Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/YBRP0Yj4hQxqvRc18PuIdxBij1k.roa
File: YBRP0Yj4hQxqvRc18PuIdxBij1k.roa (raw, json)
Hash identifier: 2ocwO7J8tvH+Uquz8qyewhMjitcAItlphZIDcM60V20=
Subject key identifier: 60:14:4F:D1:88:F8:85:0C:6A:BD:17:35:F0:FB:88:77:10:62:8F:59
Certificate issuer: /CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Certificate serial: 018572A7E4B6EDF4A380DD493143C9677747
Authority key identifier: C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/YBRP0Yj4hQxqvRc18PuIdxBij1k.roa
Signing time: Mon 02 Jan 2023 13:24:43 +0000
ROA not before: Mon 02 Jan 2023 13:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31043
IP address blocks: 195.47.232.0/24 maxlen: 24
185.117.112.0/22 maxlen: 22
2a0c:3180::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:e4:b6:ed:f4:a3:80:dd:49:31:43:c9:67:77:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Validity
Not Before: Jan 2 13:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60144fd188f8850c6abd1735f0fb887710628f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a1:18:57:69:ab:3b:cd:69:dd:5c:d1:4d:92:
06:85:55:c3:62:b2:a4:31:35:37:dd:7f:46:e4:10:
25:7b:83:ea:85:b5:8f:d4:15:a1:36:fa:e2:07:c5:
99:f5:40:9f:8d:b7:e4:6e:79:5a:be:6e:f4:f6:61:
2e:bc:5a:dc:f5:88:04:d5:55:82:80:28:dc:5e:27:
b7:49:25:52:77:24:45:40:a6:9b:1e:3c:f9:98:c4:
2e:e6:27:13:85:69:3f:31:97:dd:d2:ba:9b:a0:46:
41:86:01:0d:98:2b:78:63:bf:84:8d:85:b0:bf:b2:
5b:64:7f:13:26:ca:ad:3e:7d:33:24:11:73:d8:39:
cf:2b:4d:11:0e:30:12:0c:63:94:72:c4:77:da:e3:
48:8a:ac:6a:75:35:5a:ca:b6:a5:15:b9:f0:48:57:
58:09:8c:b4:47:dd:47:95:33:2c:99:47:fa:c7:d9:
d5:5d:04:d3:9b:43:aa:70:e0:f7:88:6f:be:28:aa:
f3:66:27:35:85:f8:85:2d:a9:db:e9:b2:30:30:f4:
4f:00:12:b5:b5:8b:18:4f:fd:70:40:25:3e:75:22:
68:e1:ba:ae:1b:e5:4f:3a:f2:f3:c2:05:04:fe:e1:
24:e6:88:50:60:b4:45:8a:94:a3:5f:bc:d6:d3:c0:
4f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:14:4F:D1:88:F8:85:0C:6A:BD:17:35:F0:FB:88:77:10:62:8F:59
X509v3 Authority Key Identifier:
keyid:C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/YBRP0Yj4hQxqvRc18PuIdxBij1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.112.0/22
195.47.232.0/24
IPv6:
2a0c:3180::/32
Signature Algorithm: sha256WithRSAEncryption
58:5e:56:bd:47:ef:df:ce:fa:81:bd:03:de:77:e6:8a:74:d1:
e5:d9:ac:cd:b7:82:ca:05:21:14:f1:a5:47:02:bc:29:b4:83:
97:8a:aa:d0:d9:7e:dc:6f:b8:f0:19:5c:5e:1f:2f:b8:7b:70:
e4:ad:98:f0:d0:5f:93:2b:d1:a2:9b:02:90:da:f6:9d:dd:67:
9e:40:ca:c3:77:2a:1f:6d:04:93:66:c1:aa:bc:2c:9d:46:80:
7f:e9:8c:44:91:04:13:7d:fa:44:c9:d5:94:37:55:ef:a3:be:
37:81:b9:44:d9:95:9a:6c:03:c3:79:69:e3:82:32:eb:86:2d:
4b:9d:2b:e5:6a:80:2d:a9:d2:d9:60:8a:45:8f:dc:15:ea:8a:
c0:50:37:e5:85:a3:71:cd:90:f3:dc:31:0e:fe:2c:2c:17:8b:
60:e9:72:d6:e0:b3:0e:11:ea:b3:d4:a3:a3:76:9b:9d:c4:4d:
22:05:c6:e7:55:45:d5:c2:40:55:3c:fa:d2:fa:74:4e:54:4b:
8d:a7:ea:39:e2:ec:bd:39:24:e8:40:06:0e:87:63:92:fe:b0:
25:ba:14:ac:6e:05:98:dc:88:bc:f6:3e:5a:f1:2e:3c:08:66:
80:68:45:0c:81:f8:bc:cb:84:d5:a3:94:df:59:43:0d:7a:82:
e0:b4:33:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyp+S27fSjgN1JMUPJZ3dHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTQ5ZjY1YTNkNjgwYzQyOGZkOTRkNjdlNjVhMjcwOWYw
MjkyY2YwHhcNMjMwMTAyMTMyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE0NGZkMTg4Zjg4NTBjNmFiZDE3MzVmMGZiODg3NzEwNjI4ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qEYV2mrO81p3VzRTZIGhVXDYrKk
MTU33X9G5BAle4PqhbWP1BWhNvriB8WZ9UCfjbfkbnlavm709mEuvFrc9YgE1VWC
gCjcXie3SSVSdyRFQKabHjz5mMQu5icThWk/MZfd0rqboEZBhgENmCt4Y7+EjYWw
v7JbZH8TJsqtPn0zJBFz2DnPK00RDjASDGOUcsR32uNIiqxqdTVayralFbnwSFdY
CYy0R91HlTMsmUf6x9nVXQTTm0OqcOD3iG++KKrzZic1hfiFLanb6bIwMPRPABK1
tYsYT/1wQCU+dSJo4bquG+VPOvLzwgUE/uEk5ohQYLRFipSjX7zW08BPywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGAUT9GI+IUMar0XNfD7iHcQYo9ZMB8GA1UdIwQY
MBaAFMOkn2Wj1oDEKP2U1n5lonCfApLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQt
ZjMzNzk3ZTM5YmIyLzEvWUJSUDBZajRoUXhxdlJjMThQdUlkeEJpajFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQtZjMzNzk3ZTM5YmIy
LzEvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXVwAwQA
wy/oMA0EAgACMAcDBQAqDDGAMA0GCSqGSIb3DQEBCwUAA4IBAQBYXla9R+/fzvqB
vQPed+aKdNHl2azNt4LKBSEU8aVHArwptIOXiqrQ2X7cb7jwGVxeHy+4e3DkrZjw
0F+TK9GimwKQ2vad3WeeQMrDdyofbQSTZsGqvCydRoB/6YxEkQQTffpEydWUN1Xv
o743gblE2ZWabAPDeWnjgjLrhi1LnSvlaoAtqdLZYIpFj9wV6orAUDflhaNxzZDz
3DEO/iwsF4tg6XLW4LMOEeqz1KOjdpudxE0iBcbnVUXVwkBVPPrS+nROVEuNp+o5
4uy9OSToQAYOh2OS/rAluhSsbgWY3Ii89j5a8S48CGaAaEUMgfi8y4TVo5TfWUMN
eoLgtDP6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:47 2024 by rpki-client on console-ams.rpki-client.org