Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/YLwHhFWvDrc6fxGcg372ljk-Yd4.roa
File: YLwHhFWvDrc6fxGcg372ljk-Yd4.roa (raw, json)
Hash identifier: vhn7xWLagNS1DIU0VJt8qCDnU1gzWvNFZ6xOCNB6SMc=
Subject key identifier: 60:BC:07:84:55:AF:0E:B7:3A:7F:11:9C:83:7E:F6:96:39:3E:61:DE
Certificate issuer: /CN=9b3620d6798e7eb186639c4548a0696af6e30589
Certificate serial: 018E0B60C313019667BF2C024045BABE8B9E
Authority key identifier: 9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/YLwHhFWvDrc6fxGcg372ljk-Yd4.roa
Signing time: Mon 04 Mar 2024 21:31:14 +0000
ROA not before: Mon 04 Mar 2024 21:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16189
IP address blocks: 185.171.4.0/22 maxlen: 24
2a07:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Apr 2024 06:58:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0b:60:c3:13:01:96:67:bf:2c:02:40:45:ba:be:8b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3620d6798e7eb186639c4548a0696af6e30589
Validity
Not Before: Mar 4 21:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60bc078455af0eb73a7f119c837ef696393e61de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:fa:5e:78:52:83:f8:9c:41:3f:c7:df:5a:
55:67:cc:37:45:0a:8c:c3:d0:18:68:4f:b5:c6:b2:
b4:01:85:ea:0e:6c:84:02:4a:0b:98:99:40:48:7d:
fa:bc:dc:7b:1b:3d:64:1a:4d:24:b1:33:08:a7:88:
0a:c8:5a:11:cf:bc:0b:e7:e9:b7:a8:12:eb:aa:80:
c9:3d:a8:f2:67:d9:71:d4:4d:5b:83:45:67:d6:e5:
78:b4:41:4f:5e:bc:01:2a:28:ef:22:7c:b3:96:c4:
95:9e:ad:32:4e:be:98:d9:31:f5:a0:1a:3f:e0:b8:
b8:cb:7c:8d:34:30:9c:4b:5e:75:46:2f:73:fd:6d:
a0:e4:1b:c1:81:eb:0b:17:93:88:7f:b3:84:78:0c:
32:14:2d:14:76:14:56:ca:09:45:50:a9:1b:44:0a:
f7:ac:73:74:13:90:24:20:e2:38:5d:88:a7:c5:19:
1f:e1:ec:3f:1c:c1:c4:d9:0b:2c:aa:e7:22:6e:e7:
a8:26:08:a9:75:9a:48:10:fb:7e:b1:42:3c:a6:6c:
05:58:a2:34:bc:bc:ea:59:43:52:86:1b:62:83:c4:
8a:37:15:38:4b:9d:cc:50:33:68:8e:8a:f1:19:81:
91:11:90:9d:74:22:4f:ce:de:fc:93:02:a0:ca:e7:
e4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BC:07:84:55:AF:0E:B7:3A:7F:11:9C:83:7E:F6:96:39:3E:61:DE
X509v3 Authority Key Identifier:
keyid:9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/YLwHhFWvDrc6fxGcg372ljk-Yd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.4.0/22
IPv6:
2a07:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:80:4a:88:99:12:73:e7:4b:1f:31:89:b5:90:98:23:fd:4b:
2a:6c:76:f6:2d:97:7d:91:18:3f:cf:8e:de:48:a0:c9:7f:3c:
4e:01:73:42:15:38:96:1e:b2:82:65:68:1e:de:9b:88:99:59:
43:51:ac:a5:02:fa:33:24:8f:95:0b:5e:a8:69:9f:3e:b7:46:
3c:54:0c:52:4b:bf:fd:6e:dc:ca:d7:07:bd:f8:3b:5b:84:58:
fa:21:64:38:a0:81:53:3f:0a:eb:e0:5e:d4:cb:6c:59:5e:92:
9d:0e:de:12:ca:96:bd:8a:06:e4:b0:90:aa:1b:51:2c:6a:e8:
80:e2:0d:29:90:95:1f:a9:24:1c:bc:22:39:46:ce:5c:dd:c8:
f8:11:5f:07:e3:3e:5e:5e:df:fe:36:05:29:5b:bf:32:91:c1:
69:31:f9:d5:1a:02:f3:0a:06:ef:0a:01:ce:b3:84:9a:96:cb:
18:e0:93:f4:4d:0a:7d:66:d9:00:48:b4:e2:e7:20:d3:93:8d:
0e:d1:9d:73:79:95:e7:b1:50:16:2b:35:e6:7a:bb:63:a0:c9:
d5:95:e8:ec:28:cc:24:6a:63:7e:bc:a4:87:37:b9:05:6f:7a:
25:00:67:45:20:16:c6:19:af:da:a0:b9:09:12:2b:b3:fc:91:
fb:5a:42:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4LYMMTAZZnvywCQEW6voueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzYyMGQ2Nzk4ZTdlYjE4NjYzOWM0NTQ4YTA2OTZhZjZl
MzA1ODkwHhcNMjQwMzA0MjEzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJjMDc4NDU1YWYwZWI3M2E3ZjExOWM4MzdlZjY5NjM5M2U2MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRH6XnhSg/icQT/H31pVZ8w3RQqM
w9AYaE+1xrK0AYXqDmyEAkoLmJlASH36vNx7Gz1kGk0ksTMIp4gKyFoRz7wL5+m3
qBLrqoDJPajyZ9lx1E1bg0Vn1uV4tEFPXrwBKijvInyzlsSVnq0yTr6Y2TH1oBo/
4Li4y3yNNDCcS151Ri9z/W2g5BvBgesLF5OIf7OEeAwyFC0UdhRWyglFUKkbRAr3
rHN0E5AkIOI4XYinxRkf4ew/HMHE2QssqucibueoJgipdZpIEPt+sUI8pmwFWKI0
vLzqWUNShhtig8SKNxU4S53MUDNojorxGYGREZCddCJPzt78kwKgyufk1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGC8B4RVrw63On8RnIN+9pY5PmHeMB8GA1UdIwQY
MBaAFJs2INZ5jn6xhmOcRUigaWr24wWJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMt
Y2JhMDYzMWYyOTNmLzEvWUx3SGhGV3ZEcmM2ZnhHY2czNzJsamstWWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMtY2JhMDYzMWYyOTNm
LzEvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuasEMA0E
AgACMAcDBQMqB5fAMA0GCSqGSIb3DQEBCwUAA4IBAQCjgEqImRJz50sfMYm1kJgj
/UsqbHb2LZd9kRg/z47eSKDJfzxOAXNCFTiWHrKCZWge3puImVlDUaylAvozJI+V
C16oaZ8+t0Y8VAxSS7/9btzK1we9+DtbhFj6IWQ4oIFTPwrr4F7Uy2xZXpKdDt4S
ypa9igbksJCqG1EsauiA4g0pkJUfqSQcvCI5Rs5c3cj4EV8H4z5eXt/+NgUpW78y
kcFpMfnVGgLzCgbvCgHOs4SalssY4JP0TQp9ZtkASLTi5yDTk40O0Z1zeZXnsVAW
KzXmertjoMnVlejsKMwkamN+vKSHN7kFb3olAGdFIBbGGa/aoLkJEiuz/JH7WkIs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:04 2024 by rpki-client on console-ams.rpki-client.org