Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/mY-jmCiEpWhSQCnDY4FXIPF4ZMA.roa
File: mY-jmCiEpWhSQCnDY4FXIPF4ZMA.roa (raw, json)
Hash identifier: i0TYY5nKdDPYj9ghtIIXn9ACSeCE1VzqHmGrTWA9RNU=
Subject key identifier: 99:8F:A3:98:28:84:A5:68:52:40:29:C3:63:81:57:20:F1:78:64:C0
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 018BF3128E7F258FA2B816575BFA19CC0FD3
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/mY-jmCiEpWhSQCnDY4FXIPF4ZMA.roa
Signing time: Tue 21 Nov 2023 18:09:21 +0000
ROA not before: Tue 21 Nov 2023 18:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41075
IP address blocks: 185.6.136.0/22 maxlen: 22
95.140.33.0/24 maxlen: 24
94.199.176.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f3:12:8e:7f:25:8f:a2:b8:16:57:5b:fa:19:cc:0f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Nov 21 18:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=998fa3982884a568524029c363815720f17864c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9f:4c:05:36:91:b1:c5:27:f4:00:3c:d2:cf:
b0:dc:42:22:12:5e:e1:10:9a:d3:6f:cd:ad:5a:a4:
2a:b4:5b:45:42:12:99:f4:87:90:e4:0d:0f:0d:66:
5b:3c:dc:82:e8:13:d1:7e:3f:2a:63:f5:5d:82:c4:
79:95:3c:cf:2a:1c:73:b9:1a:67:bc:34:fe:6c:77:
25:c4:b4:be:d6:8d:fe:ea:7e:97:52:78:9e:6b:f6:
05:a9:53:6a:02:94:8d:b4:38:fc:10:bc:f9:7c:7d:
07:8e:e4:b9:83:74:dc:92:d6:9a:43:8a:06:f7:95:
e4:93:30:53:af:df:5e:46:b9:73:14:23:51:1d:e7:
d3:59:e2:5e:0c:86:11:3d:a8:21:48:18:c8:49:a2:
84:b1:c9:18:cf:c6:62:8a:37:66:cd:89:3d:ea:6a:
c4:9c:c3:df:fa:f2:2a:1c:f0:96:b9:7e:37:2d:88:
0d:df:11:70:eb:e9:52:6d:bf:9d:da:b0:37:6e:01:
9f:57:ed:71:f7:d6:80:15:ba:bd:8c:aa:b6:ec:6d:
d9:6f:5c:e0:05:6d:7f:b3:03:35:32:11:a2:18:ee:
87:e1:f0:82:0a:61:75:cd:a9:bb:f9:25:06:2a:35:
4d:80:67:86:d9:3c:3b:b4:c1:ca:72:ee:27:e3:29:
f9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8F:A3:98:28:84:A5:68:52:40:29:C3:63:81:57:20:F1:78:64:C0
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/mY-jmCiEpWhSQCnDY4FXIPF4ZMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.176.0/23
95.140.33.0/24
185.6.136.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:0d:a6:a9:8c:a0:6d:6f:36:5d:b6:e9:62:c0:f1:01:96:03:
16:a7:d4:81:fe:6f:de:2a:a5:ac:ff:be:d0:dc:a1:35:b8:50:
fb:29:a8:b8:f1:4b:06:24:85:93:fe:af:78:61:31:bb:d7:cb:
1b:94:ac:ff:4f:02:13:d0:83:28:c7:c8:b6:63:eb:b5:e4:a4:
24:51:41:62:8b:ef:78:ce:86:2c:0b:a3:8f:c5:63:21:63:04:
bf:7e:21:f3:81:b8:11:2f:0c:66:c7:1d:c2:5c:1c:70:ab:54:
60:09:ee:15:b3:0d:4b:c3:3d:bc:96:79:f0:4e:02:e4:5d:4b:
65:7f:fc:bd:b2:85:9f:a7:95:0a:8e:44:b3:2d:33:c0:33:eb:
8c:f6:de:86:74:c0:18:5d:af:12:da:32:aa:28:37:51:d2:eb:
65:15:b6:bf:d1:7e:47:bf:9b:78:39:73:c5:91:fa:c2:35:fe:
72:34:23:3c:41:c6:da:18:68:42:cd:e0:92:db:47:a3:b5:77:
15:12:e8:d6:eb:b6:8c:f0:c5:79:c0:93:6b:28:5f:69:8f:fd:
be:bb:7d:c2:ed:58:13:5d:e9:7c:e8:c0:a8:7e:f1:bf:57:86:
5a:15:ce:c2:f6:60:51:5d:d9:e1:db:e5:a2:f5:88:c1:c1:04:
0b:4b:3a:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvzEo5/JY+iuBZXW/oZzA/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjMxMTIxMTgwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OThmYTM5ODI4ODRhNTY4NTI0MDI5YzM2MzgxNTcyMGYxNzg2NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ9MBTaRscUn9AA80s+w3EIiEl7h
EJrTb82tWqQqtFtFQhKZ9IeQ5A0PDWZbPNyC6BPRfj8qY/VdgsR5lTzPKhxzuRpn
vDT+bHclxLS+1o3+6n6XUniea/YFqVNqApSNtDj8ELz5fH0HjuS5g3TcktaaQ4oG
95XkkzBTr99eRrlzFCNRHefTWeJeDIYRPaghSBjISaKEsckYz8ZiijdmzYk96mrE
nMPf+vIqHPCWuX43LYgN3xFw6+lSbb+d2rA3bgGfV+1x99aAFbq9jKq27G3Zb1zg
BW1/swM1MhGiGO6H4fCCCmF1zam7+SUGKjVNgGeG2Tw7tMHKcu4n4yn5rQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmPo5gohKVoUkApw2OBVyDxeGTAMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvbVktam1DaUVwV2hTUUNuRFk0RlhJUEY0Wk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXsewAwQA
X4whAwQCuQaIMA0GCSqGSIb3DQEBCwUAA4IBAQC/DaapjKBtbzZdtuliwPEBlgMW
p9SB/m/eKqWs/77Q3KE1uFD7Kai48UsGJIWT/q94YTG718sblKz/TwIT0IMox8i2
Y+u15KQkUUFii+94zoYsC6OPxWMhYwS/fiHzgbgRLwxmxx3CXBxwq1RgCe4Vsw1L
wz28lnnwTgLkXUtlf/y9soWfp5UKjkSzLTPAM+uM9t6GdMAYXa8S2jKqKDdR0utl
Fba/0X5Hv5t4OXPFkfrCNf5yNCM8QcbaGGhCzeCS20ejtXcVEujW67aM8MV5wJNr
KF9pj/2+u33C7VgTXel86MCofvG/V4ZaFc7C9mBRXdnh2+Wi9YjBwQQLSzrt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org