Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yk2Lq7ljWNDyEu4lWbwsHh00A4o.roa
File: yk2Lq7ljWNDyEu4lWbwsHh00A4o.roa (raw, json)
Hash identifier: y1eEB/CeF//Ua3wk3RjPkWyGFB2z9A6kyP76ypWm7Mg=
Subject key identifier: CA:4D:8B:AB:B9:63:58:D0:F2:12:EE:25:59:BC:2C:1E:1D:34:03:8A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0189B5E03B611BC7EFEEA86CAEDD2DE25782
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yk2Lq7ljWNDyEu4lWbwsHh00A4o.roa
Signing time: Wed 02 Aug 2023 10:51:58 +0000
ROA not before: Wed 02 Aug 2023 10:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 12:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:e0:3b:61:1b:c7:ef:ee:a8:6c:ae:dd:2d:e2:57:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 2 10:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4d8babb96358d0f212ee2559bc2c1e1d34038a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e5:c8:8e:64:34:64:39:98:36:e2:bd:70:0f:
eb:97:bc:10:ac:cd:08:f4:0d:14:32:35:cf:85:18:
75:b9:cd:34:dc:4b:2a:6f:b7:a3:28:6b:e0:54:94:
5a:ab:1f:36:73:1a:8d:84:a0:01:80:09:9f:23:0f:
c6:64:1f:ce:aa:3b:b8:cc:89:ff:95:ac:bd:35:59:
7b:ed:ca:9e:fd:1c:6e:1f:36:8c:02:69:f1:93:8e:
1f:a5:02:6c:90:3a:50:aa:ac:9e:e5:ec:15:26:10:
19:19:fc:10:5e:d8:d8:f1:73:d5:62:63:e7:42:0d:
a6:98:64:96:59:9a:96:7d:24:ea:84:76:43:b2:03:
09:c0:83:66:f1:5b:ee:64:70:04:e9:24:c5:ea:48:
5f:14:6a:d5:46:0e:f5:c7:f6:fd:a6:84:a7:ba:18:
11:28:9f:ee:d8:be:00:04:a8:4e:6c:88:26:18:b4:
8a:8b:94:45:34:84:af:b7:e4:93:d1:33:f0:dd:0e:
c4:7d:73:1e:9d:81:98:7d:22:ed:0a:4f:dc:bb:04:
cd:22:53:ff:bd:9d:f2:5b:0a:f2:88:d1:51:53:d3:
a7:a1:b0:30:68:b7:62:f7:b5:36:eb:e4:81:65:c1:
48:ca:49:15:d0:4a:d2:fb:f8:32:1f:08:82:62:99:
b2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4D:8B:AB:B9:63:58:D0:F2:12:EE:25:59:BC:2C:1E:1D:34:03:8A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yk2Lq7ljWNDyEu4lWbwsHh00A4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:71:0e:07:2f:80:c7:b9:b4:4e:0c:dd:b1:f5:69:df:3b:a2:
ce:25:94:4b:7d:26:12:02:fc:1d:4e:d3:0e:d1:79:6a:7d:e3:
e1:ff:83:41:10:1a:7e:6c:50:4a:79:8c:59:fc:e0:d0:bf:2e:
54:ce:3a:cc:1c:d4:28:6f:4c:9b:e0:8b:b5:fb:a3:8d:4f:14:
81:fe:1d:9b:10:a7:e5:16:93:51:61:0f:2f:25:9d:9e:fc:d7:
de:38:a3:c5:42:3c:00:73:8b:df:82:22:77:fe:ad:1d:f2:cf:
96:68:0d:a6:c0:d1:a0:4a:99:44:c7:47:cb:f4:0a:c0:05:43:
cd:d4:9c:4a:03:6c:20:ac:ab:3a:3a:ab:7b:e0:87:de:d1:bd:
b0:70:28:9d:97:da:59:9a:9d:9c:c6:6c:3c:7b:1d:87:77:d9:
37:c2:a3:3d:9c:fb:8a:e6:43:34:5f:35:52:7c:4f:81:98:93:
66:21:01:44:7f:10:f6:ef:e4:38:c8:7a:34:49:03:f1:a6:03:
ba:7e:9e:cd:e9:a3:c1:0d:b1:42:f4:dc:c2:92:71:98:52:cd:
c8:bc:dc:c5:74:a8:37:e4:25:d7:a7:9b:25:57:81:0b:57:ec:
df:09:b4:52:29:c2:ad:96:29:3e:9d:e5:39:50:df:de:49:8d:
6e:c8:2c:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm14DthG8fv7qhsrt0t4leCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODAyMTA1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRkOGJhYmI5NjM1OGQwZjIxMmVlMjU1OWJjMmMxZTFkMzQwMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+XIjmQ0ZDmYNuK9cA/rl7wQrM0I
9A0UMjXPhRh1uc003Esqb7ejKGvgVJRaqx82cxqNhKABgAmfIw/GZB/Oqju4zIn/
lay9NVl77cqe/RxuHzaMAmnxk44fpQJskDpQqqye5ewVJhAZGfwQXtjY8XPVYmPn
Qg2mmGSWWZqWfSTqhHZDsgMJwINm8VvuZHAE6STF6khfFGrVRg71x/b9poSnuhgR
KJ/u2L4ABKhObIgmGLSKi5RFNISvt+ST0TPw3Q7EfXMenYGYfSLtCk/cuwTNIlP/
vZ3yWwryiNFRU9OnobAwaLdi97U26+SBZcFIykkV0ErS+/gyHwiCYpmyIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMpNi6u5Y1jQ8hLuJVm8LB4dNAOKMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveWsyTHE3bGpXTkR5RXU0bFdid3NIaDAwQTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSTAAwQC
udzsAwQCufi4MA0GCSqGSIb3DQEBCwUAA4IBAQA9cQ4HL4DHubRODN2x9WnfO6LO
JZRLfSYSAvwdTtMO0XlqfePh/4NBEBp+bFBKeYxZ/ODQvy5UzjrMHNQob0yb4Iu1
+6ONTxSB/h2bEKflFpNRYQ8vJZ2e/NfeOKPFQjwAc4vfgiJ3/q0d8s+WaA2mwNGg
SplEx0fL9ArABUPN1JxKA2wgrKs6Oqt74Ife0b2wcCidl9pZmp2cxmw8ex2Hd9k3
wqM9nPuK5kM0XzVSfE+BmJNmIQFEfxD27+Q4yHo0SQPxpgO6fp7N6aPBDbFC9NzC
knGYUs3IvNzFdKg35CXXp5slV4ELV+zfCbRSKcKtlik+neU5UN/eSY1uyCz2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org