Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/YHHa4tW5_SBFA9cR_JiMcGy7r_I.roa
File: YHHa4tW5_SBFA9cR_JiMcGy7r_I.roa (raw, json)
Hash identifier: eyaj6lrUj1xW6MBD6ePOoq3iCEujrFl/+12cCIms/KA=
Subject key identifier: 60:71:DA:E2:D5:B9:FD:20:45:03:D7:11:FC:98:8C:70:6C:BB:AF:F2
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 01856F1D8D8207EFF1F0BDF9BD149DBA76E0
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/YHHa4tW5_SBFA9cR_JiMcGy7r_I.roa
Signing time: Sun 01 Jan 2023 20:54:45 +0000
ROA not before: Sun 01 Jan 2023 20:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 193.32.178.0/24 maxlen: 24
193.32.179.0/24 maxlen: 24
193.32.177.0/24 maxlen: 24
185.236.23.0/24 maxlen: 24
185.236.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 06:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:8d:82:07:ef:f1:f0:bd:f9:bd:14:9d:ba:76:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Jan 1 20:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6071dae2d5b9fd204503d711fc988c706cbbaff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:90:cc:56:d6:be:8f:18:6f:db:7b:2c:b6:57:
11:c3:11:8e:6b:7b:80:a8:3f:17:04:dd:27:e2:e8:
b9:2d:b8:9c:ce:d9:b3:d6:cd:d5:c9:df:3f:24:ba:
fa:ec:2a:4d:5d:9b:b2:e9:84:b1:cf:d6:4f:42:e8:
f3:91:25:c0:ef:08:b1:b6:66:f8:31:b7:08:8e:bb:
a3:11:1a:65:a3:4e:ff:42:d2:4b:b4:64:f3:42:8e:
f1:bc:13:1b:c5:48:c6:2e:90:08:c5:ca:5c:03:fe:
ba:08:d5:8a:d3:13:1a:4f:cf:65:cb:ff:1a:7e:74:
1d:ec:3a:d5:1b:a5:88:a0:78:bf:77:b7:89:54:58:
eb:fc:14:15:eb:da:b5:78:76:b3:2a:2c:91:50:e5:
d1:32:0d:eb:a9:c9:7b:81:04:3a:00:df:3e:bd:ca:
72:2c:ab:aa:1d:e5:85:7e:88:39:bb:4f:d9:39:06:
76:26:17:82:48:de:bb:6f:e2:2c:18:c5:04:02:f4:
8e:2a:63:88:29:91:78:66:0a:b1:3e:fc:8a:ad:78:
50:31:c1:7c:e8:43:f9:e1:f0:66:ff:55:51:df:3a:
26:b4:3c:14:4b:2c:b1:b0:c1:cc:34:3c:c3:34:c1:
10:66:47:3f:c8:a8:bd:6a:26:19:9f:b3:5b:e2:94:
e7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:71:DA:E2:D5:B9:FD:20:45:03:D7:11:FC:98:8C:70:6C:BB:AF:F2
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/YHHa4tW5_SBFA9cR_JiMcGy7r_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
193.32.177.0-193.32.179.255
Signature Algorithm: sha256WithRSAEncryption
70:8b:0a:f3:38:ba:4e:17:c2:9a:ad:25:b5:b3:a8:6f:3f:1f:
9b:a0:b9:2d:ad:62:2a:bc:ae:be:7a:fa:67:fe:c3:38:84:59:
7f:84:54:8c:ff:b9:c1:35:be:da:b1:f1:8d:21:c2:9c:71:1a:
8f:3f:bb:e0:84:f1:3f:c2:27:4c:71:94:63:f9:3e:d7:bb:30:
53:c2:47:5c:b7:86:42:5f:a3:b2:6f:8c:e1:a6:51:aa:73:52:
2b:d4:3b:4b:31:a7:f9:19:c0:64:bf:ed:af:6a:dd:3b:f0:15:
e9:a0:10:a5:40:fe:52:67:3e:a2:bb:84:2e:c3:ad:76:a7:52:
23:b9:b4:0b:9d:72:b4:be:3f:9b:12:c0:b4:6b:56:11:10:04:
5f:0a:38:00:e1:c3:85:ad:42:39:d0:7e:9e:30:f8:b7:ea:dc:
11:30:67:0b:7e:84:5c:84:7b:14:e9:e2:78:43:e5:0d:1a:b4:
0b:b1:89:c2:99:2a:ea:23:60:62:ff:f9:b1:f5:5d:a2:b9:e8:
20:c7:3d:a6:b4:27:d0:e6:ad:bc:8e:c1:54:64:4f:d0:f6:3e:
fd:a7:72:ea:e4:be:d5:1b:85:0e:c7:2f:66:47:1a:ea:cb:cd:
a0:5b:bf:74:70:3e:ce:40:16:7a:db:9b:4e:6e:c8:b6:8d:79:
1d:24:fe:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvHY2CB+/x8L35vRSdunbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwMTAxMjA1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcxZGFlMmQ1YjlmZDIwNDUwM2Q3MTFmYzk4OGM3MDZjYmJhZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZDMVta+jxhv23sstlcRwxGOa3uA
qD8XBN0n4ui5Lbicztmz1s3Vyd8/JLr67CpNXZuy6YSxz9ZPQujzkSXA7wixtmb4
MbcIjrujERplo07/QtJLtGTzQo7xvBMbxUjGLpAIxcpcA/66CNWK0xMaT89ly/8a
fnQd7DrVG6WIoHi/d7eJVFjr/BQV69q1eHazKiyRUOXRMg3rqcl7gQQ6AN8+vcpy
LKuqHeWFfog5u0/ZOQZ2JheCSN67b+IsGMUEAvSOKmOIKZF4ZgqxPvyKrXhQMcF8
6EP54fBm/1VR3zomtDwUSyyxsMHMNDzDNMEQZkc/yKi9aiYZn7Nb4pTnLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGBx2uLVuf0gRQPXEfyYjHBsu6/yMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvWUhIYTR0VzVfU0JGQTljUl9KaU1jR3k3cl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuewWMAwD
BADBILEDBALBILAwDQYJKoZIhvcNAQELBQADggEBAHCLCvM4uk4XwpqtJbWzqG8/
H5uguS2tYiq8rr56+mf+wziEWX+EVIz/ucE1vtqx8Y0hwpxxGo8/u+CE8T/CJ0xx
lGP5Pte7MFPCR1y3hkJfo7JvjOGmUapzUivUO0sxp/kZwGS/7a9q3TvwFemgEKVA
/lJnPqK7hC7DrXanUiO5tAudcrS+P5sSwLRrVhEQBF8KOADhw4WtQjnQfp4w+Lfq
3BEwZwt+hFyEexTp4nhD5Q0atAuxicKZKuojYGL/+bH1XaK56CDHPaa0J9DmrbyO
wVRkT9D2Pv2ncurkvtUbhQ7HL2ZHGurLzaBbv3RwPs5AFnrbm05uyLaNeR0k/q8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:52 2024 by rpki-client on console-fra.rpki-client.org