Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ly2Ub6m1_bXpXXcEPuj7tGA2A80.roa
File: ly2Ub6m1_bXpXXcEPuj7tGA2A80.roa (raw, json)
Hash identifier: sJF1MwHGz3f132lhWIOCgLzRAV+Ax9hV/bL1bzO8/1U=
Subject key identifier: 97:2D:94:6F:A9:B5:FD:B5:E9:5D:77:04:3E:E8:FB:B4:60:36:03:CD
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A9302A6D74DFFB4326A6E706282256757
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ly2Ub6m1_bXpXXcEPuj7tGA2A80.roa
Signing time: Thu 14 Sep 2023 09:25:39 +0000
ROA not before: Thu 14 Sep 2023 09:25:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:02:a6:d7:4d:ff:b4:32:6a:6e:70:62:82:25:67:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 14 09:25:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972d946fa9b5fdb5e95d77043ee8fbb4603603cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:61:cf:83:f7:2f:1c:83:08:d8:e5:7d:7a:9d:
bc:bd:6f:0f:8d:07:4a:0f:3f:52:c4:ab:f9:67:73:
bf:80:be:05:c6:27:b9:c5:04:46:8c:92:f2:a7:eb:
d3:0f:c5:c1:bf:7c:08:37:e5:16:98:4e:73:f5:75:
06:1f:32:2a:2a:d9:55:c0:3c:98:2b:46:b5:8c:ac:
c5:03:e0:f2:fd:d2:e3:97:a5:28:7b:65:68:06:2f:
a3:c7:81:b6:ac:87:be:65:36:a4:c6:85:24:57:51:
4b:4c:05:9c:71:c5:75:e7:e1:2c:cc:50:17:26:f3:
49:59:9f:82:d1:f3:26:3f:ca:4f:7e:7e:77:fa:9f:
64:a5:02:c2:3b:54:f8:da:51:89:c6:22:3c:99:3e:
a5:81:96:20:df:78:77:ad:69:7a:73:bb:7d:fa:1a:
2f:f8:ad:cd:8c:00:03:3c:28:0b:b2:83:66:25:6b:
a4:98:3f:3c:56:a0:e2:2b:16:85:1e:33:93:f3:8f:
39:d1:31:3d:34:69:f6:ac:cc:de:7b:85:e1:16:38:
75:a4:80:68:89:6f:d0:64:85:e7:23:9d:64:ab:a8:
a6:60:74:24:6d:ff:e8:8d:da:d5:c0:68:78:bc:0e:
9b:70:2a:ff:d8:d6:18:a3:ae:60:bd:dc:6e:79:eb:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2D:94:6F:A9:B5:FD:B5:E9:5D:77:04:3E:E8:FB:B4:60:36:03:CD
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/ly2Ub6m1_bXpXXcEPuj7tGA2A80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
a3:da:fc:2c:5c:f6:0b:6f:22:18:86:47:36:69:97:0b:85:b4:
97:e4:17:dd:50:92:2e:94:0f:51:2f:1b:37:b6:c2:ee:03:96:
ab:b2:5b:c5:6b:07:1c:fb:fc:8e:99:9b:23:59:ea:d7:28:f0:
9a:3b:c1:f1:46:2d:d8:63:bc:2d:5a:e2:7c:fe:26:c1:d4:9c:
6e:96:ec:00:44:0c:02:81:af:30:21:ed:7d:1b:e8:f6:88:e1:
9c:6b:6c:53:0f:8f:9e:0d:91:c4:65:37:03:0a:bf:b5:e7:89:
67:28:8f:7b:ab:61:95:a8:f6:95:24:68:65:76:af:de:b5:e9:
8c:f6:09:1c:88:33:7f:69:ac:06:fc:27:3c:fa:b7:4b:bc:f8:
14:26:60:4d:a1:ad:09:25:79:d4:02:d4:fd:f3:ef:e7:4c:1c:
55:e3:fa:dd:92:7b:51:6c:84:1a:28:2a:39:6b:a5:f9:65:11:
82:67:f5:da:bd:b7:bb:42:ae:f5:03:83:8a:d5:6c:b7:a5:3c:
aa:f2:5e:5a:88:40:b2:53:d7:f6:04:be:c9:ad:9f:17:c5:f3:
ae:1d:91:30:15:7a:58:fd:f3:99:ab:4b:19:58:69:27:b3:1a:
ff:a4:da:fd:9f:f2:b2:6e:c7:ec:25:7d:81:70:6a:45:2c:1a:
3d:2a:dc:55
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqTAqbXTf+0MmpucGKCJWdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTE0MDkyNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJkOTQ2ZmE5YjVmZGI1ZTk1ZDc3MDQzZWU4ZmJiNDYwMzYwM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmHPg/cvHIMI2OV9ep28vW8PjQdK
Dz9SxKv5Z3O/gL4Fxie5xQRGjJLyp+vTD8XBv3wIN+UWmE5z9XUGHzIqKtlVwDyY
K0a1jKzFA+Dy/dLjl6Uoe2VoBi+jx4G2rIe+ZTakxoUkV1FLTAWcccV15+EszFAX
JvNJWZ+C0fMmP8pPfn53+p9kpQLCO1T42lGJxiI8mT6lgZYg33h3rWl6c7t9+hov
+K3NjAADPCgLsoNmJWukmD88VqDiKxaFHjOT84850TE9NGn2rMzee4XhFjh1pIBo
iW/QZIXnI51kq6imYHQkbf/ojdrVwGh4vA6bcCr/2NYYo65gvdxueevAiwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJctlG+ptf216V13BD7o+7RgNgPNMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvbHkyVWI2bTFfYlhwWFhjRVB1ajd0R0EyQTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQCj2vwsXPYLbyIYhkc2aZcLhbSX5BfdUJIulA9RLxs3tsLuA5arslvFawcc+/yO
mZsjWerXKPCaO8HxRi3YY7wtWuJ8/ibB1JxuluwARAwCga8wIe19G+j2iOGca2xT
D4+eDZHEZTcDCr+154lnKI97q2GVqPaVJGhldq/etemM9gkciDN/aawG/Cc8+rdL
vPgUJmBNoa0JJXnUAtT98+/nTBxV4/rdkntRbIQaKCo5a6X5ZRGCZ/Xavbe7Qq71
A4OK1Wy3pTyq8l5aiECyU9f2BL7JrZ8XxfOuHZEwFXpY/fOZq0sZWGknsxr/pNr9
n/KybsfsJX2BcGpFLBo9KtxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org