Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b5f80d-2a7d-4bab-aaaa-bf264a215b32/1/Y11yRefCutJ1Q6tjef0el_3CfZs.roa
File: Y11yRefCutJ1Q6tjef0el_3CfZs.roa (raw, json)
Hash identifier: XY79NSObiwYZKHB605CnQ3Lk/LUxsGt7ZURkvnbUHFA=
Subject key identifier: 63:5D:72:45:E7:C2:BA:D2:75:43:AB:63:79:FD:1E:97:FD:C2:7D:9B
Certificate issuer: /CN=9ed76829ba6314a035fda799fc0370336657083e
Certificate serial: 01856D017B34D9220A275875FDD8C63DB5E3
Authority key identifier: 9E:D7:68:29:BA:63:14:A0:35:FD:A7:99:FC:03:70:33:66:57:08:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntdoKbpjFKA1_aeZ_ANwM2ZXCD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b5f80d-2a7d-4bab-aaaa-bf264a215b32/1/Y11yRefCutJ1Q6tjef0el_3CfZs.roa
Signing time: Sun 01 Jan 2023 11:04:51 +0000
ROA not before: Sun 01 Jan 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203120
IP address blocks: 185.144.180.0/23 maxlen: 23
185.144.182.0/23 maxlen: 23
2a07:4180::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:7b:34:d9:22:0a:27:58:75:fd:d8:c6:3d:b5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ed76829ba6314a035fda799fc0370336657083e
Validity
Not Before: Jan 1 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635d7245e7c2bad27543ab6379fd1e97fdc27d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:db:54:2b:f8:43:06:24:38:a2:38:e1:67:8d:
1a:41:c3:ce:bc:62:12:0a:09:19:b1:d1:a1:08:58:
33:c7:32:e8:18:b1:62:1a:2e:73:d0:ca:3f:3c:e6:
38:a7:a5:4b:97:87:5d:ff:3d:9f:c5:a6:b1:8c:81:
00:c9:0a:4f:ab:2c:54:5a:97:4c:27:71:91:10:fb:
a5:ee:6b:f2:70:83:d6:83:1c:6a:fe:fc:1a:18:d5:
91:a5:2c:25:8b:33:a5:2e:7d:ce:dc:61:16:db:17:
f1:5d:0e:67:ef:ab:5e:b6:0a:56:5f:17:f3:2f:9f:
c8:2d:34:88:9b:dc:81:23:1f:91:a1:a3:5b:53:d9:
80:8f:2e:08:d0:41:2f:c1:9f:79:28:3f:44:ec:db:
7d:7a:1b:9a:c1:a0:3d:72:0b:75:40:1e:eb:61:bf:
74:d3:c7:cb:55:8d:c6:64:6a:b0:e0:97:49:25:32:
50:d5:8e:85:17:55:4a:7e:2c:52:e9:80:c8:d0:37:
74:3f:e9:c3:c7:35:1f:90:fd:5f:ac:55:e7:7b:b0:
fb:dd:73:0f:64:9e:1b:76:4e:4b:7d:33:da:3f:bd:
93:e0:bc:bd:ea:4b:a3:c6:53:47:f9:dd:33:ac:8b:
b3:2d:35:67:4c:cc:f4:98:70:b4:37:ca:55:5d:11:
0c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5D:72:45:E7:C2:BA:D2:75:43:AB:63:79:FD:1E:97:FD:C2:7D:9B
X509v3 Authority Key Identifier:
keyid:9E:D7:68:29:BA:63:14:A0:35:FD:A7:99:FC:03:70:33:66:57:08:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntdoKbpjFKA1_aeZ_ANwM2ZXCD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b5f80d-2a7d-4bab-aaaa-bf264a215b32/1/Y11yRefCutJ1Q6tjef0el_3CfZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b5f80d-2a7d-4bab-aaaa-bf264a215b32/1/ntdoKbpjFKA1_aeZ_ANwM2ZXCD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.180.0/22
IPv6:
2a07:4180::/29
Signature Algorithm: sha256WithRSAEncryption
3f:4c:b6:4c:a0:99:be:d5:62:95:24:7e:3d:c2:3d:82:04:61:
85:8e:3d:bd:ae:ca:b7:ce:95:be:3b:03:74:7e:71:7b:67:b8:
a8:dc:c9:93:f5:5b:68:b4:b3:6b:1e:4c:93:37:80:59:74:b3:
0c:dd:da:f7:d7:99:44:c7:38:f7:a7:dc:fc:6e:33:13:c5:4a:
67:ed:c5:a6:66:ad:88:03:92:4b:2f:1f:35:e9:f9:a7:f3:35:
a5:b3:ab:82:5c:85:84:42:69:56:74:27:04:7b:4e:c7:7c:04:
13:b7:52:55:a9:c7:49:00:5d:be:27:b0:cf:84:21:af:8e:c0:
42:dc:85:9f:42:10:25:82:cc:87:6b:28:a6:92:66:44:ce:a5:
d8:95:e4:30:6a:cf:22:26:dc:81:bf:dc:c2:26:e8:bf:2f:66:
93:a1:7f:d1:89:1f:14:76:81:bc:dd:bf:2d:6f:87:ae:25:66:
7d:37:bd:9e:a3:d5:2d:c4:1c:3e:50:c5:23:d5:46:83:fd:5e:
8c:2c:6a:e6:e0:81:0c:9f:07:e0:aa:37:43:b1:e0:09:16:39:
9b:b3:8f:d3:42:01:2d:b8:98:12:52:ad:dc:6b:6b:a4:ec:fa:
a4:ed:9e:8a:3c:d6:18:93:11:9a:d6:9b:1b:b2:29:8d:84:5d:
4d:76:82:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAXs02SIKJ1h1/djGPbXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZDc2ODI5YmE2MzE0YTAzNWZkYTc5OWZjMDM3MDMzNjY1
NzA4M2UwHhcNMjMwMTAxMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVkNzI0NWU3YzJiYWQyNzU0M2FiNjM3OWZkMWU5N2ZkYzI3ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNtUK/hDBiQ4ojjhZ40aQcPOvGIS
CgkZsdGhCFgzxzLoGLFiGi5z0Mo/POY4p6VLl4dd/z2fxaaxjIEAyQpPqyxUWpdM
J3GREPul7mvycIPWgxxq/vwaGNWRpSwlizOlLn3O3GEW2xfxXQ5n76tetgpWXxfz
L5/ILTSIm9yBIx+RoaNbU9mAjy4I0EEvwZ95KD9E7Nt9ehuawaA9cgt1QB7rYb90
08fLVY3GZGqw4JdJJTJQ1Y6FF1VKfixS6YDI0Dd0P+nDxzUfkP1frFXne7D73XMP
ZJ4bdk5LfTPaP72T4Ly96kujxlNH+d0zrIuzLTVnTMz0mHC0N8pVXREM7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGNdckXnwrrSdUOrY3n9Hpf9wn2bMB8GA1UdIwQY
MBaAFJ7XaCm6YxSgNf2nmfwDcDNmVwg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRkb0ticGpGS0ExX2FlWl9BTndNMlpYQ0Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNWY4MGQtMmE3ZC00YmFiLWFhYWEt
YmYyNjRhMjE1YjMyLzEvWTExeVJlZkN1dEoxUTZ0amVmMGVsXzNDZlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNWY4MGQtMmE3ZC00YmFiLWFhYWEtYmYyNjRhMjE1YjMy
LzEvbnRkb0ticGpGS0ExX2FlWl9BTndNMlpYQ0Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZC0MA0E
AgACMAcDBQMqB0GAMA0GCSqGSIb3DQEBCwUAA4IBAQA/TLZMoJm+1WKVJH49wj2C
BGGFjj29rsq3zpW+OwN0fnF7Z7io3MmT9VtotLNrHkyTN4BZdLMM3dr315lExzj3
p9z8bjMTxUpn7cWmZq2IA5JLLx816fmn8zWls6uCXIWEQmlWdCcEe07HfAQTt1JV
qcdJAF2+J7DPhCGvjsBC3IWfQhAlgsyHayimkmZEzqXYleQwas8iJtyBv9zCJui/
L2aToX/RiR8UdoG83b8tb4euJWZ9N72eo9UtxBw+UMUj1UaD/V6MLGrm4IEMnwfg
qjdDseAJFjmbs4/TQgEtuJgSUq3ca2uk7Pqk7Z6KPNYYkxGa1psbsimNhF1NdoKB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org