6:D4:FD:57
Certificate issuer: /CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Certificate serial: 018CC8DF89B5D9561CD8D65B970B3793E56A
Authority key identifier: 60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/hTq52h75uAqPmcmAm6vjWKbU_Vc.roa
Signing time: Tue 02 Jan 2024 06:32:22 +0000
ROA not before: Tue 02 Jan 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8589
IP address blocks: 185.121.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 14:14:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:89:b5:d9:56:1c:d8:d6:5b:97:0b:37:93:e5:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60b9615df8c659dac8cc087bd011d4b5ff373e2a
Validity
Not Before: Jan 2 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853ab9da1ef9b80a8f99c9809babe358a6d4fd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c1:cb:15:db:00:09:33:84:d9:24:b7:f1:4f:
d2:e8:12:2a:8e:12:da:b0:48:37:50:0d:96:6d:b9:
16:99:b8:d7:07:10:53:dc:04:20:e4:3b:09:ba:51:
49:89:86:8c:a6:14:69:88:6c:7c:d4:a2:b5:bd:5b:
45:40:45:3d:e3:c4:5b:91:67:29:4a:04:4c:a6:bf:
70:31:16:ec:a6:e2:8f:47:d3:d0:74:fe:dc:5d:6c:
9e:8f:5d:58:74:2d:82:1e:54:8a:5e:d5:14:2e:b7:
7f:00:4e:aa:c2:c4:f0:58:80:9c:99:3e:27:aa:37:
4c:19:e1:95:a3:67:cf:fe:4d:c0:45:30:ca:98:9c:
2d:03:a0:66:11:1b:96:9d:b9:12:e0:5f:12:99:e3:
5e:66:a6:d2:d1:b1:7b:05:c3:c0:46:0c:9c:56:77:
a8:6a:b1:3c:e0:29:32:da:0a:d6:8d:da:1d:8c:f5:
dc:f0:d2:47:b7:96:78:9f:02:8e:ac:d1:a8:a9:fb:
1d:dd:cb:f1:eb:16:93:29:e2:b6:f3:1e:a7:1e:9d:
c8:2f:15:57:c1:fa:9d:cb:b3:9e:b1:d5:74:01:a1:
88:73:3b:8d:36:0c:e5:32:41:ab:e5:a8:c3:9e:57:
c0:5e:38:bd:c0:90:a1:32:72:83:db:b3:8f:f4:88:
b1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3A:B9:DA:1E:F9:B8:0A:8F:99:C9:80:9B:AB:E3:58:A6:D4:FD:57
X509v3 Authority Key Identifier:
keyid:60:B9:61:5D:F8:C6:59:DA:C8:CC:08:7B:D0:11:D4:B5:FF:37:3E:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YLlhXfjGWdrIzAh70BHUtf83Pio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/hTq52h75uAqPmcmAm6vjWKbU_Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9a8ad8-b6c9-4c6c-ac27-62d881aa906f/1/YLlhXfjGWdrIzAh70BHUtf83Pio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:a2:2e:1a:d4:98:46:d0:4c:fc:6e:32:34:55:27:f2:c6:93:
3f:d5:0d:7f:3e:12:b1:37:9b:12:3d:f6:71:ab:8a:da:cd:2f:
85:6c:d7:fc:6e:7d:bd:87:5a:3d:2f:51:66:05:63:35:47:bc:
e5:e3:73:15:96:77:f0:e9:91:c1:f3:c0:93:07:8f:ef:c5:e2:
10:d5:06:2e:08:3a:5f:ce:6f:d9:2e:c0:45:14:ae:0f:f1:e7:
d8:fe:c6:5c:e1:26:45:74:ab:0d:fb:f7:53:36:95:00:bf:7d:
40:b2:15:d6:f0:25:55:b1:de:f9:ca:c7:79:b1:f5:a6:06:1d:
98:e4:80:e7:71:c7:9b:5c:e7:27:42:7c:bc:24:88:e9:16:52:
43:f4:ad:e9:bf:a8:c9:57:1e:1f:7c:84:84:28:9d:d6:ae:cb:
44:56:b6:f3:8a:63:38:3b:fe:81:3e:19:90:3c:79:53:ec:dc:
99:9f:9f:53:27:81:0c:a3:3a:08:f2:08:58:0b:cd:be:9d:ac:
b6:de:41:45:3c:97:00:1b:46:3b:64:15:5f:2d:a3:3c:3a:d1:
92:6c:f0:23:fc:4b:f4:34:71:ad:f3:3b:1f:bb:b0:c8:a1:a3:
6c:c0:0b:1a:dc:a5:0f:2d:e0:8b:2d:b5:6f:42:9a:39:3f:11:
49:de:57:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34m12VYc2NZblws3k+VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYjk2MTVkZjhjNjU5ZGFjOGNjMDg3YmQwMTFkNGI1ZmYz
NzNlMmEwHhcNMjQwMTAyMDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNhYjlkYTFlZjliODBhOGY5OWM5ODA5YmFiZTM1OGE2ZDRmZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28HLFdsACTOE2SS38U/S6BIqjhLa
sEg3UA2WbbkWmbjXBxBT3AQg5DsJulFJiYaMphRpiGx81KK1vVtFQEU948RbkWcp
SgRMpr9wMRbspuKPR9PQdP7cXWyej11YdC2CHlSKXtUULrd/AE6qwsTwWICcmT4n
qjdMGeGVo2fP/k3ARTDKmJwtA6BmERuWnbkS4F8SmeNeZqbS0bF7BcPARgycVneo
arE84Cky2grWjdodjPXc8NJHt5Z4nwKOrNGoqfsd3cvx6xaTKeK28x6nHp3ILxVX
wfqdy7OesdV0AaGIczuNNgzlMkGr5ajDnlfAXji9wJChMnKD27OP9IixSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIU6udoe+bgKj5nJgJur41im1P1XMB8GA1UdIwQY
MBaAFGC5YV34xlnayMwIe9AR1LX/Nz4qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUxsaFhmakdXZHJJekFoNzBCSFV0ZjgzUGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85YThhZDgtYjZjOS00YzZjLWFjMjct
NjJkODgxYWE5MDZmLzEvaFRxNTJoNzV1QXFQbWNtQW02dmpXS2JVX1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85YThhZDgtYjZjOS00YzZjLWFjMjctNjJkODgxYWE5MDZm
LzEvWUxsaFhmakdXZHJJekFoNzBCSFV0ZjgzUGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXl8MA0G
CSqGSIb3DQEBCwUAA4IBAQAeoi4a1JhG0Ez8bjI0VSfyxpM/1Q1/PhKxN5sSPfZx
q4razS+FbNf8bn29h1o9L1FmBWM1R7zl43MVlnfw6ZHB88CTB4/vxeIQ1QYuCDpf
zm/ZLsBFFK4P8efY/sZc4SZFdKsN+/dTNpUAv31AshXW8CVVsd75ysd5sfWmBh2Y
5IDnccebXOcnQny8JIjpFlJD9K3pv6jJVx4ffISEKJ3WrstEVrbzimM4O/6BPhmQ
PHlT7NyZn59TJ4EMozoI8ghYC82+nay23kFFPJcAG0Y7ZBVfLaM8OtGSbPAj/Ev0
NHGt8zsfu7DIoaNswAsa3KUPLeCLLbVvQpo5PxFJ3leL
-----END CERTIFICATE-----
Generated at Tue Apr 16 19:57:02 2024 by rpki-client on console.sobornost.net