Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/YOIeboUVZDp1EsB0Bk8eN6oAsOg.roa
File: YOIeboUVZDp1EsB0Bk8eN6oAsOg.roa (raw, json)
Hash identifier: Y1EpNxEETCnkF48I9dCStE/ASAJYy5zvztd8pHUs46U=
Subject key identifier: 60:E2:1E:6E:85:15:64:3A:75:12:C0:74:06:4F:1E:37:AA:00:B0:E8
Certificate issuer: /CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Certificate serial: 018C3C301AC8BDBB915A4D3E9D3F7A9C3806
Authority key identifier: C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/YOIeboUVZDp1EsB0Bk8eN6oAsOg.roa
Signing time: Tue 05 Dec 2023 22:53:54 +0000
ROA not before: Tue 05 Dec 2023 22:53:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200402
IP address blocks: 185.84.56.0/22 maxlen: 24
185.84.57.0/24 maxlen: 24
185.84.56.0/24 maxlen: 24
2a03:6ee0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3c:30:1a:c8:bd:bb:91:5a:4d:3e:9d:3f:7a:9c:38:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Validity
Not Before: Dec 5 22:53:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60e21e6e8515643a7512c074064f1e37aa00b0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e2:79:a8:10:03:54:b0:47:c6:b1:96:02:e5:
a6:af:ec:d5:ec:0a:2b:0f:0a:94:4d:f8:5b:2b:7b:
c7:64:60:f6:0c:d4:bc:32:43:6c:a9:3c:b2:84:97:
1a:28:45:d3:d2:04:79:60:ba:fb:72:e7:a7:8d:08:
59:70:aa:4d:4e:b1:9c:74:f8:31:14:22:1e:54:cc:
12:72:e3:7a:fa:4b:6b:b6:34:bd:2c:71:6f:05:42:
b1:5f:b0:7e:e3:56:1a:47:a8:5d:20:7a:1b:f4:fe:
0c:d3:47:14:e5:85:24:9a:16:c0:83:92:01:17:d8:
d7:ca:de:27:d6:0a:b5:00:78:9e:d7:ae:e0:38:b7:
97:af:b6:08:9a:f2:c3:66:f5:13:d9:a9:95:d3:e4:
f6:1b:38:bc:75:6b:c8:ec:ca:2a:15:ce:6f:f4:4e:
5e:cb:cf:38:33:44:e8:b0:52:9b:f5:d4:dc:ae:d4:
c8:c9:f5:a1:d0:15:f4:4e:a9:21:b8:cd:99:40:b8:
4a:01:35:04:5f:a4:e3:9d:1a:95:9b:35:98:5c:d9:
e9:e7:8f:3a:dd:6d:81:a9:9a:3b:74:ac:37:60:ba:
92:35:b0:81:ed:43:0d:e2:80:1b:27:8f:3f:9d:52:
c7:52:3a:3f:4a:bb:04:e4:ab:fc:39:0a:02:ab:6e:
06:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E2:1E:6E:85:15:64:3A:75:12:C0:74:06:4F:1E:37:AA:00:B0:E8
X509v3 Authority Key Identifier:
keyid:C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/YOIeboUVZDp1EsB0Bk8eN6oAsOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.56.0/22
IPv6:
2a03:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
c9:b5:5e:0c:2b:24:50:75:e4:4c:25:ce:49:6a:30:5f:c7:be:
26:67:27:df:10:9b:50:5f:ec:0c:a0:53:80:29:17:3a:1d:5e:
2b:0b:e9:3b:50:b7:37:d4:6a:08:d2:bd:a6:d7:93:ae:97:75:
f8:dd:34:aa:2d:74:c7:96:e3:95:d0:81:cf:44:40:0d:e0:83:
43:45:dd:c6:60:e9:55:ef:88:1e:ee:45:ce:84:32:13:4c:ca:
18:28:00:54:6b:35:68:38:c4:76:ce:1c:fa:76:0b:df:b6:d5:
0b:3b:4e:f5:ed:38:54:9e:3b:6a:39:18:4e:db:76:ba:8b:40:
d7:8f:0d:91:af:dd:12:1b:0a:a4:34:fd:39:b5:1d:43:0c:76:
ea:a8:9d:ec:b7:34:a5:ca:9b:a7:84:43:bc:87:3f:76:4c:1b:
62:67:f9:81:1f:25:7c:50:ae:bf:57:f5:42:9b:67:0a:c1:09:
3d:f9:ac:1f:8f:cc:31:d6:e5:09:3b:44:28:e0:97:34:0e:19:
4d:09:44:d4:26:34:f3:6c:b8:bd:df:66:ca:af:50:7c:a2:45:
c6:06:01:ab:c0:21:12:7a:5f:f9:b6:6c:0e:fa:ab:bf:fb:8a:
29:7c:d6:36:03:23:46:1d:6e:d6:ec:fa:b0:e1:81:65:82:6b:
ae:46:0b:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw8MBrIvbuRWk0+nT96nDgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWI2NjhiNzM1YTE4MzkzNzRlNDhmNzljYjI0MzZkYmY0
MTdjYWEwHhcNMjMxMjA1MjI1MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUyMWU2ZTg1MTU2NDNhNzUxMmMwNzQwNjRmMWUzN2FhMDBiMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+J5qBADVLBHxrGWAuWmr+zV7Aor
DwqUTfhbK3vHZGD2DNS8MkNsqTyyhJcaKEXT0gR5YLr7cuenjQhZcKpNTrGcdPgx
FCIeVMwScuN6+ktrtjS9LHFvBUKxX7B+41YaR6hdIHob9P4M00cU5YUkmhbAg5IB
F9jXyt4n1gq1AHie167gOLeXr7YImvLDZvUT2amV0+T2Gzi8dWvI7MoqFc5v9E5e
y884M0TosFKb9dTcrtTIyfWh0BX0TqkhuM2ZQLhKATUEX6TjnRqVmzWYXNnp5486
3W2BqZo7dKw3YLqSNbCB7UMN4oAbJ48/nVLHUjo/SrsE5Kv8OQoCq24GDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDiHm6FFWQ6dRLAdAZPHjeqALDoMB8GA1UdIwQY
MBaAFMDrZotzWhg5N05I95yyQ22/QXyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTIt
MmQyNmYxYjU2ZTIwLzEvWU9JZWJvVVZaRHAxRXNCMEJrOGVONm9Bc09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTItMmQyNmYxYjU2ZTIw
LzEvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVQ4MA0E
AgACMAcDBQAqA27gMA0GCSqGSIb3DQEBCwUAA4IBAQDJtV4MKyRQdeRMJc5JajBf
x74mZyffEJtQX+wMoFOAKRc6HV4rC+k7ULc31GoI0r2m15Oul3X43TSqLXTHluOV
0IHPREAN4INDRd3GYOlV74ge7kXOhDITTMoYKABUazVoOMR2zhz6dgvfttULO071
7ThUnjtqORhO23a6i0DXjw2Rr90SGwqkNP05tR1DDHbqqJ3stzSlypunhEO8hz92
TBtiZ/mBHyV8UK6/V/VCm2cKwQk9+awfj8wx1uUJO0Qo4Jc0DhlNCUTUJjTzbLi9
32bKr1B8okXGBgGrwCESel/5tmwO+qu/+4opfNY2AyNGHW7W7Pqw4YFlgmuuRgvj
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:38 2023 by rpki-client on console.sobornost.net