Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/yikGajhXJMrCuJ_eiRDg8UbaRKU.roa
File: yikGajhXJMrCuJ_eiRDg8UbaRKU.roa (raw, json)
Hash identifier: U8Yh5mpJigDcAFswexV5BsiEF3X63fZ55hmscGazgMM=
Subject key identifier: CA:29:06:6A:38:57:24:CA:C2:B8:9F:DE:89:10:E0:F1:46:DA:44:A5
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 01857079A52ADBA0D819E24008E3C0CA3DC8
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/yikGajhXJMrCuJ_eiRDg8UbaRKU.roa
Signing time: Mon 02 Jan 2023 03:14:58 +0000
ROA not before: Mon 02 Jan 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204798
IP address blocks: 185.206.124.0/24 maxlen: 24
185.206.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a5:2a:db:a0:d8:19:e2:40:08:e3:c0:ca:3d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 2 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca29066a385724cac2b89fde8910e0f146da44a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ff:88:91:57:2f:83:fc:1b:40:e0:e4:47:58:
da:88:d2:de:fa:70:be:40:3f:9b:2d:53:db:13:c5:
48:45:ef:27:ed:06:35:27:6f:8b:8e:54:6e:67:ea:
a7:fc:f0:cf:b5:2e:85:c6:4f:55:4a:b5:93:71:80:
9b:9d:0f:37:8c:98:80:e9:87:ea:3e:20:37:23:0d:
98:4a:26:e9:ed:a0:62:1a:04:c5:9c:87:67:d9:03:
57:6b:bd:69:3f:e6:75:c2:fa:f9:cc:48:59:3e:02:
f1:b8:1a:87:d7:ba:2c:c7:26:ce:c8:06:9f:4c:ae:
36:7f:c1:f7:8a:cc:f9:5f:fe:73:b0:fc:4a:17:94:
a3:ca:e3:e2:e2:c6:e0:c5:c8:68:ca:3e:88:e0:9b:
ba:8c:35:84:fc:fe:c1:03:39:fd:cc:38:99:a5:a0:
c4:63:14:77:2d:bd:99:a2:9a:76:3d:54:0c:cd:e6:
b8:7c:db:c6:91:b0:dd:b7:4a:d2:5e:4b:7e:78:12:
e9:36:11:60:05:f8:d5:f4:64:3f:3f:bd:5e:19:43:
39:ac:f5:ac:fe:44:47:da:ce:37:8d:6d:3d:26:cd:
d9:c0:9e:56:84:ca:cd:83:7e:2d:b4:99:9b:18:36:
45:2a:cb:92:74:8d:f3:50:4a:22:08:09:74:00:c4:
9e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:29:06:6A:38:57:24:CA:C2:B8:9F:DE:89:10:E0:F1:46:DA:44:A5
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/yikGajhXJMrCuJ_eiRDg8UbaRKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.124.0/24
185.206.126.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:27:6a:07:4b:a0:54:17:50:f4:03:b5:17:34:9c:02:a7:fc:
5f:dd:1b:f0:e0:68:d2:3d:67:5a:ef:db:46:ea:f8:cb:5e:11:
e3:5f:61:ee:e6:4e:b0:71:db:85:4e:a1:a5:0e:d1:c0:c8:e5:
4f:0b:ce:fb:54:0e:1f:04:c3:64:4a:c4:b9:6f:f3:51:20:2e:
99:85:2d:7a:13:01:b1:6f:a4:50:73:d7:6f:5f:55:df:49:f8:
94:d6:78:97:af:e4:d4:42:ea:50:a0:fe:5b:0a:12:45:02:a1:
08:27:d4:d4:89:1c:42:af:ab:13:7f:ca:fe:b0:46:ee:c8:76:
0f:8d:29:af:c1:f0:68:6e:bc:ef:f7:d7:c2:72:93:b1:60:90:
49:49:3e:d7:53:c5:23:d3:e5:3c:14:30:22:53:a1:46:a3:3f:
91:a3:18:a5:70:8e:24:eb:e0:81:0e:f7:e2:a1:16:2e:d5:ef:
4f:24:89:8b:1f:14:07:e4:47:f6:93:f4:f6:3a:fe:f4:ee:d2:
79:bc:a1:d5:f6:84:ee:56:24:ce:41:78:bf:f4:94:d1:8a:bc:
e1:c0:35:63:ed:d8:20:a7:6a:38:d4:06:c6:5c:2a:47:2d:c9:
e4:04:fe:b5:cd:78:37:70:2c:02:11:8b:8c:7f:7c:09:fd:9a:
63:15:46:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVweaUq26DYGeJACOPAyj3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTA5MmJiYzJjYWNhZTI0Nzc3NGY2MmIwZmRiZGM0NGE5
NzRjZjIwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI5MDY2YTM4NTcyNGNhYzJiODlmZGU4OTEwZTBmMTQ2ZGE0NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP+IkVcvg/wbQODkR1jaiNLe+nC+
QD+bLVPbE8VIRe8n7QY1J2+LjlRuZ+qn/PDPtS6Fxk9VSrWTcYCbnQ83jJiA6Yfq
PiA3Iw2YSibp7aBiGgTFnIdn2QNXa71pP+Z1wvr5zEhZPgLxuBqH17osxybOyAaf
TK42f8H3isz5X/5zsPxKF5SjyuPi4sbgxchoyj6I4Ju6jDWE/P7BAzn9zDiZpaDE
YxR3Lb2Zopp2PVQMzea4fNvGkbDdt0rSXkt+eBLpNhFgBfjV9GQ/P71eGUM5rPWs
/kRH2s43jW09Js3ZwJ5WhMrNg34ttJmbGDZFKsuSdI3zUEoiCAl0AMSeMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMopBmo4VyTKwrif3okQ4PFG2kSlMB8GA1UdIwQY
MBaAFKyQkrvCysriR3dPYrD9vcRKl0zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMt
YTNmYzE5NmFhYmIzLzEveWlrR2FqaFhKTXJDdUpfZWlSRGc4VWJhUktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMtYTNmYzE5NmFhYmIz
LzEvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc58AwQA
uc5+MA0GCSqGSIb3DQEBCwUAA4IBAQCbJ2oHS6BUF1D0A7UXNJwCp/xf3Rvw4GjS
PWda79tG6vjLXhHjX2Hu5k6wcduFTqGlDtHAyOVPC877VA4fBMNkSsS5b/NRIC6Z
hS16EwGxb6RQc9dvX1XfSfiU1niXr+TUQupQoP5bChJFAqEIJ9TUiRxCr6sTf8r+
sEbuyHYPjSmvwfBobrzv99fCcpOxYJBJST7XU8Uj0+U8FDAiU6FGoz+RoxilcI4k
6+CBDvfioRYu1e9PJImLHxQH5Ef2k/T2Ov707tJ5vKHV9oTuViTOQXi/9JTRirzh
wDVj7dggp2o41AbGXCpHLcnkBP61zXg3cCwCEYuMf3wJ/ZpjFUbS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:57 2024 by rpki-client on console-ams.rpki-client.org