Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/738801-ddc6-4843-936c-20acc38bc8ff/1/YgGMhjjB7F6EO5guCTuypW9jlSM.roa
File: YgGMhjjB7F6EO5guCTuypW9jlSM.roa (raw, json)
Hash identifier: Jbcl4R5EcMRZPVpmrdMX0PKqMtX1brXibubwYc90hoA=
Subject key identifier: 62:01:8C:86:38:C1:EC:5E:84:3B:98:2E:09:3B:B2:A5:6F:63:95:23
Certificate issuer: /CN=c55085005d0e449d3bafa31c5cb429ff89d2c4b7
Certificate serial: 01857079B7A8EEE6140BFDD7005C7E6EFB0F
Authority key identifier: C5:50:85:00:5D:0E:44:9D:3B:AF:A3:1C:5C:B4:29:FF:89:D2:C4:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xVCFAF0ORJ07r6McXLQp_4nSxLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/738801-ddc6-4843-936c-20acc38bc8ff/1/YgGMhjjB7F6EO5guCTuypW9jlSM.roa
Signing time: Mon 02 Jan 2023 03:15:03 +0000
ROA not before: Mon 02 Jan 2023 03:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44845
IP address blocks: 213.159.197.0/24 maxlen: 24
213.159.196.0/24 maxlen: 24
213.159.199.0/24 maxlen: 24
213.159.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b7:a8:ee:e6:14:0b:fd:d7:00:5c:7e:6e:fb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c55085005d0e449d3bafa31c5cb429ff89d2c4b7
Validity
Not Before: Jan 2 03:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62018c8638c1ec5e843b982e093bb2a56f639523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:9a:3a:69:09:d0:8e:07:9f:60:d8:0b:dc:
1c:48:a0:ce:3e:91:3f:57:eb:50:1d:27:8a:de:27:
60:d0:85:d0:05:30:99:bb:52:b5:4b:58:87:81:75:
37:e6:0c:df:db:22:55:a9:df:f4:d2:30:1f:16:6e:
78:4a:92:f1:24:54:67:31:c7:8f:d4:24:d2:ef:cc:
b5:b6:1c:ac:95:ec:7f:51:3d:47:51:95:4c:6e:d2:
82:01:6e:c5:b5:4a:ad:82:4a:8a:d2:ac:cf:7e:06:
a8:5a:3a:a0:e0:a9:e4:79:aa:01:a8:e8:8c:02:64:
8a:cf:c2:10:29:2b:3a:44:8d:35:e7:0a:9e:00:5a:
e2:c4:9e:69:6c:74:83:d2:0a:a9:24:82:3e:bf:18:
c4:9c:76:24:99:5a:5d:83:cc:eb:5a:7c:71:22:fb:
84:10:1b:0a:63:83:d0:e5:db:11:7a:ec:69:d0:50:
77:b2:32:41:1c:7d:cc:b0:7e:55:79:da:49:1f:2c:
37:9a:58:e3:d7:e1:d7:fa:87:22:1d:19:df:a3:7b:
3c:4f:c6:ca:e2:78:0c:ac:1b:7a:b0:f7:b8:6c:7e:
e1:6d:c4:9f:1d:59:f4:87:29:64:00:4d:e1:01:87:
f1:dc:83:6d:c9:25:83:bf:28:d0:33:51:36:1b:20:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:01:8C:86:38:C1:EC:5E:84:3B:98:2E:09:3B:B2:A5:6F:63:95:23
X509v3 Authority Key Identifier:
keyid:C5:50:85:00:5D:0E:44:9D:3B:AF:A3:1C:5C:B4:29:FF:89:D2:C4:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVCFAF0ORJ07r6McXLQp_4nSxLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/738801-ddc6-4843-936c-20acc38bc8ff/1/YgGMhjjB7F6EO5guCTuypW9jlSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/738801-ddc6-4843-936c-20acc38bc8ff/1/xVCFAF0ORJ07r6McXLQp_4nSxLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.159.196.0/22
Signature Algorithm: sha256WithRSAEncryption
81:ea:73:7c:e9:a3:d9:f5:d7:50:81:d8:a5:69:43:b9:d0:d3:
c4:53:51:33:81:74:ba:c1:87:9f:f7:c3:05:aa:24:e1:34:e2:
70:ce:0e:c2:dd:b1:36:e6:c4:f7:f2:cf:d0:0d:34:de:c3:99:
5a:8e:5a:05:fc:ee:9e:52:c0:43:c6:c7:f4:63:60:da:85:6f:
db:4a:bb:69:c9:a6:29:b5:7f:d8:49:1a:87:ba:a5:d7:f1:f5:
cc:dc:9b:42:5e:44:7d:bd:14:63:7a:2a:af:94:5d:61:4d:d5:
e6:18:91:aa:8c:9c:8e:c3:2c:fe:af:69:8b:d8:57:4c:5e:bb:
da:47:03:a7:2b:71:f8:55:db:b1:a7:95:78:cb:4f:fd:59:b6:
02:c3:00:a3:33:85:dd:1c:31:f4:e8:99:47:7e:8d:8d:b7:7b:
3c:16:74:86:2b:0a:29:7c:d3:0a:04:dd:39:26:6b:64:d6:bc:
e9:45:67:51:2a:e0:c9:84:66:12:a4:ac:ed:63:e1:8f:53:54:
57:ed:3a:19:66:9c:a1:b1:25:c4:1d:1c:85:6d:4f:e0:e8:72:
5e:f0:36:7a:3e:88:f0:9c:fc:ae:60:a9:ce:f9:bb:62:62:16:
02:0b:ee:d9:a4:82:07:ca:4e:c0:09:fe:99:41:f7:d2:25:41:
5f:94:43:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwebeo7uYUC/3XAFx+bvsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NTA4NTAwNWQwZTQ0OWQzYmFmYTMxYzVjYjQyOWZmODlk
MmM0YjcwHhcNMjMwMTAyMDMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjAxOGM4NjM4YzFlYzVlODQzYjk4MmUwOTNiYjJhNTZmNjM5NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnICaOmkJ0I4Hn2DYC9wcSKDOPpE/
V+tQHSeK3idg0IXQBTCZu1K1S1iHgXU35gzf2yJVqd/00jAfFm54SpLxJFRnMceP
1CTS78y1thyslex/UT1HUZVMbtKCAW7FtUqtgkqK0qzPfgaoWjqg4KnkeaoBqOiM
AmSKz8IQKSs6RI015wqeAFrixJ5pbHSD0gqpJII+vxjEnHYkmVpdg8zrWnxxIvuE
EBsKY4PQ5dsReuxp0FB3sjJBHH3MsH5VedpJHyw3mljj1+HX+ociHRnfo3s8T8bK
4ngMrBt6sPe4bH7hbcSfHVn0hylkAE3hAYfx3INtySWDvyjQM1E2GyC3swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIBjIY4wexehDuYLgk7sqVvY5UjMB8GA1UdIwQY
MBaAFMVQhQBdDkSdO6+jHFy0Kf+J0sS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZDRkFGME9SSjA3cjZNY1hMUXBfNG5TeExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83Mzg4MDEtZGRjNi00ODQzLTkzNmMt
MjBhY2MzOGJjOGZmLzEvWWdHTWhqakI3RjZFTzVndUNUdXlwVzlqbFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83Mzg4MDEtZGRjNi00ODQzLTkzNmMtMjBhY2MzOGJjOGZm
LzEveFZDRkFGME9SSjA3cjZNY1hMUXBfNG5TeExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1Z/EMA0G
CSqGSIb3DQEBCwUAA4IBAQCB6nN86aPZ9ddQgdilaUO50NPEU1EzgXS6wYef98MF
qiThNOJwzg7C3bE25sT38s/QDTTew5lajloF/O6eUsBDxsf0Y2DahW/bSrtpyaYp
tX/YSRqHuqXX8fXM3JtCXkR9vRRjeiqvlF1hTdXmGJGqjJyOwyz+r2mL2FdMXrva
RwOnK3H4Vduxp5V4y0/9WbYCwwCjM4XdHDH06JlHfo2Nt3s8FnSGKwopfNMKBN05
Jmtk1rzpRWdRKuDJhGYSpKztY+GPU1RX7ToZZpyhsSXEHRyFbU/g6HJe8DZ6Pojw
nPyuYKnO+btiYhYCC+7ZpIIHyk7ACf6ZQffSJUFflENe
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:47 2024 by rpki-client on console-fra.rpki-client.org