Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/14671e-86d2-42fc-80d9-825d3ff1dde8/1/YfU1QN1q3tbreo8Tf7BGLlvhFUw.roa
File: YfU1QN1q3tbreo8Tf7BGLlvhFUw.roa (raw, json)
Hash identifier: eZVi+sXsMcSSMTVZvbAlLbuhkFYUW44cJ824Cqtnvws=
Subject key identifier: 61:F5:35:40:DD:6A:DE:D6:EB:7A:8F:13:7F:B0:46:2E:5B:E1:15:4C
Certificate issuer: /CN=faa61e29c166bf0635c8cefe8da82104a783b454
Certificate serial: 0185715E84EE030BF0AC3A4BFBB745A53F65
Authority key identifier: FA:A6:1E:29:C1:66:BF:06:35:C8:CE:FE:8D:A8:21:04:A7:83:B4:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qYeKcFmvwY1yM7-jaghBKeDtFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/14671e-86d2-42fc-80d9-825d3ff1dde8/1/YfU1QN1q3tbreo8Tf7BGLlvhFUw.roa
Signing time: Mon 02 Jan 2023 07:24:57 +0000
ROA not before: Mon 02 Jan 2023 07:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39319
IP address blocks: 94.199.224.0/21 maxlen: 21
185.47.72.0/22 maxlen: 22
2a00:ed8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:84:ee:03:0b:f0:ac:3a:4b:fb:b7:45:a5:3f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa61e29c166bf0635c8cefe8da82104a783b454
Validity
Not Before: Jan 2 07:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61f53540dd6aded6eb7a8f137fb0462e5be1154c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3e:90:ba:b6:c6:02:a7:bb:d9:fc:71:55:4d:
08:d2:c9:98:7f:d7:7c:a0:56:24:ed:85:f5:0b:a8:
ce:97:88:ca:a9:ef:f4:62:b4:b3:52:70:66:71:6a:
58:f5:ee:c8:14:aa:d4:5b:2f:8f:8f:b2:32:82:d3:
13:12:f9:0c:cf:84:5a:e4:41:14:1d:e2:29:8e:81:
56:6a:41:10:ac:f3:32:b9:05:bd:b5:d8:13:16:35:
82:1c:0d:2a:d9:b8:d8:3f:4c:3b:fd:43:65:c2:a9:
e7:40:55:63:dd:96:2f:63:5f:98:1d:47:1e:be:10:
02:05:ba:9c:5a:83:f0:8b:4f:85:e2:eb:38:7e:05:
1e:81:37:37:af:21:79:c7:e0:73:ee:53:64:e6:9e:
3c:b9:29:1a:46:5a:11:86:9d:98:99:d0:21:9c:c1:
bc:a1:7a:72:d7:59:fb:03:98:0c:bf:2a:c3:3d:17:
fe:c9:9b:b6:f7:74:71:1e:e8:1c:d6:37:a7:ac:c8:
19:73:60:fb:40:34:92:da:69:d8:e4:33:ab:f1:70:
6f:9c:b0:fd:12:4c:6c:1d:93:4f:eb:f3:9c:79:79:
5e:c6:c2:d8:53:f1:90:c5:20:fa:37:01:2e:3e:ce:
e8:70:72:aa:19:da:b8:67:a9:14:68:fe:71:8e:77:
94:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F5:35:40:DD:6A:DE:D6:EB:7A:8F:13:7F:B0:46:2E:5B:E1:15:4C
X509v3 Authority Key Identifier:
keyid:FA:A6:1E:29:C1:66:BF:06:35:C8:CE:FE:8D:A8:21:04:A7:83:B4:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qYeKcFmvwY1yM7-jaghBKeDtFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14671e-86d2-42fc-80d9-825d3ff1dde8/1/YfU1QN1q3tbreo8Tf7BGLlvhFUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/14671e-86d2-42fc-80d9-825d3ff1dde8/1/1-qYeKcFmvwY1yM7-jaghBKeDtFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.224.0/21
185.47.72.0/22
IPv6:
2a00:ed8::/32
Signature Algorithm: sha256WithRSAEncryption
53:41:91:58:d8:b2:a6:e2:bc:f2:ba:1c:88:91:02:27:ca:a7:
1e:9f:63:48:61:55:52:da:d8:e4:04:5d:36:19:6c:5b:c6:1f:
06:95:e5:4c:83:e3:a8:a3:31:43:66:7a:ef:27:43:72:c9:48:
61:f5:2a:ed:33:08:a2:cc:6a:f0:e1:fd:ea:9c:56:8a:d3:0f:
61:fe:36:86:00:83:ad:d1:16:75:3e:28:2d:e8:39:36:f8:fc:
c8:18:8a:c1:d4:e5:b6:f6:58:5a:62:5a:02:bd:30:53:c3:50:
bc:a1:79:e4:7f:0a:1b:c4:7f:d9:3d:3b:9c:a9:7e:07:b2:9d:
3a:6c:e4:3a:61:22:54:1b:bf:80:81:6e:7d:cd:55:1e:fc:2a:
6f:c2:c8:da:6b:16:f9:ea:f1:30:89:1e:45:f4:78:0b:63:97:
69:20:c0:8b:7e:ba:7d:b2:eb:2d:62:98:7d:6d:38:eb:02:95:
a3:fd:73:11:ad:15:0f:c8:95:e1:a3:e4:36:bb:a0:a6:b5:44:
72:c8:20:69:f1:d1:0e:64:c5:9a:2a:9f:a3:90:e8:11:32:89:
0b:14:88:90:cc:29:49:99:be:b7:e9:fc:11:4c:d3:7e:6c:4e:
8f:0f:f1:58:47:70:91:de:ca:3f:11:cd:30:64:f5:38:8d:e7:
be:24:28:29
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxXoTuAwvwrDpL+7dFpT9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTYxZTI5YzE2NmJmMDYzNWM4Y2VmZThkYTgyMTA0YTc4
M2I0NTQwHhcNMjMwMTAyMDcyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY1MzU0MGRkNmFkZWQ2ZWI3YThmMTM3ZmIwNDYyZTViZTExNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz6QurbGAqe72fxxVU0I0smYf9d8
oFYk7YX1C6jOl4jKqe/0YrSzUnBmcWpY9e7IFKrUWy+Pj7IygtMTEvkMz4Ra5EEU
HeIpjoFWakEQrPMyuQW9tdgTFjWCHA0q2bjYP0w7/UNlwqnnQFVj3ZYvY1+YHUce
vhACBbqcWoPwi0+F4us4fgUegTc3ryF5x+Bz7lNk5p48uSkaRloRhp2YmdAhnMG8
oXpy11n7A5gMvyrDPRf+yZu293RxHugc1jenrMgZc2D7QDSS2mnY5DOr8XBvnLD9
EkxsHZNP6/OceXlexsLYU/GQxSD6NwEuPs7ocHKqGdq4Z6kUaP5xjneU9wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGH1NUDdat7W63qPE3+wRi5b4RVMMB8GA1UdIwQY
MBaAFPqmHinBZr8GNcjO/o2oIQSng7RUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xWWVLY0ZtdndZMXlNNy1qYWdoQktlRHRGUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkvMTQ2NzFlLTg2ZDItNDJmYy04MGQ5
LTgyNWQzZmYxZGRlOC8xL1lmVTFRTjFxM3RicmVvOFRmN0JHTGx2aEZVdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTkvMTQ2NzFlLTg2ZDItNDJmYy04MGQ5LTgyNWQzZmYxZGRl
OC8xLzEtcVllS2NGbXZ3WTF5TTctamFnaEJLZUR0RlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBANex+AD
BAK5L0gwDQQCAAIwBwMFACoADtgwDQYJKoZIhvcNAQELBQADggEBAFNBkVjYsqbi
vPK6HIiRAifKpx6fY0hhVVLa2OQEXTYZbFvGHwaV5UyD46ijMUNmeu8nQ3LJSGH1
Ku0zCKLMavDh/eqcVorTD2H+NoYAg63RFnU+KC3oOTb4/MgYisHU5bb2WFpiWgK9
MFPDULyheeR/ChvEf9k9O5ypfgeynTps5DphIlQbv4CBbn3NVR78Km/CyNprFvnq
8TCJHkX0eAtjl2kgwIt+un2y6y1imH1tOOsClaP9cxGtFQ/IleGj5Da7oKa1RHLI
IGnx0Q5kxZoqn6OQ6BEyiQsUiJDMKUmZvrfp/BFM035sTo8P8VhHcJHeyj8RzTBk
9TiN574kKCk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:22 2024 by rpki-client on console-ams.rpki-client.org