Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/T3up8f6u3Mh_pXm3g3JAULrB0Zk.roa
File: T3up8f6u3Mh_pXm3g3JAULrB0Zk.roa (raw, json)
Hash identifier: zMJ7NnY0mDmz9P6ri71T1dB4PhrVftPo0sfs25knZHs=
Subject key identifier: 4F:7B:A9:F1:FE:AE:DC:C8:7F:A5:79:B7:83:72:40:50:BA:C1:D1:99
Certificate issuer: /CN=61ea673be28b493dba441870fb50e59a0d1c17c5
Certificate serial: 01856C1383F7888CDBCC0D50C86970AA27A8
Authority key identifier: 61:EA:67:3B:E2:8B:49:3D:BA:44:18:70:FB:50:E5:9A:0D:1C:17:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YepnO-KLST26RBhw-1Dlmg0cF8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/T3up8f6u3Mh_pXm3g3JAULrB0Zk.roa
Signing time: Sun 01 Jan 2023 06:44:56 +0000
ROA not before: Sun 01 Jan 2023 06:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39702
IP address blocks: 185.214.232.0/22 maxlen: 22
2a0e:a2c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:83:f7:88:8c:db:cc:0d:50:c8:69:70:aa:27:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ea673be28b493dba441870fb50e59a0d1c17c5
Validity
Not Before: Jan 1 06:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f7ba9f1feaedcc87fa579b783724050bac1d199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:29:83:3d:18:1e:fe:57:2d:3b:3d:68:2a:ce:
99:bc:96:7a:b1:1e:41:e4:10:09:4f:ed:1d:38:21:
e9:5d:05:cb:4c:2d:7b:3d:94:e6:15:48:03:e6:c5:
bc:a5:47:ff:03:ea:b2:63:e9:28:ab:22:41:75:66:
14:b1:8a:52:fa:6e:eb:98:1c:0b:d1:1a:eb:32:ad:
22:4e:32:79:37:b1:38:0d:44:cf:2d:b6:33:f2:55:
b8:d7:41:ae:7c:78:76:75:d7:77:f4:e8:55:cd:7d:
ba:e6:2c:40:bc:58:79:50:d7:e6:49:21:9b:f5:86:
b3:c5:17:d9:46:ad:6e:68:a7:14:1b:7e:da:99:71:
23:c4:2a:53:25:5c:11:22:a7:0d:c5:a0:2e:85:2d:
c6:87:34:ad:61:65:d8:59:76:66:66:51:d3:04:7d:
34:30:0a:bc:2d:10:ed:43:1d:b4:93:d2:62:f7:bc:
0d:4b:7b:f3:59:78:ca:58:01:38:89:0c:e7:df:b3:
32:33:aa:fb:d7:d4:c8:46:ab:a7:07:e3:e0:a9:90:
24:e1:52:ae:ba:72:8d:dc:4c:19:38:b3:3a:6c:8d:
e7:d2:3f:f3:7e:22:0a:c1:9e:c3:c5:f8:7a:a2:60:
c4:f8:93:dc:29:4a:64:e3:22:81:c1:62:28:70:5a:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7B:A9:F1:FE:AE:DC:C8:7F:A5:79:B7:83:72:40:50:BA:C1:D1:99
X509v3 Authority Key Identifier:
keyid:61:EA:67:3B:E2:8B:49:3D:BA:44:18:70:FB:50:E5:9A:0D:1C:17:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YepnO-KLST26RBhw-1Dlmg0cF8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/T3up8f6u3Mh_pXm3g3JAULrB0Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/YepnO-KLST26RBhw-1Dlmg0cF8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.232.0/22
IPv6:
2a0e:a2c0::/32
Signature Algorithm: sha256WithRSAEncryption
96:80:85:7b:d7:69:dc:1e:8f:b8:fd:d9:8a:37:9d:07:7a:7a:
ce:e3:50:6e:73:22:b0:1f:96:c2:3a:f5:d3:d1:04:ec:b9:25:
34:f8:f6:49:c6:1b:52:a8:a7:03:fa:c7:53:5c:f6:58:b5:a6:
fa:4c:66:75:f5:7e:c1:2e:17:d1:2a:43:b1:f5:20:14:41:5b:
1c:7e:e8:89:81:bf:97:f9:0f:cb:45:91:4f:8b:8e:9a:9c:e5:
db:51:5e:61:d2:e3:c7:63:28:b6:00:d1:4b:79:ac:b8:ac:69:
64:cf:7c:de:5b:b6:4b:66:65:58:4b:eb:ec:28:0f:e0:87:c8:
87:ac:27:82:aa:da:4d:7c:36:ef:a5:dc:53:0a:14:7a:fc:d2:
33:98:f6:f7:8a:54:1b:86:bc:1c:8f:24:02:91:e7:be:22:7a:
8a:2a:b0:59:68:67:4a:a0:5d:68:fe:e4:5f:4f:60:e4:ec:b9:
c6:ec:a8:5c:50:6c:cf:a4:93:6b:cb:97:93:0f:fd:41:e4:22:
b7:9c:bd:05:d8:88:e7:fb:5b:5f:43:e1:07:31:5a:5c:e8:a5:
5c:ec:c7:90:51:e6:16:1f:58:77:a8:9d:4c:47:ac:cc:a5:45:
51:fc:ca:cb:7c:87:81:fd:60:2e:22:90:60:ec:a0:88:2b:7c:
9c:22:3d:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsE4P3iIzbzA1QyGlwqieoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZWE2NzNiZTI4YjQ5M2RiYTQ0MTg3MGZiNTBlNTlhMGQx
YzE3YzUwHhcNMjMwMTAxMDY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjdiYTlmMWZlYWVkY2M4N2ZhNTc5Yjc4MzcyNDA1MGJhYzFkMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCmDPRge/lctOz1oKs6ZvJZ6sR5B
5BAJT+0dOCHpXQXLTC17PZTmFUgD5sW8pUf/A+qyY+koqyJBdWYUsYpS+m7rmBwL
0RrrMq0iTjJ5N7E4DUTPLbYz8lW410GufHh2ddd39OhVzX265ixAvFh5UNfmSSGb
9YazxRfZRq1uaKcUG37amXEjxCpTJVwRIqcNxaAuhS3GhzStYWXYWXZmZlHTBH00
MAq8LRDtQx20k9Ji97wNS3vzWXjKWAE4iQzn37MyM6r719TIRqunB+PgqZAk4VKu
unKN3EwZOLM6bI3n0j/zfiIKwZ7Dxfh6omDE+JPcKUpk4yKBwWIocFphyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE97qfH+rtzIf6V5t4NyQFC6wdGZMB8GA1UdIwQY
MBaAFGHqZzvii0k9ukQYcPtQ5ZoNHBfFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVwbk8tS0xTVDI2UkJody0xRGxtZzBjRjhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MmMxYmYtODlmZi00ODJmLTlmMTQt
NDk4ZGQxZDMwN2QwLzEvVDN1cDhmNnUzTWhfcFhtM2czSkFVTHJCMFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80MmMxYmYtODlmZi00ODJmLTlmMTQtNDk4ZGQxZDMwN2Qw
LzEvWWVwbk8tS0xTVDI2UkJody0xRGxtZzBjRjhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudboMA0E
AgACMAcDBQAqDqLAMA0GCSqGSIb3DQEBCwUAA4IBAQCWgIV712ncHo+4/dmKN50H
enrO41BucyKwH5bCOvXT0QTsuSU0+PZJxhtSqKcD+sdTXPZYtab6TGZ19X7BLhfR
KkOx9SAUQVscfuiJgb+X+Q/LRZFPi46anOXbUV5h0uPHYyi2ANFLeay4rGlkz3ze
W7ZLZmVYS+vsKA/gh8iHrCeCqtpNfDbvpdxTChR6/NIzmPb3ilQbhrwcjyQCkee+
InqKKrBZaGdKoF1o/uRfT2Dk7LnG7KhcUGzPpJNry5eTD/1B5CK3nL0F2Ijn+1tf
Q+EHMVpc6KVc7MeQUeYWH1h3qJ1MR6zMpUVR/MrLfIeB/WAuIpBg7KCIK3ycIj2p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org