Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/yDy0BTS6-VdGTxLIHuAepw-V9c4.roa
File: yDy0BTS6-VdGTxLIHuAepw-V9c4.roa (raw, json)
Hash identifier: eDeQUX4J1o9EAfEIS8TNPYc1b366z8fdWnISEvKZZrU=
Subject key identifier: C8:3C:B4:05:34:BA:F9:57:46:4F:12:C8:1E:E0:1E:A7:0F:95:F5:CE
Certificate issuer: /CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Certificate serial: 018CC64B20DB5B8F77AC99BF0B05F24F7358
Authority key identifier: 3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/yDy0BTS6-VdGTxLIHuAepw-V9c4.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204697
IP address blocks: 185.246.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:20:db:5b:8f:77:ac:99:bf:0b:05:f2:4f:73:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83cb40534baf957464f12c81ee01ea70f95f5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0d:21:c9:9b:00:7c:2d:c2:cd:0b:b5:65:0a:
3f:9f:d5:8d:4f:5a:15:95:e9:34:76:20:6d:49:21:
99:af:0f:0e:a9:63:94:22:75:4b:c7:79:1c:3b:2a:
ab:ba:2e:6d:85:01:54:06:ac:83:33:39:5c:85:08:
3e:ca:8a:fb:89:79:33:14:cb:75:07:cd:56:10:5a:
2a:94:61:8b:68:72:2a:0f:0e:ee:09:d1:b7:47:96:
bc:cc:42:b7:77:23:63:1a:f3:c2:47:72:34:a8:f4:
c0:b8:08:81:a7:85:7f:50:76:af:cf:28:1f:3e:fc:
10:1e:26:3f:a3:d8:31:2f:0e:31:e1:69:0e:5c:46:
ec:18:3a:1c:e0:47:92:17:89:80:0a:40:db:18:e9:
86:4f:78:5f:f0:08:d3:1c:c9:d4:c4:68:3a:f6:cb:
7b:ea:85:ec:71:78:c4:04:dc:e9:21:f4:88:8d:ec:
ee:a3:18:86:e0:38:93:79:0d:7c:75:64:1b:cf:b4:
79:42:0c:13:c6:40:82:5e:b3:47:32:a7:64:43:5b:
6c:f7:ae:d5:19:f7:77:5a:39:26:7f:f7:69:48:29:
bc:a7:4c:0e:91:d8:02:e6:ee:46:e0:27:e6:78:a7:
5e:ec:d8:fb:60:47:49:56:e6:10:ad:18:16:20:b3:
9f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3C:B4:05:34:BA:F9:57:46:4F:12:C8:1E:E0:1E:A7:0F:95:F5:CE
X509v3 Authority Key Identifier:
keyid:3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/yDy0BTS6-VdGTxLIHuAepw-V9c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.171.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f5:72:a0:71:56:8a:29:0f:43:33:0f:cb:c9:b3:bd:56:2d:
2e:89:49:06:5e:41:ab:d0:79:b8:82:a8:d2:47:13:4a:cf:3e:
66:5d:59:cc:d5:51:ca:c6:4f:3d:83:0f:9c:ff:57:ef:e2:fe:
35:bc:ab:a8:2c:f1:81:4f:39:18:a0:e6:ec:4b:ae:d0:06:82:
7c:a1:34:90:11:17:30:3d:ed:af:18:f9:24:03:39:e3:a5:95:
c6:1d:03:c1:db:e1:f3:bf:86:a5:53:c8:c7:1a:c7:fc:93:70:
13:67:08:da:e8:00:a5:1d:ca:bb:36:45:52:2a:14:66:17:89:
5b:83:e2:ad:fb:45:2c:4a:88:20:be:1c:e6:99:4a:c9:20:c9:
b0:aa:52:dc:fd:fe:f8:38:3e:c6:bb:8e:4a:7e:b4:0d:4c:52:
72:a9:52:12:8d:e5:cc:46:53:d4:61:53:b8:d2:40:24:75:0f:
e5:0d:99:a4:4f:61:12:e9:8c:92:cb:81:e8:b0:71:f4:cc:6b:
d6:b5:72:48:67:7f:84:f7:0f:00:68:a5:f7:90:d7:fa:ac:ef:
f8:d1:0d:2a:2c:fe:3f:a4:4b:f4:db:9e:b9:c7:4d:0c:07:74:
3e:c6:e6:a6:ce:99:9a:74:41:0b:2f:b6:12:21:ac:75:63:ac:
b1:14:42:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyDbW493rJm/CwXyT3NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTE0MzI5YjZjMWU2OTUwMTFhODI0MDZmN2FmNDhmNGJi
MTBhZDQwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNjYjQwNTM0YmFmOTU3NDY0ZjEyYzgxZWUwMWVhNzBmOTVmNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Q0hyZsAfC3CzQu1ZQo/n9WNT1oV
lek0diBtSSGZrw8OqWOUInVLx3kcOyqrui5thQFUBqyDMzlchQg+yor7iXkzFMt1
B81WEFoqlGGLaHIqDw7uCdG3R5a8zEK3dyNjGvPCR3I0qPTAuAiBp4V/UHavzygf
PvwQHiY/o9gxLw4x4WkOXEbsGDoc4EeSF4mACkDbGOmGT3hf8AjTHMnUxGg69st7
6oXscXjEBNzpIfSIjezuoxiG4DiTeQ18dWQbz7R5QgwTxkCCXrNHMqdkQ1ts967V
Gfd3Wjkmf/dpSCm8p0wOkdgC5u5G4CfmeKde7Nj7YEdJVuYQrRgWILOf7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMg8tAU0uvlXRk8SyB7gHqcPlfXOMB8GA1UdIwQY
MBaAFD/hQym2weaVARqCQG969I9LsQrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQt
YzNkNTdlMjM4N2NhLzEveUR5MEJUUzYtVmRHVHhMSUh1QWVwdy1WOWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQtYzNkNTdlMjM4N2Nh
LzEvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufarMA0G
CSqGSIb3DQEBCwUAA4IBAQAg9XKgcVaKKQ9DMw/LybO9Vi0uiUkGXkGr0Hm4gqjS
RxNKzz5mXVnM1VHKxk89gw+c/1fv4v41vKuoLPGBTzkYoObsS67QBoJ8oTSQERcw
Pe2vGPkkAznjpZXGHQPB2+Hzv4alU8jHGsf8k3ATZwja6AClHcq7NkVSKhRmF4lb
g+Kt+0UsSoggvhzmmUrJIMmwqlLc/f74OD7Gu45KfrQNTFJyqVISjeXMRlPUYVO4
0kAkdQ/lDZmkT2ES6YySy4HosHH0zGvWtXJIZ3+E9w8AaKX3kNf6rO/40Q0qLP4/
pEv02565x00MB3Q+xuamzpmadEELL7YSIax1Y6yxFELJ
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:10 2024 by rpki-client on console-ams.rpki-client.org