Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/YoM-a5CWuVuYuDfNYikQc11hAY0.roa
File: YoM-a5CWuVuYuDfNYikQc11hAY0.roa (raw, json)
Hash identifier: 16+g+r/3+FsWUBjdX0eVAGZ34n30V5ugt9d9puLMkFY=
Subject key identifier: 62:83:3E:6B:90:96:B9:5B:98:B8:37:CD:62:29:10:73:5D:61:01:8D
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 0187B8C9BD3AE2FD0610E11B6A9A1D5DF39E
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/YoM-a5CWuVuYuDfNYikQc11hAY0.roa
Signing time: Tue 25 Apr 2023 14:20:41 +0000
ROA not before: Tue 25 Apr 2023 14:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 275
IP address blocks: 185.84.19.224/27 maxlen: 27
213.130.47.16/28 maxlen: 28
5.158.213.64/31 maxlen: 31
2001:728:0:5000::1532/127 maxlen: 127
2001:728:0:7000::/64 maxlen: 64
2001:728:401:21::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:c9:bd:3a:e2:fd:06:10:e1:1b:6a:9a:1d:5d:f3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Apr 25 14:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62833e6b9096b95b98b837cd622910735d61018d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:da:c4:cd:74:1b:1e:ee:ea:43:a3:89:4f:
bc:b3:a6:6a:2b:52:41:2d:3b:21:4e:d5:aa:a7:d4:
ac:d7:c4:c5:d3:78:ea:87:4a:6b:9c:0d:68:f3:42:
c9:06:82:c0:59:eb:73:7c:02:d9:16:43:31:1c:85:
81:f6:26:57:ef:39:3d:05:7d:da:2e:89:69:fd:e2:
64:ce:3d:97:f4:6a:92:2c:d2:a4:b9:1d:78:35:b0:
e5:b0:10:9c:52:db:53:ba:9f:c3:3a:da:d8:f2:76:
43:29:37:c9:a7:09:85:b1:0b:b1:21:62:04:e2:43:
dc:d4:bc:f1:19:30:3c:ba:c8:eb:36:d2:90:ed:88:
de:33:d0:e5:8f:d9:57:b1:97:58:ea:3c:48:0e:59:
02:2a:8c:4e:8f:22:38:7d:9e:55:30:a9:f8:c3:62:
6d:9b:4c:64:71:71:3a:d7:6a:f0:18:16:d2:5b:60:
d6:91:f8:1c:3e:46:e4:90:e3:8b:26:43:1b:dd:5e:
c6:a6:3c:37:52:df:e4:63:f3:4d:63:37:a8:39:e1:
12:ea:44:09:03:cc:10:5d:8e:63:86:53:5a:1d:85:
c4:b0:68:33:07:8f:59:15:15:60:70:44:26:32:c7:
07:65:34:94:84:d1:02:ce:1c:e4:03:77:ae:d6:9f:
b9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:83:3E:6B:90:96:B9:5B:98:B8:37:CD:62:29:10:73:5D:61:01:8D
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/YoM-a5CWuVuYuDfNYikQc11hAY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.213.64/31
185.84.19.224/27
213.130.47.16/28
IPv6:
2001:728:0:5000:0:0:0:1532/127
2001:728:0:7000::/64
2001:728:401:21::/64
Signature Algorithm: sha256WithRSAEncryption
52:9a:ac:a3:fe:dd:ad:9e:ab:74:e5:96:1d:b3:f1:2d:2b:ae:
de:1a:ba:b3:e0:1c:49:4c:68:4b:22:ac:b6:fc:64:7b:d0:67:
1c:4f:30:4e:18:7a:36:eb:c0:25:df:46:d3:7c:fb:ed:cd:6b:
bd:10:fb:c5:a4:a9:6a:d9:c9:f4:60:f0:53:52:98:9f:01:b9:
c6:97:76:2d:c1:7c:15:eb:77:b0:66:24:fd:92:6d:2a:61:c3:
13:8c:14:3b:17:53:9e:5f:0a:d2:25:08:98:8d:43:9a:19:0f:
f6:3c:84:ff:69:f1:c6:27:5f:bd:13:47:3d:ee:ac:42:e1:d4:
e1:0c:43:1c:b3:1f:4c:0c:25:e2:5b:de:02:3b:8c:96:e5:6c:
44:d3:3d:ed:d3:71:ec:9e:b1:81:74:82:11:e3:ab:1e:57:70:
61:70:cb:06:bf:2f:f0:78:26:9e:20:40:09:07:05:9b:0b:85:
ed:2b:d7:56:93:ab:0c:93:da:ad:79:7c:b9:e6:e1:de:57:a5:
4b:dd:75:a4:3b:56:9e:25:a3:78:a9:b6:2d:19:96:67:f2:46:
f9:73:c2:15:07:81:53:e7:12:9a:81:d1:3e:01:80:e0:5d:9b:
fe:eb:8b:85:8b:de:23:d8:ae:1b:c2:56:3d:ae:07:03:97:41:
af:ff:2f:1c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYe4yb064v0GEOEbapodXfOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMwNDI1MTQyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjgzM2U2YjkwOTZiOTViOThiODM3Y2Q2MjI5MTA3MzVkNjEwMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvHaxM10Gx7u6kOjiU+8s6ZqK1JB
LTshTtWqp9Ss18TF03jqh0prnA1o80LJBoLAWetzfALZFkMxHIWB9iZX7zk9BX3a
Lolp/eJkzj2X9GqSLNKkuR14NbDlsBCcUttTup/DOtrY8nZDKTfJpwmFsQuxIWIE
4kPc1LzxGTA8usjrNtKQ7YjeM9Dlj9lXsZdY6jxIDlkCKoxOjyI4fZ5VMKn4w2Jt
m0xkcXE612rwGBbSW2DWkfgcPkbkkOOLJkMb3V7Gpjw3Ut/kY/NNYzeoOeES6kQJ
A8wQXY5jhlNaHYXEsGgzB49ZFRVgcEQmMscHZTSUhNECzhzkA3eu1p+5iQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGKDPmuQlrlbmLg3zWIpEHNdYQGNMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvWW9NLWE1Q1d1VnVZdURmTllpa1FjMTFoQVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAbBAIAATAVAwUBBZ7VQAMF
BblUE+ADBQTVgi8QMC8EAgACMCkDEQEgAQcoAABQAAAAAAAAABUyAwkAIAEHKAAA
cAADCQAgAQcoBAEAITANBgkqhkiG9w0BAQsFAAOCAQEAUpqso/7drZ6rdOWWHbPx
LSuu3hq6s+AcSUxoSyKstvxke9BnHE8wThh6NuvAJd9G03z77c1rvRD7xaSpatnJ
9GDwU1KYnwG5xpd2LcF8Fet3sGYk/ZJtKmHDE4wUOxdTnl8K0iUImI1DmhkP9jyE
/2nxxidfvRNHPe6sQuHU4QxDHLMfTAwl4lveAjuMluVsRNM97dNx7J6xgXSCEeOr
HldwYXDLBr8v8HgmniBACQcFmwuF7SvXVpOrDJParXl8uebh3lelS911pDtWniWj
eKm2LRmWZ/JG+XPCFQeBU+cSmoHRPgGA4F2b/uuLhYveI9iuG8JWPa4HA5dBr/8v
HA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:21 2024 by rpki-client on console-ams.rpki-client.org