Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/1YRRS93s2JgKagpUsYHSSSPSZy8.roa
File: 1YRRS93s2JgKagpUsYHSSSPSZy8.roa (raw, json)
Hash identifier: vuC3PtO7yBCLylzKwOqHtLPOyCcG7HdPCyM/VSW4nf4=
Subject key identifier: D5:84:51:4B:DD:EC:D8:98:0A:6A:0A:54:B1:81:D2:49:23:D2:67:2F
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018E77E429F96AEA821BB149C1EA11AF7771
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/1YRRS93s2JgKagpUsYHSSSPSZy8.roa
Signing time: Mon 25 Mar 2024 23:13:45 +0000
ROA not before: Mon 25 Mar 2024 23:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 85.117.243.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
192.144.33.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
194.110.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 12:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:e4:29:f9:6a:ea:82:1b:b1:49:c1:ea:11:af:77:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Mar 25 23:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d584514bddecd8980a6a0a54b181d24923d2672f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0c:73:dd:70:d8:27:29:e4:11:0d:42:b3:a2:
c3:b6:c8:3f:16:39:f9:e0:5a:e0:fc:53:16:f6:05:
f7:bb:df:6b:e6:a6:1c:5a:f0:a4:b7:a6:2b:3c:a0:
e8:fb:6c:dc:89:a7:12:2c:fd:03:1d:7f:46:f3:83:
e4:b1:35:cb:ae:c0:91:44:15:0d:4e:c3:5f:66:d6:
fb:d9:18:bc:c3:84:dd:c9:b7:9e:d1:f2:b3:3b:2f:
b2:cb:1b:7f:07:cd:86:55:c3:67:ed:77:ee:ca:2b:
24:d7:ec:92:76:7f:7a:f9:d3:5a:89:a9:33:cc:f7:
4e:38:22:20:fc:c0:18:1c:74:e0:31:5e:8e:15:4f:
65:a8:b6:c7:3e:7a:bd:65:f2:be:00:16:85:d1:2b:
df:57:33:5c:92:25:c7:a9:58:f6:91:f8:db:6a:04:
c8:e9:d0:51:ca:5b:e1:bc:98:d8:29:df:09:a8:84:
c1:d2:53:b2:56:be:4f:22:62:9c:dd:60:cb:e4:6d:
6b:16:db:13:67:57:18:34:9f:57:27:7d:80:ca:cd:
26:86:10:c9:2d:c5:02:9e:39:7b:06:31:cd:fe:85:
e1:b0:70:68:c0:34:b6:f5:72:24:df:85:4f:1b:49:
fd:0b:54:93:7a:a3:57:55:53:ae:8f:05:30:0b:52:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:84:51:4B:DD:EC:D8:98:0A:6A:0A:54:B1:81:D2:49:23:D2:67:2F
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/1YRRS93s2JgKagpUsYHSSSPSZy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.11.0/24
192.144.33.0-192.144.34.255
194.110.174.0/24
Signature Algorithm: sha256WithRSAEncryption
23:93:e5:6d:f2:c0:9c:c2:71:59:23:cd:32:12:bc:32:d8:d1:
e8:8d:a8:6a:ff:8e:ba:00:8d:fa:1c:96:36:f5:db:db:6b:7f:
c7:03:f2:15:7b:5b:80:3d:aa:2e:45:15:cc:b0:be:92:76:24:
2e:f6:82:cb:0d:a5:b8:2e:19:e6:54:c9:b6:fc:72:25:44:fc:
3f:10:72:03:89:1f:88:3c:de:ef:f7:ea:d4:b9:68:89:da:05:
a8:32:bd:bf:d4:03:51:64:d6:44:2c:db:73:fb:f1:76:b5:23:
71:8e:33:b9:0c:79:a0:c6:08:e5:3d:21:55:f9:9a:9f:34:39:
8b:62:2e:c5:e3:e0:a7:ca:36:f0:75:0c:5d:86:86:a5:00:9c:
54:7d:75:d2:b9:f8:6a:0f:97:ac:a1:ab:62:14:ed:4d:54:95:
86:c6:7d:7d:8f:46:f0:80:42:99:dd:d5:66:88:b9:36:31:48:
6e:cb:bf:5c:0f:45:62:62:89:a8:70:6e:9e:d8:92:5c:1f:ad:
bb:b2:ae:4e:06:a9:62:de:16:86:7f:75:bc:af:87:0e:a7:bc:
0d:7a:c7:32:e3:67:ee:1e:99:c6:84:73:68:08:ad:c8:6a:48:
9a:78:07:7b:54:99:12:cf:3d:d4:53:3a:16:7c:b7:20:db:41:
8d:66:5a:dd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY535Cn5auqCG7FJweoRr3dxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMzI1MjMxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg0NTE0YmRkZWNkODk4MGE2YTBhNTRiMTgxZDI0OTIzZDI2NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQxz3XDYJynkEQ1Cs6LDtsg/Fjn5
4Frg/FMW9gX3u99r5qYcWvCkt6YrPKDo+2zciacSLP0DHX9G84PksTXLrsCRRBUN
TsNfZtb72Ri8w4Tdybee0fKzOy+yyxt/B82GVcNn7Xfuyisk1+ySdn96+dNaiakz
zPdOOCIg/MAYHHTgMV6OFU9lqLbHPnq9ZfK+ABaF0SvfVzNckiXHqVj2kfjbagTI
6dBRylvhvJjYKd8JqITB0lOyVr5PImKc3WDL5G1rFtsTZ1cYNJ9XJ32Ays0mhhDJ
LcUCnjl7BjHN/oXhsHBowDS29XIk34VPG0n9C1STeqNXVVOujwUwC1LJFwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNWEUUvd7NiYCmoKVLGB0kkj0mcvMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvMVlSUlM5M3MySmdLYWdwVXNZSFNTU1BTWnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVXXzAwQA
uewLMAwDBADAkCEDBADAkCIDBADCbq4wDQYJKoZIhvcNAQELBQADggEBACOT5W3y
wJzCcVkjzTISvDLY0eiNqGr/jroAjfocljb129trf8cD8hV7W4A9qi5FFcywvpJ2
JC72gssNpbguGeZUybb8ciVE/D8QcgOJH4g83u/36tS5aInaBagyvb/UA1Fk1kQs
23P78Xa1I3GOM7kMeaDGCOU9IVX5mp80OYtiLsXj4KfKNvB1DF2GhqUAnFR9ddK5
+GoPl6yhq2IU7U1UlYbGfX2PRvCAQpnd1WaIuTYxSG7Lv1wPRWJiiahwbp7Yklwf
rbuyrk4GqWLeFoZ/dbyvhw6nvA16xzLjZ+4emcaEc2gIrchqSJp4B3tUmRLPPdRT
OhZ8tyDbQY1mWt0=
-----END CERTIFICATE-----
Generated at Fri Apr 5 15:50:53 2024 by rpki-client on console-ams.rpki-client.org