Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/YxMJJRMZybYPShCN8Jr4pLmOZKY.roa
File: YxMJJRMZybYPShCN8Jr4pLmOZKY.roa (raw, json)
Hash identifier: KwqEMPpnlAH80X78SqcUNDnis6cQEzwCtuMV5EBHGig=
Subject key identifier: 63:13:09:25:13:19:C9:B6:0F:4A:10:8D:F0:9A:F8:A4:B9:8E:64:A6
Certificate issuer: /CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Certificate serial: 0185727A2341E24F28E57907A0925A24585C
Authority key identifier: 91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/YxMJJRMZybYPShCN8Jr4pLmOZKY.roa
Signing time: Mon 02 Jan 2023 12:34:45 +0000
ROA not before: Mon 02 Jan 2023 12:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201031
IP address blocks: 185.88.24.0/22 maxlen: 22
185.88.24.0/24 maxlen: 24
185.88.24.0/23 maxlen: 23
185.88.26.0/24 maxlen: 24
185.88.26.0/23 maxlen: 23
185.88.25.0/24 maxlen: 24
185.88.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:23:41:e2:4f:28:e5:79:07:a0:92:5a:24:58:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=911da0c7a99405c46baad84cb9d93e834599c8e1
Validity
Not Before: Jan 2 12:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=631309251319c9b60f4a108df09af8a4b98e64a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:8e:d9:5b:3c:c7:97:b9:6b:7b:8c:34:19:
b1:bb:08:16:38:3a:01:ad:bb:70:e1:c2:93:50:1b:
31:8b:5a:85:aa:77:c0:07:49:36:8e:8e:19:cf:b1:
96:7c:1c:3f:72:4e:dc:7c:3d:bf:73:a6:c9:9b:a3:
40:da:f1:c4:15:ec:dc:36:4a:69:dc:85:92:a0:20:
de:c1:f5:2b:51:33:e6:c1:cf:05:99:d6:48:27:fc:
3a:d5:8e:b9:a4:d5:cc:8b:7a:66:56:86:12:1e:ec:
49:c5:f9:48:23:9f:48:0b:4f:31:53:40:60:b5:91:
44:7e:eb:fd:0a:bc:06:1f:48:16:c9:ab:f8:a2:cb:
f0:6a:18:cb:74:c2:a6:73:d2:54:b0:af:67:31:18:
2d:98:94:0b:51:f0:be:5c:23:45:32:ce:7a:ac:55:
7b:66:31:79:50:1e:6f:d3:7b:61:2c:ef:be:63:c3:
d5:00:14:b1:d8:ed:15:0a:61:02:09:36:a5:0a:27:
87:a2:80:06:d6:f1:c3:31:44:43:ac:3a:19:f4:1a:
23:7e:2d:54:26:cc:d4:73:41:3a:f6:76:69:a1:22:
76:e4:cf:cd:a4:1e:a7:3c:4e:d9:21:6e:64:97:43:
8c:c5:93:f9:a8:45:c8:99:a5:47:84:22:72:d4:c1:
6a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:13:09:25:13:19:C9:B6:0F:4A:10:8D:F0:9A:F8:A4:B9:8E:64:A6
X509v3 Authority Key Identifier:
keyid:91:1D:A0:C7:A9:94:05:C4:6B:AA:D8:4C:B9:D9:3E:83:45:99:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kR2gx6mUBcRrqthMudk-g0WZyOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/YxMJJRMZybYPShCN8Jr4pLmOZKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/2c7ac3-eedf-455b-9e94-472f02450ec3/1/kR2gx6mUBcRrqthMudk-g0WZyOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:e1:04:45:3b:be:68:b4:a1:06:5f:f4:6c:a2:5a:3b:90:bb:
f7:e9:7f:93:65:b7:1f:f2:1a:5a:e7:d0:0e:06:66:63:63:b5:
85:f6:55:57:80:ce:20:b3:8b:a1:c5:45:a7:6c:84:6e:08:e2:
fe:cf:ce:ea:fd:34:6f:ff:32:00:5b:5f:7b:c4:8b:92:04:f0:
f1:d4:73:6e:ff:9d:bd:70:db:d4:1a:94:44:73:2b:b9:67:48:
6e:c1:16:7f:03:a6:26:ef:c4:86:87:9b:0e:8f:d6:78:3c:d0:
b5:81:dc:77:12:f7:8a:49:09:b4:bb:57:15:4c:c8:12:2c:ba:
13:42:bb:f3:14:f4:3e:36:ac:cf:d9:84:8a:b7:12:87:f9:5e:
0b:8f:c0:a9:cd:6e:96:b2:52:f0:94:81:70:66:0a:6d:0d:97:
8a:87:4d:d3:07:8a:14:df:9d:3b:cc:13:9b:ff:f0:26:be:4e:
cc:c6:80:e3:9c:49:62:ac:33:bb:23:62:55:7a:95:f5:b1:a1:
ed:af:05:9d:dd:25:b1:8b:9f:55:b4:72:75:c3:c0:e7:9d:7b:
0a:2d:01:25:1b:3b:90:ef:82:62:db:e9:b7:72:83:2d:db:35:
28:47:ba:86:56:47:3c:14:6d:24:4d:38:dc:9d:25:b4:38:84:
17:a0:1b:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeiNB4k8o5XkHoJJaJFhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMWRhMGM3YTk5NDA1YzQ2YmFhZDg0Y2I5ZDkzZTgzNDU5
OWM4ZTEwHhcNMjMwMTAyMTIzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzEzMDkyNTEzMTljOWI2MGY0YTEwOGRmMDlhZjhhNGI5OGU2NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZGO2Vs8x5e5a3uMNBmxuwgWODoB
rbtw4cKTUBsxi1qFqnfAB0k2jo4Zz7GWfBw/ck7cfD2/c6bJm6NA2vHEFezcNkpp
3IWSoCDewfUrUTPmwc8FmdZIJ/w61Y65pNXMi3pmVoYSHuxJxflII59IC08xU0Bg
tZFEfuv9CrwGH0gWyav4osvwahjLdMKmc9JUsK9nMRgtmJQLUfC+XCNFMs56rFV7
ZjF5UB5v03thLO++Y8PVABSx2O0VCmECCTalCieHooAG1vHDMURDrDoZ9Bojfi1U
JszUc0E69nZpoSJ25M/NpB6nPE7ZIW5kl0OMxZP5qEXImaVHhCJy1MFqAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMTCSUTGcm2D0oQjfCa+KS5jmSmMB8GA1UdIwQY
MBaAFJEdoMeplAXEa6rYTLnZPoNFmcjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQt
NDcyZjAyNDUwZWMzLzEvWXhNSkpSTVp5YllQU2hDTjhKcjRwTG1PWktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yYzdhYzMtZWVkZi00NTViLTllOTQtNDcyZjAyNDUwZWMz
LzEva1IyZ3g2bVVCY1JycXRoTXVkay1nMFdaeU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVgYMA0G
CSqGSIb3DQEBCwUAA4IBAQB/4QRFO75otKEGX/Rsolo7kLv36X+TZbcf8hpa59AO
BmZjY7WF9lVXgM4gs4uhxUWnbIRuCOL+z87q/TRv/zIAW197xIuSBPDx1HNu/529
cNvUGpREcyu5Z0huwRZ/A6Ym78SGh5sOj9Z4PNC1gdx3EveKSQm0u1cVTMgSLLoT
QrvzFPQ+NqzP2YSKtxKH+V4Lj8CpzW6WslLwlIFwZgptDZeKh03TB4oU3507zBOb
//Amvk7MxoDjnElirDO7I2JVepX1saHtrwWd3SWxi59VtHJ1w8DnnXsKLQElGzuQ
74Ji2+m3coMt2zUoR7qGVkc8FG0kTTjcnSW0OIQXoBuP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:19 2024 by rpki-client on console-fra.rpki-client.org