Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/yhvtU9u93aRRg2klUR8jaGKRKQk.roa
File: yhvtU9u93aRRg2klUR8jaGKRKQk.roa (raw, json)
Hash identifier: P0Ty94Yq5f2aWunN+BQ/jgdp09OMWmeghE1jpzHDBp0=
Subject key identifier: CA:1B:ED:53:DB:BD:DD:A4:51:83:69:25:51:1F:23:68:62:91:29:09
Certificate issuer: /CN=f83faec93d403f3713823fa39c7d27c62e921471
Certificate serial: 01856CEF48D5B16DFFDF7FE528C93136C13D
Authority key identifier: F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/yhvtU9u93aRRg2klUR8jaGKRKQk.roa
Signing time: Sun 01 Jan 2023 10:44:59 +0000
ROA not before: Sun 01 Jan 2023 10:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206712
IP address blocks: 185.174.168.0/24 maxlen: 24
185.174.170.0/24 maxlen: 24
185.174.169.0/24 maxlen: 24
2a0b:a902::/32 maxlen: 32
2a0b:a901::/32 maxlen: 32
2a0b:a900::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:48:d5:b1:6d:ff:df:7f:e5:28:c9:31:36:c1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83faec93d403f3713823fa39c7d27c62e921471
Validity
Not Before: Jan 1 10:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1bed53dbbddda451836925511f236862912909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:04:34:52:bc:ea:b8:24:14:68:d1:01:c3:bb:
6f:17:a6:2e:76:eb:45:43:b0:90:5f:d1:0a:3b:bd:
77:71:a1:60:af:f3:1a:1f:e7:b7:04:71:3d:0c:a2:
fd:71:14:00:79:5b:f5:bd:85:ca:b1:67:3c:cf:79:
31:d7:3e:5f:e0:e3:6c:35:55:c1:34:a6:52:4d:68:
fd:b7:88:16:4c:e2:0f:c6:30:d9:cf:e1:60:a7:9e:
9e:c7:ad:b5:20:dd:a4:83:67:5b:61:6d:96:bd:8a:
52:5f:ac:63:3a:15:e1:cf:6c:4d:cf:33:94:13:fc:
65:69:52:43:dd:cd:f5:8e:51:36:44:6b:30:c7:46:
2f:fd:c7:62:28:72:cd:d2:01:8e:7f:e9:81:d8:74:
3c:22:e8:96:ef:64:e3:0d:57:4d:57:ec:d3:1c:3f:
68:cf:5e:34:88:c3:7e:b7:cb:cc:a4:1f:a0:af:99:
e0:fc:2d:88:1b:d6:6a:23:99:fe:07:56:49:94:61:
64:f8:b5:11:70:43:45:84:a3:0f:43:7e:c3:6d:4a:
b3:b0:e3:03:9c:13:04:c3:0d:a9:5b:b5:07:e0:5c:
75:43:d8:7b:96:0a:93:fc:b7:06:46:de:e7:c1:c7:
bb:d6:c4:ee:37:ad:05:64:d2:e4:e8:04:c2:f2:dd:
37:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1B:ED:53:DB:BD:DD:A4:51:83:69:25:51:1F:23:68:62:91:29:09
X509v3 Authority Key Identifier:
keyid:F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/yhvtU9u93aRRg2klUR8jaGKRKQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.168.0-185.174.170.255
IPv6:
2a0b:a900::-2a0b:a902:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:51:9e:4a:19:66:57:71:80:b4:3c:d4:32:58:f4:7b:1c:64:
44:70:4e:d9:fc:10:b0:cf:80:e1:b3:6f:9a:3a:8e:53:14:3d:
9e:a0:c3:e3:f1:1f:83:e8:a5:3c:14:b5:a8:aa:a2:ed:b2:8b:
12:d0:75:bb:3e:2f:83:22:2b:c5:67:02:67:af:d3:d3:d6:2c:
b7:09:0c:12:f4:aa:fc:81:ea:1e:17:95:30:bd:a9:ea:3b:93:
bf:70:bd:85:83:64:f4:ac:6f:a6:f4:25:ae:c7:b8:de:91:a8:
e1:23:20:4a:18:d8:8d:05:79:89:e3:fc:ab:e4:20:95:a2:ee:
cf:69:84:12:2b:bc:7b:80:fa:3b:86:20:87:e0:29:77:38:14:
f2:3d:9c:9d:b1:18:07:d7:3b:ad:76:89:7f:b7:73:ff:72:c6:
ca:88:1c:a2:49:5d:0f:70:e7:5f:51:24:ba:42:ae:fe:8a:d0:
31:14:19:76:af:b5:43:aa:20:58:79:36:cf:cd:31:d4:97:9b:
1f:59:93:37:6f:b8:2a:e7:26:1e:6d:6e:65:1c:d5:b9:a2:5e:
f1:ce:7e:84:0f:a2:2d:48:e2:c9:36:98:a1:38:70:0f:5e:14:
a3:b5:ea:cf:d9:29:46:b9:d8:38:59:26:45:a2:6f:45:53:4b:
97:8a:99:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVs70jVsW3/33/lKMkxNsE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2ZhZWM5M2Q0MDNmMzcxMzgyM2ZhMzljN2QyN2M2MmU5
MjE0NzEwHhcNMjMwMTAxMTA0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFiZWQ1M2RiYmRkZGE0NTE4MzY5MjU1MTFmMjM2ODYyOTEyOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQQ0UrzquCQUaNEBw7tvF6YudutF
Q7CQX9EKO713caFgr/MaH+e3BHE9DKL9cRQAeVv1vYXKsWc8z3kx1z5f4ONsNVXB
NKZSTWj9t4gWTOIPxjDZz+Fgp56ex621IN2kg2dbYW2WvYpSX6xjOhXhz2xNzzOU
E/xlaVJD3c31jlE2RGswx0Yv/cdiKHLN0gGOf+mB2HQ8IuiW72TjDVdNV+zTHD9o
z140iMN+t8vMpB+gr5ng/C2IG9ZqI5n+B1ZJlGFk+LURcENFhKMPQ37DbUqzsOMD
nBMEww2pW7UH4Fx1Q9h7lgqT/LcGRt7nwce71sTuN60FZNLk6ATC8t03AwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMob7VPbvd2kUYNpJVEfI2hikSkJMB8GA1UdIwQY
MBaAFPg/rsk9QD83E4I/o5x9J8YukhRxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ELXV5VDFBUHpjVGdqLWpuSDBueGk2U0ZIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1
LTIxMGFlMDU2OWE0NS8xL3lodnRVOXU5M2FSUmcya2xVUjhqYUdLUktRay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1LTIxMGFlMDU2OWE0
NS8xLzEtRC11eVQxQVB6Y1Rnai1qbkgwbnhpNlNGSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPgYIKwYBBQUHAQcBAf8ELzAtMBQEAgABMA4wDAMEA7mu
qAMEALmuqjAVBAIAAjAPMA0DBAAqC6kDBQAqC6kCMA0GCSqGSIb3DQEBCwUAA4IB
AQBMUZ5KGWZXcYC0PNQyWPR7HGREcE7Z/BCwz4Dhs2+aOo5TFD2eoMPj8R+D6KU8
FLWoqqLtsosS0HW7Pi+DIivFZwJnr9PT1iy3CQwS9Kr8geoeF5UwvanqO5O/cL2F
g2T0rG+m9CWux7jekajhIyBKGNiNBXmJ4/yr5CCVou7PaYQSK7x7gPo7hiCH4Cl3
OBTyPZydsRgH1zutdol/t3P/csbKiByiSV0PcOdfUSS6Qq7+itAxFBl2r7VDqiBY
eTbPzTHUl5sfWZM3b7gq5yYebW5lHNW5ol7xzn6ED6ItSOLJNpihOHAPXhSjterP
2SlGudg4WSZFom9FU0uXipmd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:32 2024 by rpki-client on console-ams.rpki-client.org