Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/yv5yVTvBBfCNz-4INpOcaSGqocQ.roa
File: yv5yVTvBBfCNz-4INpOcaSGqocQ.roa (raw, json)
Hash identifier: CfNqkSKt4ocxEzKKrzftpsHtECWlKqHaFX31n6iXyQY=
Subject key identifier: CA:FE:72:55:3B:C1:05:F0:8D:CF:EE:08:36:93:9C:69:21:AA:A1:C4
Certificate issuer: /CN=36b413e536d99353f0b050ee746ffdd24edb5930
Certificate serial: 01856E6FA9E08609F67FF165A9F89FFC9D69
Authority key identifier: 36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/yv5yVTvBBfCNz-4INpOcaSGqocQ.roa
Signing time: Sun 01 Jan 2023 17:44:49 +0000
ROA not before: Sun 01 Jan 2023 17:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47901
IP address blocks: 94.125.226.0/24 maxlen: 24
94.125.225.0/24 maxlen: 24
94.125.224.0/24 maxlen: 24
94.125.231.0/24 maxlen: 24
94.125.230.0/24 maxlen: 24
94.125.229.0/24 maxlen: 24
94.125.228.0/24 maxlen: 24
94.125.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a9:e0:86:09:f6:7f:f1:65:a9:f8:9f:fc:9d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b413e536d99353f0b050ee746ffdd24edb5930
Validity
Not Before: Jan 1 17:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cafe72553bc105f08dcfee0836939c6921aaa1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5a:7c:7f:ce:71:3b:de:33:d8:62:71:dd:dc:
ae:95:49:35:ca:ae:19:31:70:60:7c:10:fd:49:51:
59:a2:8e:ce:7e:9c:81:a1:84:39:cc:7e:66:f2:31:
af:db:4a:57:29:82:27:8c:21:50:16:ec:13:97:4e:
fb:00:b6:fa:34:60:7f:be:1c:a0:72:a6:ec:df:d8:
a6:56:a9:97:b2:ca:9a:0d:13:6d:c1:15:28:3c:33:
ec:82:e8:f6:d4:8e:35:10:22:aa:b8:fe:03:65:b9:
36:23:0e:b3:bc:47:3e:52:09:56:1b:c5:61:08:ca:
69:2f:ce:00:3a:bc:da:26:1c:45:95:75:0b:61:c6:
b8:06:c9:32:10:98:6b:22:86:29:a3:22:0e:70:4f:
b6:0e:0d:9a:21:b1:92:5b:bb:02:40:4f:d3:e9:42:
99:43:00:81:05:a9:7f:31:78:7e:20:bd:4d:f7:1e:
a2:e6:f4:53:90:57:f2:2f:c8:5f:0f:f9:e5:da:98:
9e:9d:e5:b8:ba:1d:02:96:c9:d2:b7:99:88:13:15:
96:3f:ff:bc:bb:0f:31:6b:a1:e0:e9:3d:90:f4:fe:
f5:3c:fb:b1:6e:8a:4b:fd:84:5e:32:66:ce:f6:1a:
dd:f6:71:4e:2c:9b:92:d3:0e:4b:4c:26:55:76:df:
69:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FE:72:55:3B:C1:05:F0:8D:CF:EE:08:36:93:9C:69:21:AA:A1:C4
X509v3 Authority Key Identifier:
keyid:36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/yv5yVTvBBfCNz-4INpOcaSGqocQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.224.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:ce:a8:54:4a:b9:e7:84:66:9c:ee:37:ee:8c:08:19:1a:a2:
62:4d:72:61:78:86:b9:2a:b5:f8:05:92:32:2b:9f:10:2f:be:
1c:e8:48:2a:ae:4b:4a:5f:b9:8d:a9:d1:7c:45:6f:04:8e:2d:
6f:67:e9:22:bc:32:fa:22:ec:69:d1:d3:9e:80:f9:eb:da:c8:
e7:68:bc:6f:48:a3:30:cf:d3:64:64:fc:bc:67:16:73:d4:c4:
b0:ca:8a:28:03:e9:c4:9b:a7:da:01:82:9d:53:f7:69:b0:18:
94:ef:46:3a:48:89:43:4c:7d:3d:3f:0d:de:51:f1:10:1a:41:
69:64:ae:f2:57:4c:18:a5:e8:5e:82:56:d5:87:94:24:3f:f5:
32:97:fc:f7:5c:2c:a6:af:cd:6f:7b:83:64:fc:8b:6b:92:de:
c9:3f:57:ed:b2:5f:07:db:b6:4f:7b:a1:a8:32:8f:6a:23:17:
f2:7c:2e:a9:0a:ba:ce:d1:d9:87:4d:fc:09:a2:de:1c:9b:0c:
cb:d9:83:f3:6b:85:1d:d2:bc:57:3e:90:f2:4c:bd:b9:4b:5b:
b2:23:90:03:7e:c6:fd:b3:32:44:59:11:5f:ea:5d:c2:40:3d:
3c:2e:4b:34:44:7b:74:24:7a:5c:76:be:c9:9b:7e:d4:7a:b2:
eb:96:59:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub6nghgn2f/Flqfif/J1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjQxM2U1MzZkOTkzNTNmMGIwNTBlZTc0NmZmZGQyNGVk
YjU5MzAwHhcNMjMwMTAxMTc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZlNzI1NTNiYzEwNWYwOGRjZmVlMDgzNjkzOWM2OTIxYWFhMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglp8f85xO94z2GJx3dyulUk1yq4Z
MXBgfBD9SVFZoo7OfpyBoYQ5zH5m8jGv20pXKYInjCFQFuwTl077ALb6NGB/vhyg
cqbs39imVqmXssqaDRNtwRUoPDPsguj21I41ECKquP4DZbk2Iw6zvEc+UglWG8Vh
CMppL84AOrzaJhxFlXULYca4BskyEJhrIoYpoyIOcE+2Dg2aIbGSW7sCQE/T6UKZ
QwCBBal/MXh+IL1N9x6i5vRTkFfyL8hfD/nl2pieneW4uh0ClsnSt5mIExWWP/+8
uw8xa6Hg6T2Q9P71PPuxbopL/YReMmbO9hrd9nFOLJuS0w5LTCZVdt9pVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMr+clU7wQXwjc/uCDaTnGkhqqHEMB8GA1UdIwQY
MBaAFDa0E+U22ZNT8LBQ7nRv/dJO21kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEt
YTFmNTczZDA2OWRhLzEveXY1eVZUdkJCZkNOei00SU5wT2NhU0dxb2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lNjYyOTYtMDQ3OS00YzUyLTljZWEtYTFmNTczZDA2OWRh
LzEvTnJRVDVUYlprMVB3c0ZEdWRHXzkwazdiV1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn3gMA0G
CSqGSIb3DQEBCwUAA4IBAQAuzqhUSrnnhGac7jfujAgZGqJiTXJheIa5KrX4BZIy
K58QL74c6EgqrktKX7mNqdF8RW8Eji1vZ+kivDL6Iuxp0dOegPnr2sjnaLxvSKMw
z9NkZPy8ZxZz1MSwyoooA+nEm6faAYKdU/dpsBiU70Y6SIlDTH09Pw3eUfEQGkFp
ZK7yV0wYpeheglbVh5QkP/Uyl/z3XCymr81ve4Nk/Itrkt7JP1ftsl8H27ZPe6Go
Mo9qIxfyfC6pCrrO0dmHTfwJot4cmwzL2YPza4Ud0rxXPpDyTL25S1uyI5ADfsb9
szJEWRFf6l3CQD08Lks0RHt0JHpcdr7Jm37UerLrllkG
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:21 2024 by rpki-client on console-ams.rpki-client.org