Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/YaXGvjlzagRfOIXjs4N8bDzmTdo.roa
File: YaXGvjlzagRfOIXjs4N8bDzmTdo.roa (raw, json)
Hash identifier: vOpeH6PvRcAoZ5Ffr3k1nIg1NUp+OAoH93oAA93Dq3E=
Subject key identifier: 61:A5:C6:BE:39:73:6A:04:5F:38:85:E3:B3:83:7C:6C:3C:E6:4D:DA
Certificate issuer: /CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Certificate serial: 01898AF1C37383D37E519A46BD75978563AE
Authority key identifier: B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/YaXGvjlzagRfOIXjs4N8bDzmTdo.roa
Signing time: Tue 25 Jul 2023 02:47:27 +0000
ROA not before: Tue 25 Jul 2023 02:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204332
IP address blocks: 185.252.88.0/22 maxlen: 22
185.252.88.0/23 maxlen: 23
185.252.90.0/23 maxlen: 23
2a0c:2440::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8a:f1:c3:73:83:d3:7e:51:9a:46:bd:75:97:85:63:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b266e6e4d5df7f8a25654144755d7bd992e73539
Validity
Not Before: Jul 25 02:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61a5c6be39736a045f3885e3b3837c6c3ce64dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:bd:fa:b2:e2:f7:da:06:a0:b3:c8:a8:84:
8d:d3:2e:8b:3f:d5:84:ad:82:e1:66:09:f3:96:39:
65:fe:aa:25:9a:c3:d2:6a:91:1c:bd:54:04:f1:3a:
41:68:ba:dc:b3:3c:80:fd:8e:2f:10:48:a8:f2:d7:
27:66:a4:3d:4f:34:ce:32:71:4f:4c:9d:4d:fb:00:
29:f5:fc:9c:3a:c8:a0:e6:9e:ae:7e:0c:7c:81:13:
c3:5d:c9:da:ff:e3:fa:f2:70:e8:46:1a:04:53:2c:
19:7d:96:16:60:be:49:b2:cb:8a:47:9e:b5:2e:92:
fc:29:3b:f0:e2:05:11:69:1d:f8:a2:4a:ea:1a:11:
eb:91:0b:ef:42:06:e6:83:5e:b2:3c:b1:01:cb:f5:
2a:10:92:49:24:06:79:22:7e:94:da:e9:de:bd:f8:
f2:b6:0a:8f:b6:4c:26:d3:20:20:b5:dc:7a:3c:bb:
d1:91:78:60:a1:03:e4:3f:fc:11:2c:2d:26:58:69:
da:a7:98:00:e7:2d:47:a9:f2:f3:24:da:45:47:bd:
40:3e:9e:c8:8e:29:a1:93:ce:51:7f:54:ae:9d:c8:
48:03:19:0a:98:d8:a3:ad:56:5c:7f:93:4b:b0:bf:
18:4f:8f:00:d3:3d:a7:9b:5e:db:06:78:2c:5f:1c:
09:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A5:C6:BE:39:73:6A:04:5F:38:85:E3:B3:83:7C:6C:3C:E6:4D:DA
X509v3 Authority Key Identifier:
keyid:B2:66:E6:E4:D5:DF:7F:8A:25:65:41:44:75:5D:7B:D9:92:E7:35:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smbm5NXff4olZUFEdV172ZLnNTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/YaXGvjlzagRfOIXjs4N8bDzmTdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/ec8801-0a7c-487e-a103-525d7e22c788/1/smbm5NXff4olZUFEdV172ZLnNTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.88.0/22
IPv6:
2a0c:2440::/29
Signature Algorithm: sha256WithRSAEncryption
16:cb:ff:e5:1a:32:54:67:c4:19:6d:74:4d:cd:61:e0:ea:40:
d0:76:04:a3:a0:2e:87:c7:45:1e:f4:04:a9:1d:ae:05:50:97:
83:25:88:f7:c4:41:75:ed:09:61:eb:cd:1c:fe:ab:62:43:bc:
f9:ae:f1:bc:8a:d1:9e:6c:24:cf:c9:e0:30:6e:12:81:6d:60:
30:7b:7b:93:08:ef:a5:2e:59:dd:01:d3:c0:ac:32:9c:d7:f4:
89:28:f8:13:f8:be:0b:02:b5:9e:1e:81:95:b3:b7:d9:f7:04:
d8:1d:7b:2d:38:d3:a4:03:51:60:75:43:f7:a4:83:f2:45:b6:
ba:94:32:1c:81:60:33:49:8e:14:16:96:db:f6:e2:0a:b8:d9:
8e:1b:26:74:5b:93:3d:31:b5:c8:c3:7e:bd:bf:08:f2:fb:f3:
2a:a7:d5:68:b8:a0:ab:ef:76:f6:09:57:f7:e7:e9:07:fa:f9:
22:4e:42:25:16:56:1b:d9:41:4c:8a:bf:8a:b6:61:cf:d6:7f:
a8:7c:46:5d:45:3d:f1:af:0c:89:98:f9:80:6d:e6:73:37:5b:
e5:f4:fe:72:f1:20:d0:c7:26:12:f1:04:6c:d7:65:63:9a:ef:
76:bb:f8:f0:ef:77:f6:d7:9d:d3:37:52:44:9e:8b:b2:21:5c:
88:c3:00:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmK8cNzg9N+UZpGvXWXhWOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNjZlNmU0ZDVkZjdmOGEyNTY1NDE0NDc1NWQ3YmQ5OTJl
NzM1MzkwHhcNMjMwNzI1MDI0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE1YzZiZTM5NzM2YTA0NWYzODg1ZTNiMzgzN2M2YzNjZTY0ZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk69+rLi99oGoLPIqISN0y6LP9WE
rYLhZgnzljll/qolmsPSapEcvVQE8TpBaLrcszyA/Y4vEEio8tcnZqQ9TzTOMnFP
TJ1N+wAp9fycOsig5p6ufgx8gRPDXcna/+P68nDoRhoEUywZfZYWYL5JssuKR561
LpL8KTvw4gURaR34okrqGhHrkQvvQgbmg16yPLEBy/UqEJJJJAZ5In6U2unevfjy
tgqPtkwm0yAgtdx6PLvRkXhgoQPkP/wRLC0mWGnap5gA5y1HqfLzJNpFR71APp7I
jimhk85Rf1SunchIAxkKmNijrVZcf5NLsL8YT48A0z2nm17bBngsXxwJUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGGlxr45c2oEXziF47ODfGw85k3aMB8GA1UdIwQY
MBaAFLJm5uTV33+KJWVBRHVde9mS5zU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMt
NTI1ZDdlMjJjNzg4LzEvWWFYR3ZqbHphZ1JmT0lYanM0TjhiRHptVGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9lYzg4MDEtMGE3Yy00ODdlLWExMDMtNTI1ZDdlMjJjNzg4
LzEvc21ibTVOWGZmNG9sWlVGRWRWMTcyWkxuTlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufxYMA0E
AgACMAcDBQMqDCRAMA0GCSqGSIb3DQEBCwUAA4IBAQAWy//lGjJUZ8QZbXRNzWHg
6kDQdgSjoC6Hx0Ue9ASpHa4FUJeDJYj3xEF17Qlh680c/qtiQ7z5rvG8itGebCTP
yeAwbhKBbWAwe3uTCO+lLlndAdPArDKc1/SJKPgT+L4LArWeHoGVs7fZ9wTYHXst
ONOkA1FgdUP3pIPyRba6lDIcgWAzSY4UFpbb9uIKuNmOGyZ0W5M9MbXIw369vwjy
+/Mqp9VouKCr73b2CVf35+kH+vkiTkIlFlYb2UFMir+KtmHP1n+ofEZdRT3xrwyJ
mPmAbeZzN1vl9P5y8SDQxyYS8QRs12Vjmu92u/jw73f2153TN1JEnouyIVyIwwAg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:45 2024 by rpki-client on console-fra.rpki-client.org