Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/YDgczOzxM64bwqE6DvRYRAeNL4I.roa
File: YDgczOzxM64bwqE6DvRYRAeNL4I.roa (raw, json)
Hash identifier: G9qfXvnw2lPzMiyTMc8SGcde2WVLgz3WxCL90OrAgag=
Subject key identifier: 60:38:1C:CC:EC:F1:33:AE:1B:C2:A1:3A:0E:F4:58:44:07:8D:2F:82
Certificate issuer: /CN=659a6b975eafd2ce51468723814355f56c55bafb
Certificate serial: 0185704BC114244E6BA7D4F99E52E58EFEC5
Authority key identifier: 65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/YDgczOzxM64bwqE6DvRYRAeNL4I.roa
Signing time: Mon 02 Jan 2023 02:24:50 +0000
ROA not before: Mon 02 Jan 2023 02:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 194.125.233.0/24 maxlen: 24
194.125.232.0/24 maxlen: 24
194.125.232.0/22 maxlen: 24
194.242.32.0/24 maxlen: 24
194.125.234.0/24 maxlen: 24
194.125.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c1:14:24:4e:6b:a7:d4:f9:9e:52:e5:8e:fe:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659a6b975eafd2ce51468723814355f56c55bafb
Validity
Not Before: Jan 2 02:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60381cccecf133ae1bc2a13a0ef45844078d2f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:48:88:e6:e1:ad:0f:eb:aa:53:61:c7:c0:c5:
d6:13:62:fa:2c:a1:3b:07:36:eb:77:60:e6:de:97:
14:35:97:26:85:3b:49:6d:aa:64:62:f2:5c:51:86:
5f:ad:f1:5b:60:46:43:72:e1:17:0e:81:08:92:75:
49:48:30:4e:27:b1:12:24:0c:49:25:35:8a:43:82:
15:52:37:68:c2:d3:67:75:bf:b6:f7:c8:97:0f:27:
9b:ce:80:1c:67:48:24:45:d9:c3:97:71:60:46:b1:
91:00:a4:39:d3:65:8f:73:ee:d1:28:0c:76:20:70:
20:1c:6a:7f:d6:58:8d:fb:1b:0c:5f:5a:b0:9d:a0:
b5:42:b2:9f:8e:e3:86:c7:1d:4d:da:9a:34:ac:ad:
c6:64:aa:70:3b:9b:39:a9:55:09:0d:e9:62:94:1a:
e3:83:6e:dd:0b:a3:bc:bb:76:bf:89:30:49:b1:2a:
dd:98:00:4a:35:45:58:b5:db:bf:05:eb:cc:cd:d7:
fb:89:53:7a:d2:4a:20:01:1d:2c:dd:f3:37:20:6d:
e0:72:ac:c1:9e:92:25:6b:67:71:e9:c3:0a:52:0d:
23:b1:18:2e:34:7f:f9:db:63:ba:2a:13:e2:be:5a:
0e:25:ee:45:4a:ee:7c:d9:4a:a0:28:f9:99:d9:13:
95:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:38:1C:CC:EC:F1:33:AE:1B:C2:A1:3A:0E:F4:58:44:07:8D:2F:82
X509v3 Authority Key Identifier:
keyid:65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/YDgczOzxM64bwqE6DvRYRAeNL4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.232.0/22
194.242.32.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c6:f9:bd:23:00:05:f2:ec:26:84:28:13:c6:29:b4:ad:8d:
f5:97:fd:15:dc:27:9a:bc:22:86:ea:9d:44:32:53:fe:36:4d:
7b:01:a8:4a:b4:c1:33:86:77:7a:09:15:4d:ac:b0:af:e1:74:
77:c8:12:83:e0:b8:06:49:c3:c2:25:7a:87:73:74:26:c4:42:
19:0f:0c:24:4c:b3:1a:b3:60:fe:04:ee:c6:9c:79:a4:4c:6c:
69:5d:48:5d:43:9f:6f:cf:17:0c:ea:6b:25:8e:ff:70:81:a1:
a1:11:71:76:30:31:d3:74:4b:7e:9b:b7:b0:d9:7f:e9:02:03:
e5:03:5a:0b:cc:80:b3:24:b8:5f:62:4c:8f:9d:25:2e:e1:f0:
2f:9f:e3:9a:7f:55:33:da:9b:ba:cd:90:89:e3:a9:68:e8:f5:
84:4d:d3:ec:bb:a8:6a:36:c1:ee:42:8c:79:62:e7:62:3a:db:
c3:92:85:ac:9c:41:25:9e:78:91:b0:73:84:01:a3:95:6d:7b:
e1:b5:5f:7a:e5:17:e2:b5:d3:5e:43:65:81:f3:38:41:23:c3:
44:b6:f0:9c:4f:bb:56:d2:4b:d1:72:c6:c1:82:cf:6f:da:a5:
fa:a1:3b:2d:fa:39:40:50:07:e1:62:31:f4:d1:b5:9a:95:d1:
d9:99:9e:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS8EUJE5rp9T5nlLljv7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWE2Yjk3NWVhZmQyY2U1MTQ2ODcyMzgxNDM1NWY1NmM1
NWJhZmIwHhcNMjMwMTAyMDIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDM4MWNjY2VjZjEzM2FlMWJjMmExM2EwZWY0NTg0NDA3OGQyZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEiI5uGtD+uqU2HHwMXWE2L6LKE7
Bzbrd2Dm3pcUNZcmhTtJbapkYvJcUYZfrfFbYEZDcuEXDoEIknVJSDBOJ7ESJAxJ
JTWKQ4IVUjdowtNndb+298iXDyebzoAcZ0gkRdnDl3FgRrGRAKQ502WPc+7RKAx2
IHAgHGp/1liN+xsMX1qwnaC1QrKfjuOGxx1N2po0rK3GZKpwO5s5qVUJDelilBrj
g27dC6O8u3a/iTBJsSrdmABKNUVYtdu/BevMzdf7iVN60kogAR0s3fM3IG3gcqzB
npIla2dx6cMKUg0jsRguNH/522O6KhPivloOJe5FSu582UqgKPmZ2ROVlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGA4HMzs8TOuG8KhOg70WEQHjS+CMB8GA1UdIwQY
MBaAFGWaa5der9LOUUaHI4FDVfVsVbr7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQt
ZWZmM2NkY2JkMDBhLzEvWURnY3pPenhNNjRid3FFNkR2UllSQWVOTDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQtZWZmM2NkY2JkMDBh
LzEvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwn3oAwQA
wvIgMA0GCSqGSIb3DQEBCwUAA4IBAQAAxvm9IwAF8uwmhCgTxim0rY31l/0V3Cea
vCKG6p1EMlP+Nk17AahKtMEzhnd6CRVNrLCv4XR3yBKD4LgGScPCJXqHc3QmxEIZ
DwwkTLMas2D+BO7GnHmkTGxpXUhdQ59vzxcM6msljv9wgaGhEXF2MDHTdEt+m7ew
2X/pAgPlA1oLzICzJLhfYkyPnSUu4fAvn+Oaf1Uz2pu6zZCJ46lo6PWETdPsu6hq
NsHuQox5YudiOtvDkoWsnEElnniRsHOEAaOVbXvhtV965RfitdNeQ2WB8zhBI8NE
tvCcT7tW0kvRcsbBgs9v2qX6oTst+jlAUAfhYjH00bWaldHZmZ68
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org