Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/df96a5-3157-4883-8083-212f893fc835/1/yawxs8aVEiJuayobzGK1ZU8quOI.roa
File: yawxs8aVEiJuayobzGK1ZU8quOI.roa (raw, json)
Hash identifier: m5wt08l63qz8eVX4mDMC/ISnzF4u9hHSBq9LtASppZk=
Subject key identifier: C9:AC:31:B3:C6:95:12:22:6E:6B:2A:1B:CC:62:B5:65:4F:2A:B8:E2
Certificate issuer: /CN=1f94d1354e72306a9f7f951f93f52e8d13a40abf
Certificate serial: 018573F18F061FE44A24392AC53EBBE29709
Authority key identifier: 1F:94:D1:35:4E:72:30:6A:9F:7F:95:1F:93:F5:2E:8D:13:A4:0A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H5TRNU5yMGqff5Ufk_UujROkCr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/df96a5-3157-4883-8083-212f893fc835/1/yawxs8aVEiJuayobzGK1ZU8quOI.roa
Signing time: Mon 02 Jan 2023 19:24:48 +0000
ROA not before: Mon 02 Jan 2023 19:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205850
IP address blocks: 185.204.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:8f:06:1f:e4:4a:24:39:2a:c5:3e:bb:e2:97:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f94d1354e72306a9f7f951f93f52e8d13a40abf
Validity
Not Before: Jan 2 19:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9ac31b3c69512226e6b2a1bcc62b5654f2ab8e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:10:75:fe:52:e8:90:84:d3:55:03:37:ef:6e:
ad:73:a9:48:c2:b6:0f:0e:b8:c6:5c:d3:c4:d8:a8:
1c:60:71:6d:c8:20:67:72:ef:e4:81:f7:f5:b1:cb:
67:8b:b5:c4:33:6c:d2:41:61:2b:5e:9d:03:f7:7b:
e2:8a:27:d3:e1:bc:73:21:cc:c6:7d:df:22:be:16:
0f:e4:3c:02:4d:4b:62:0a:bb:e9:cc:08:07:84:26:
85:30:e4:84:c9:ce:37:7f:a8:89:7c:6a:f8:eb:69:
9a:a9:e4:60:12:01:7b:1e:44:55:6c:09:69:4c:af:
10:fa:a1:05:5f:cf:1a:ff:31:2b:81:4b:68:db:b8:
c2:0f:e7:79:da:0c:03:7f:ed:52:fb:d5:c7:3e:c2:
a6:24:13:cd:d8:22:01:08:92:bf:7d:2c:79:7b:d9:
46:5d:48:1b:c0:d6:bd:96:e7:12:01:e8:37:e7:5b:
3d:88:a2:a1:11:cf:2b:3b:07:bc:fc:3f:5a:f0:ce:
b0:39:4d:7c:ce:19:8a:42:7f:bd:92:61:02:39:2b:
a3:4b:00:51:eb:31:f4:d6:82:d5:aa:fe:5c:3c:2e:
a7:ff:e5:19:9c:09:21:9b:46:f3:9f:99:99:a7:5e:
bb:4a:01:0d:38:c9:06:42:88:5a:e9:6e:f2:0f:a1:
11:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AC:31:B3:C6:95:12:22:6E:6B:2A:1B:CC:62:B5:65:4F:2A:B8:E2
X509v3 Authority Key Identifier:
keyid:1F:94:D1:35:4E:72:30:6A:9F:7F:95:1F:93:F5:2E:8D:13:A4:0A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H5TRNU5yMGqff5Ufk_UujROkCr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/df96a5-3157-4883-8083-212f893fc835/1/yawxs8aVEiJuayobzGK1ZU8quOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/df96a5-3157-4883-8083-212f893fc835/1/H5TRNU5yMGqff5Ufk_UujROkCr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:aa:ba:aa:24:ad:e7:18:39:a7:52:ab:aa:06:81:de:80:89:
33:35:aa:78:27:d0:30:c0:cb:8c:63:fc:e3:49:18:18:41:0b:
8c:6e:29:f0:49:8f:13:65:d4:96:ed:f4:c5:33:8d:73:36:5d:
3a:3f:b3:ff:42:ee:11:b2:35:66:2f:0d:91:22:d8:a9:78:5e:
e5:4d:6a:28:a4:01:00:12:57:55:c8:08:fa:0f:be:8d:37:03:
fc:68:f1:6d:43:8b:ac:1c:00:ab:c5:d6:bb:05:10:fc:11:a5:
91:a9:3e:0a:54:f6:89:74:69:43:65:27:50:d0:d9:7a:00:7f:
4d:89:a4:12:91:9d:97:fd:76:b5:58:b0:69:f2:a8:1f:78:cc:
27:cc:c4:72:3c:82:8f:7b:d3:3a:b7:e7:58:d3:c0:8e:0d:af:
86:7e:d1:43:ed:a1:03:14:ea:49:5c:8e:31:8d:76:24:db:17:
66:77:45:b3:f7:b4:48:95:25:f4:49:e9:2b:de:63:b2:9a:43:
53:ee:ab:c8:e5:59:66:b0:fa:9c:8b:d7:54:b8:3b:e3:f2:6d:
64:b6:af:4e:ca:4e:5a:5b:cd:b2:1f:60:f7:40:f4:f7:70:c1:
02:f9:df:8b:dc:31:8f:b7:c8:ce:19:91:52:79:b2:58:73:c8:
59:c9:46:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVz8Y8GH+RKJDkqxT674pcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOTRkMTM1NGU3MjMwNmE5ZjdmOTUxZjkzZjUyZThkMTNh
NDBhYmYwHhcNMjMwMTAyMTkyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFjMzFiM2M2OTUxMjIyNmU2YjJhMWJjYzYyYjU2NTRmMmFiOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRB1/lLokITTVQM3726tc6lIwrYP
DrjGXNPE2KgcYHFtyCBncu/kgff1sctni7XEM2zSQWErXp0D93viiifT4bxzIczG
fd8ivhYP5DwCTUtiCrvpzAgHhCaFMOSEyc43f6iJfGr462maqeRgEgF7HkRVbAlp
TK8Q+qEFX88a/zErgUto27jCD+d52gwDf+1S+9XHPsKmJBPN2CIBCJK/fSx5e9lG
XUgbwNa9lucSAeg351s9iKKhEc8rOwe8/D9a8M6wOU18zhmKQn+9kmECOSujSwBR
6zH01oLVqv5cPC6n/+UZnAkhm0bzn5mZp167SgENOMkGQoha6W7yD6ERUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmsMbPGlRIibmsqG8xitWVPKrjiMB8GA1UdIwQY
MBaAFB+U0TVOcjBqn3+VH5P1Lo0TpAq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDVUUk5VNXlNR3FmZjVVZmtfVXVqUk9rQ3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kZjk2YTUtMzE1Ny00ODgzLTgwODMt
MjEyZjg5M2ZjODM1LzEveWF3eHM4YVZFaUp1YXlvYnpHSzFaVThxdU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kZjk2YTUtMzE1Ny00ODgzLTgwODMtMjEyZjg5M2ZjODM1
LzEvSDVUUk5VNXlNR3FmZjVVZmtfVXVqUk9rQ3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucxUMA0G
CSqGSIb3DQEBCwUAA4IBAQCpqrqqJK3nGDmnUquqBoHegIkzNap4J9AwwMuMY/zj
SRgYQQuMbinwSY8TZdSW7fTFM41zNl06P7P/Qu4RsjVmLw2RItipeF7lTWoopAEA
EldVyAj6D76NNwP8aPFtQ4usHACrxda7BRD8EaWRqT4KVPaJdGlDZSdQ0Nl6AH9N
iaQSkZ2X/Xa1WLBp8qgfeMwnzMRyPIKPe9M6t+dY08CODa+GftFD7aEDFOpJXI4x
jXYk2xdmd0Wz97RIlSX0Sekr3mOymkNT7qvI5VlmsPqci9dUuDvj8m1ktq9Oyk5a
W82yH2D3QPT3cMEC+d+L3DGPt8jOGZFSebJYc8hZyUaS
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:47 2024 by rpki-client on console-fra.rpki-client.org