Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/lkKFsMxENbj0ZY7Hoghw-UGShR0.roa
File: lkKFsMxENbj0ZY7Hoghw-UGShR0.roa (raw, json)
Hash identifier: 44biqAa3vRDVv7itMz0aAgjCEWgk9/seTIKnvAxXmRs=
Subject key identifier: 96:42:85:B0:CC:44:35:B8:F4:65:8E:C7:A2:08:70:F9:41:92:85:1D
Certificate issuer: /CN=60fa7fdfcebc07a272db89cdaf877870c687e04f
Certificate serial: 018FB3FCD59F02960CD7A5C3529A89941E7F
Authority key identifier: 60:FA:7F:DF:CE:BC:07:A2:72:DB:89:CD:AF:87:78:70:C6:87:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPp_3868B6Jy24nNr4d4cMaH4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/lkKFsMxENbj0ZY7Hoghw-UGShR0.roa
Signing time: Sun 26 May 2024 08:20:42 +0000
ROA not before: Sun 26 May 2024 08:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28821
IP address blocks: 185.104.56.0/22 maxlen: 22
185.104.56.0/24 maxlen: 24
185.104.57.0/24 maxlen: 24
185.104.58.0/24 maxlen: 24
185.104.59.0/24 maxlen: 24
2a06:2f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:fc:d5:9f:02:96:0c:d7:a5:c3:52:9a:89:94:1e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fa7fdfcebc07a272db89cdaf877870c687e04f
Validity
Not Before: May 26 08:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=964285b0cc4435b8f4658ec7a20870f94192851d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:76:da:63:17:2d:ed:22:ab:38:a2:64:ad:4c:
8d:e2:b5:4e:e9:ee:50:f9:c6:11:07:00:8e:a8:1d:
38:e2:6a:64:fe:08:1f:88:aa:10:e6:f3:35:de:e2:
bb:34:a9:82:af:bc:95:8e:e1:85:3b:2b:3f:58:1f:
4a:df:f0:f9:c9:e8:4a:2e:fa:1f:43:16:46:eb:84:
f7:54:86:5d:6e:4a:bc:76:b9:45:d1:f6:a8:a7:b6:
ef:25:54:5e:1d:a4:67:f6:23:2e:c9:63:d9:d8:d1:
09:e5:c5:8e:1e:b6:71:98:b4:0c:81:1a:1b:df:8c:
3e:30:df:16:56:80:ad:e5:9f:92:19:f9:93:62:41:
e2:93:4f:52:a2:c4:87:e6:43:d7:98:fe:e5:ad:df:
68:c9:27:6f:44:a7:a9:71:82:20:59:13:27:67:c7:
0b:f4:44:98:9a:a3:93:a1:e7:3f:59:53:e9:40:1e:
ed:f0:60:a4:00:9f:f5:6a:c0:7e:42:76:4a:7b:b8:
6f:6d:a2:49:fb:68:75:e1:ce:a7:ef:96:69:27:77:
54:f6:a0:7a:0e:3a:88:ef:99:31:2b:fb:36:87:18:
76:65:e3:44:d4:38:7c:46:78:ba:19:44:b1:20:97:
fe:e7:39:55:3e:1b:3d:19:c9:e2:09:0d:e9:72:c8:
a9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:42:85:B0:CC:44:35:B8:F4:65:8E:C7:A2:08:70:F9:41:92:85:1D
X509v3 Authority Key Identifier:
keyid:60:FA:7F:DF:CE:BC:07:A2:72:DB:89:CD:AF:87:78:70:C6:87:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPp_3868B6Jy24nNr4d4cMaH4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/lkKFsMxENbj0ZY7Hoghw-UGShR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/YPp_3868B6Jy24nNr4d4cMaH4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.56.0/22
IPv6:
2a06:2f00::/29
Signature Algorithm: sha256WithRSAEncryption
95:b3:74:50:9f:5b:0e:91:66:e6:39:23:c0:70:11:51:d9:80:
fd:88:5d:51:20:e4:88:73:40:27:b1:fd:20:d6:69:c9:da:78:
2a:69:9f:56:22:1a:04:f3:a3:a0:17:d6:70:7b:f5:1b:14:87:
9f:dd:e1:27:61:7c:ae:9d:2c:4a:7a:35:03:9a:93:2d:2a:6e:
10:35:f8:c6:c2:34:f9:81:d9:c8:7d:f8:70:e3:f3:6f:60:7b:
b3:e9:be:0b:c0:ac:a7:d8:ff:da:c6:8d:ba:4c:e7:58:38:33:
d8:c9:b5:44:4f:67:63:05:d3:ce:47:34:49:af:00:ef:39:91:
2d:d9:17:2f:f0:b5:31:68:8d:39:18:18:50:c2:6b:06:7a:75:
88:dc:ff:86:c9:5e:96:fb:e1:1c:80:1c:c1:ae:85:84:e8:c4:
09:3b:22:32:e7:7f:e6:5a:19:f1:cb:cb:e2:29:4e:ea:b1:b8:
1b:00:c7:80:85:c7:74:54:9e:92:d7:8f:2f:04:ad:44:2a:d3:
a2:0b:a7:54:b7:6e:92:85:8a:c2:81:6c:ba:49:75:df:72:f7:
27:37:4d:a4:b1:4d:99:62:ae:87:4a:fb:3f:a7:9d:bf:15:be:
ec:3e:a4:1b:df:9f:e4:bd:7b:16:c1:17:80:88:90:27:3c:1f:
e4:fc:27:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+z/NWfApYM16XDUpqJlB5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmE3ZmRmY2ViYzA3YTI3MmRiODljZGFmODc3ODcwYzY4
N2UwNGYwHhcNMjQwNTI2MDgyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQyODViMGNjNDQzNWI4ZjQ2NThlYzdhMjA4NzBmOTQxOTI4NTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3baYxct7SKrOKJkrUyN4rVO6e5Q
+cYRBwCOqB044mpk/ggfiKoQ5vM13uK7NKmCr7yVjuGFOys/WB9K3/D5yehKLvof
QxZG64T3VIZdbkq8drlF0faop7bvJVReHaRn9iMuyWPZ2NEJ5cWOHrZxmLQMgRob
34w+MN8WVoCt5Z+SGfmTYkHik09SosSH5kPXmP7lrd9oySdvRKepcYIgWRMnZ8cL
9ESYmqOToec/WVPpQB7t8GCkAJ/1asB+QnZKe7hvbaJJ+2h14c6n75ZpJ3dU9qB6
DjqI75kxK/s2hxh2ZeNE1Dh8Rni6GUSxIJf+5zlVPhs9GcniCQ3pcsipwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJZChbDMRDW49GWOx6IIcPlBkoUdMB8GA1UdIwQY
MBaAFGD6f9/OvAeictuJza+HeHDGh+BPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBwXzM4NjhCNkp5MjRuTnI0ZDRjTWFINEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMmNlYTQtNTE0YS00MzQ5LTljYmMt
ZjllYzMwY2I5YjRiLzEvbGtLRnNNeEVOYmowWlk3SG9naHctVUdTaFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMmNlYTQtNTE0YS00MzQ5LTljYmMtZjllYzMwY2I5YjRi
LzEvWVBwXzM4NjhCNkp5MjRuTnI0ZDRjTWFINEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWg4MA0E
AgACMAcDBQMqBi8AMA0GCSqGSIb3DQEBCwUAA4IBAQCVs3RQn1sOkWbmOSPAcBFR
2YD9iF1RIOSIc0Ansf0g1mnJ2ngqaZ9WIhoE86OgF9Zwe/UbFIef3eEnYXyunSxK
ejUDmpMtKm4QNfjGwjT5gdnIffhw4/NvYHuz6b4LwKyn2P/axo26TOdYODPYybVE
T2djBdPORzRJrwDvOZEt2Rcv8LUxaI05GBhQwmsGenWI3P+GyV6W++EcgBzBroWE
6MQJOyIy53/mWhnxy8viKU7qsbgbAMeAhcd0VJ6S148vBK1EKtOiC6dUt26ShYrC
gWy6SXXfcvcnN02ksU2ZYq6HSvs/p52/Fb7sPqQb35/kvXsWwReAiJAnPB/k/Cd6
-----END CERTIFICATE-----
Generated at Wed Apr 30 01:00:38 2025 by rpki-client