Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aYaImZmtGpTwv5AAqzS81RGxaKw.roa
File: aYaImZmtGpTwv5AAqzS81RGxaKw.roa (raw, json)
Hash identifier: EYsIBahXKbGgrvY++jc84K2ta2n7XgZQKYqTO+DHoac=
Subject key identifier: 69:86:88:99:99:AD:1A:94:F0:BF:90:00:AB:34:BC:D5:11:B1:68:AC
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 0188B4E19BF1211DA15BD48C715AD8F69199
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aYaImZmtGpTwv5AAqzS81RGxaKw.roa
Signing time: Tue 13 Jun 2023 13:11:04 +0000
ROA not before: Tue 13 Jun 2023 13:11:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41075
IP address blocks: 185.6.136.0/22 maxlen: 22
94.199.176.0/23 maxlen: 24
185.234.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 07:33:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:e1:9b:f1:21:1d:a1:5b:d4:8c:71:5a:d8:f6:91:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jun 13 13:11:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6986889999ad1a94f0bf9000ab34bcd511b168ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:2b:71:f7:ed:b2:ac:69:b2:81:ab:3a:f5:
c7:9d:99:9d:34:ee:6c:88:b1:ce:e2:ad:e6:27:12:
9c:07:e2:49:41:44:68:74:d0:8e:28:bf:cf:fe:b6:
3e:4b:e5:5f:60:1a:19:7a:ac:28:3d:aa:fc:8c:02:
65:e1:66:f0:bb:19:90:c9:be:97:a0:e6:de:47:40:
03:cf:b7:4e:59:64:fd:12:81:38:c5:95:fd:d0:cf:
7c:a8:28:7b:18:51:42:47:09:f0:3b:2f:de:6e:21:
04:d4:7b:df:91:37:9e:af:1f:64:9d:b3:b6:2b:36:
e2:e4:48:d9:04:a8:41:49:aa:ca:1a:8c:7a:e6:f1:
9f:1c:05:82:ba:51:a1:ea:e7:2f:35:f1:fe:ca:80:
9f:47:65:27:a2:52:7b:41:8d:d3:4c:78:9e:47:d6:
02:c5:81:bb:02:94:7a:f2:bd:8d:b7:d5:ac:cd:20:
2b:14:c9:a2:5f:0e:1d:fd:a3:74:ce:f5:3e:a8:99:
59:a2:d6:b8:9a:31:93:85:1d:f1:09:9f:a7:75:21:
b4:20:f4:6a:78:7b:4a:80:a4:ce:22:d8:8c:f9:54:
94:b6:03:66:1e:ae:33:da:b1:ce:67:a0:78:50:0a:
60:25:72:8f:a1:b3:b6:23:53:10:f0:fc:90:34:c3:
e2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:86:88:99:99:AD:1A:94:F0:BF:90:00:AB:34:BC:D5:11:B1:68:AC
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aYaImZmtGpTwv5AAqzS81RGxaKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.176.0/23
185.6.136.0/22
185.234.180.0/22
Signature Algorithm: sha256WithRSAEncryption
35:30:05:82:0d:9e:11:3f:19:bd:07:e0:50:aa:71:eb:c5:bd:
15:db:b6:c8:8b:2a:47:c4:74:f9:bc:1d:72:d3:b2:9c:c8:04:
36:25:fd:99:0d:b7:a0:5c:cd:7d:d7:eb:48:83:fc:d2:ea:5d:
ab:30:00:d0:4f:1b:30:ee:a9:23:74:8a:62:13:5a:11:ec:0f:
d1:26:a9:b5:1a:28:4f:29:6a:94:ab:00:d0:48:93:0d:46:d9:
0d:4d:39:f4:93:fc:54:cd:42:2c:76:bd:e0:39:41:4e:c6:c3:
c3:9c:52:ec:54:b7:95:1b:a5:bb:31:b1:99:e9:f1:63:4a:93:
6c:94:ce:d0:d2:5c:56:cd:ee:18:bb:09:5f:dc:ff:f0:63:7c:
66:44:bb:8b:9c:3a:fc:4a:f4:bc:7a:1a:56:49:75:2e:b4:c0:
21:f8:ba:03:1b:f7:2f:a3:45:49:5e:18:e8:9a:07:07:c2:d9:
bd:9d:18:10:4c:86:1b:3f:e7:1c:fb:06:94:fb:1c:68:f8:39:
8a:14:0a:84:05:0f:34:00:a8:17:b7:57:28:e8:eb:7f:42:b2:
c1:92:e2:dc:37:fb:81:5b:4f:01:da:7b:fd:9d:43:47:76:2b:
07:ff:f0:d4:16:de:89:d0:08:0a:aa:9a:a0:ca:9f:a8:7f:d2:
de:f8:57:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi04ZvxIR2hW9SMcVrY9pGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjMwNjEzMTMxMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTg2ODg5OTk5YWQxYTk0ZjBiZjkwMDBhYjM0YmNkNTExYjE2OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkwrcfftsqxpsoGrOvXHnZmdNO5s
iLHO4q3mJxKcB+JJQURodNCOKL/P/rY+S+VfYBoZeqwoPar8jAJl4WbwuxmQyb6X
oObeR0ADz7dOWWT9EoE4xZX90M98qCh7GFFCRwnwOy/ebiEE1HvfkTeerx9knbO2
Kzbi5EjZBKhBSarKGox65vGfHAWCulGh6ucvNfH+yoCfR2UnolJ7QY3TTHieR9YC
xYG7ApR68r2Nt9WszSArFMmiXw4d/aN0zvU+qJlZota4mjGThR3xCZ+ndSG0IPRq
eHtKgKTOItiM+VSUtgNmHq4z2rHOZ6B4UApgJXKPobO2I1MQ8PyQNMPiHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGmGiJmZrRqU8L+QAKs0vNURsWisMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvYVlhSW1abXRHcFR3djVBQXF6UzgxUkd4YUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXsewAwQC
uQaIAwQCueq0MA0GCSqGSIb3DQEBCwUAA4IBAQA1MAWCDZ4RPxm9B+BQqnHrxb0V
27bIiypHxHT5vB1y07KcyAQ2Jf2ZDbegXM191+tIg/zS6l2rMADQTxsw7qkjdIpi
E1oR7A/RJqm1GihPKWqUqwDQSJMNRtkNTTn0k/xUzUIsdr3gOUFOxsPDnFLsVLeV
G6W7MbGZ6fFjSpNslM7Q0lxWze4Yuwlf3P/wY3xmRLuLnDr8SvS8ehpWSXUutMAh
+LoDG/cvo0VJXhjomgcHwtm9nRgQTIYbP+cc+waU+xxo+DmKFAqEBQ80AKgXt1co
6Ot/QrLBkuLcN/uBW08B2nv9nUNHdisH//DUFt6J0AgKqpqgyp+of9Le+FdH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org