Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YY25EQqKkqYbyGkptJ5hH5UIChw.roa
File: YY25EQqKkqYbyGkptJ5hH5UIChw.roa (raw, json)
Hash identifier: LI7/N5U79SxlvnpeBnl13AMzruCHFnt0Cl4hAQ22xjQ=
Subject key identifier: 61:8D:B9:11:0A:8A:92:A6:1B:C8:69:29:B4:9E:61:1F:95:08:0A:1C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189DFFF5072C4D29476D666E160B2BEA680
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YY25EQqKkqYbyGkptJ5hH5UIChw.roa
Signing time: Thu 10 Aug 2023 15:09:58 +0000
ROA not before: Thu 10 Aug 2023 15:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.58.44.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:ff:50:72:c4:d2:94:76:d6:66:e1:60:b2:be:a6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 10 15:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=618db9110a8a92a61bc86929b49e611f95080a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8d:6f:fe:54:e9:09:3e:5c:26:32:96:20:ef:
f2:6c:53:76:e2:dd:92:a8:63:40:13:36:2d:cf:16:
1c:1a:e9:55:6e:98:9a:bb:f1:8a:c9:8b:cc:a8:08:
bf:8b:90:4a:23:ec:5d:80:fb:dd:ba:ee:83:1f:2f:
c4:8a:22:1b:a8:94:73:2d:5a:4f:85:6b:b4:a8:04:
9b:00:4e:62:ef:27:a7:1a:7f:5b:03:34:19:72:62:
e1:6c:69:26:72:e6:b1:f4:f8:67:9d:8c:8a:b1:ae:
df:fe:23:88:02:83:74:70:02:b6:84:04:1a:b4:11:
03:60:c7:63:ed:6a:42:b5:c3:dd:b4:65:82:d8:ff:
75:5d:c0:bd:17:df:fd:23:d7:74:02:b0:42:14:55:
ca:6c:cc:b4:c0:4c:e2:8e:0c:6d:7b:f5:ee:89:80:
4a:49:4c:c4:ce:ea:72:67:72:5e:02:82:ee:90:9e:
a9:93:28:41:4b:12:ff:29:c6:b8:5e:f1:6e:7d:88:
c0:bb:11:aa:ba:83:4e:a2:44:ca:53:29:5b:43:b9:
7f:fe:e3:cb:c5:3a:06:81:e9:d8:8c:07:95:6d:b4:
d8:93:cd:ee:fd:a1:c3:44:65:e0:a6:46:c7:7c:8a:
71:cb:25:1b:f2:c0:63:bd:37:f3:60:8d:ae:ea:0f:
e9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8D:B9:11:0A:8A:92:A6:1B:C8:69:29:B4:9E:61:1F:95:08:0A:1C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YY25EQqKkqYbyGkptJ5hH5UIChw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.205.0/24
194.58.44.0/24
194.87.2.0/24
194.87.18.0/24
194.87.170.0/24
194.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d0:74:f6:b2:51:1c:df:3f:f4:db:cc:d6:fb:12:b6:87:f7:
2c:cf:11:ee:7a:e5:3e:61:d1:85:d8:85:a1:ae:4d:ea:28:39:
7d:6f:05:c3:7e:10:c4:f6:fa:08:9d:3f:c8:d2:d4:49:98:73:
08:f8:8e:86:63:a1:52:11:e5:9f:e2:37:05:08:3d:a8:bc:1b:
3d:cd:c9:3f:c4:08:c5:e3:42:aa:a5:f7:e5:3e:e3:2d:91:e6:
47:43:6e:d5:27:dd:b8:f2:3d:a7:34:c2:f8:9a:27:31:5c:ca:
25:bd:8a:84:69:cf:4d:b3:b4:11:7c:ef:d3:c1:44:d5:93:84:
72:ad:74:f2:de:b1:f1:c9:35:20:54:12:c8:b3:7f:e2:9e:d7:
7b:3c:b2:b4:47:96:06:8f:90:9c:41:5b:a7:53:ef:35:4a:64:
cd:29:5b:be:26:c6:da:a8:39:5f:1a:c2:a5:85:5e:77:f1:99:
19:44:92:69:03:d8:a5:5d:f7:72:50:dc:db:06:e8:ee:f2:45:
82:3c:41:c9:83:e2:d7:ab:85:00:1d:b8:4a:2e:1f:49:59:06:
f9:9a:8d:d5:8a:60:e3:f2:70:ce:11:d4:26:90:7f:21:1f:c1:
d4:31:d9:67:4c:40:08:ef:2b:06:6f:6a:bc:c5:18:6b:4c:56:
5c:45:89:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYnf/1ByxNKUdtZm4WCyvqaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODEwMTUwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThkYjkxMTBhOGE5MmE2MWJjODY5MjliNDllNjExZjk1MDgwYTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI1v/lTpCT5cJjKWIO/ybFN24t2S
qGNAEzYtzxYcGulVbpiau/GKyYvMqAi/i5BKI+xdgPvduu6DHy/EiiIbqJRzLVpP
hWu0qASbAE5i7yenGn9bAzQZcmLhbGkmcuax9PhnnYyKsa7f/iOIAoN0cAK2hAQa
tBEDYMdj7WpCtcPdtGWC2P91XcC9F9/9I9d0ArBCFFXKbMy0wEzijgxte/XuiYBK
SUzEzupyZ3JeAoLukJ6pkyhBSxL/Kca4XvFufYjAuxGquoNOokTKUylbQ7l//uPL
xToGgenYjAeVbbTYk83u/aHDRGXgpkbHfIpxyyUb8sBjvTfzYI2u6g/pewIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGGNuREKipKmG8hpKbSeYR+VCAocMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVkyNUVRcUtrcVlieUdrcHRKNWhINVVJQ2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXzNAwQA
wjosAwQAwlcCAwQAwlcSAwQAwleqAwQAwlfNMA0GCSqGSIb3DQEBCwUAA4IBAQB2
0HT2slEc3z/028zW+xK2h/cszxHueuU+YdGF2IWhrk3qKDl9bwXDfhDE9voInT/I
0tRJmHMI+I6GY6FSEeWf4jcFCD2ovBs9zck/xAjF40KqpfflPuMtkeZHQ27VJ924
8j2nNML4micxXMolvYqEac9Ns7QRfO/TwUTVk4RyrXTy3rHxyTUgVBLIs3/intd7
PLK0R5YGj5CcQVunU+81SmTNKVu+JsbaqDlfGsKlhV538ZkZRJJpA9ilXfdyUNzb
Buju8kWCPEHJg+LXq4UAHbhKLh9JWQb5mo3VimDj8nDOEdQmkH8hH8HUMdlnTEAI
7ysGb2q8xRhrTFZcRYmr
-----END CERTIFICATE-----
Generated at Tue Aug 15 12:11:22 2023 by rpki-client on console-ams.rpki-client.org