Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/yfcSp1dtudayRIHzo0dra8UyiII.roa
File: yfcSp1dtudayRIHzo0dra8UyiII.roa (raw, json)
Hash identifier: LHN8LS3u6FybmyQSCKaqD0MqstT4Qc75KJIJN/nztdU=
Subject key identifier: C9:F7:12:A7:57:6D:B9:D6:B2:44:81:F3:A3:47:6B:6B:C5:32:88:82
Certificate issuer: /CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Certificate serial: 0187DBA7B344DB8E9782D05E8ECC34E9FAAB
Authority key identifier: DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/yfcSp1dtudayRIHzo0dra8UyiII.roa
Signing time: Tue 02 May 2023 08:50:13 +0000
ROA not before: Tue 02 May 2023 08:50:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200697
IP address blocks: 185.135.197.0/24 maxlen: 24
185.135.198.0/24 maxlen: 24
185.135.199.0/24 maxlen: 24
185.135.196.0/24 maxlen: 24
2a09:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:a7:b3:44:db:8e:97:82:d0:5e:8e:cc:34:e9:fa:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Validity
Not Before: May 2 08:50:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f712a7576db9d6b24481f3a3476b6bc5328882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:08:a1:09:7a:6a:69:64:67:f4:bc:10:47:93:
67:5e:60:8d:54:fb:d7:7a:09:f2:11:90:4a:c8:d4:
12:bf:31:6f:0a:a4:a6:9b:40:8f:82:34:67:b9:eb:
c2:f3:61:af:e7:65:3f:cb:cc:bb:62:a5:a6:b3:34:
9a:84:35:a8:a2:c5:ca:f9:3a:67:35:dc:6c:dd:94:
66:bb:38:f7:0d:d1:6c:32:f3:b5:2e:d1:ca:8a:8f:
16:09:c6:4a:09:6e:cb:1c:4b:e8:7c:c3:69:99:44:
68:2f:83:a8:94:a3:76:65:ba:cf:cb:62:65:d1:75:
eb:fc:97:54:4b:90:0b:c3:be:6e:45:85:32:2d:d7:
d6:fa:b3:09:c7:92:7e:7e:6e:e7:ab:89:82:58:1b:
0c:90:73:ab:82:d2:c6:3b:02:9f:2c:c0:9d:07:fc:
65:3a:99:4e:67:5d:10:2b:b2:66:38:93:05:a1:55:
d7:1e:33:59:55:29:47:1e:6d:52:c1:bf:78:61:5b:
52:91:d7:ae:04:24:6f:3d:e6:e8:60:21:2c:1c:f7:
83:ea:3c:d2:00:50:e9:71:58:ad:43:5c:68:bc:80:
dc:1b:12:a4:ff:1e:dc:ad:5d:83:a2:1a:79:62:81:
f6:f9:09:03:05:46:d3:48:bf:bb:a5:20:e0:b3:8f:
4a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F7:12:A7:57:6D:B9:D6:B2:44:81:F3:A3:47:6B:6B:C5:32:88:82
X509v3 Authority Key Identifier:
keyid:DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/yfcSp1dtudayRIHzo0dra8UyiII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.196.0/22
IPv6:
2a09:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
60:b7:ca:2d:9d:43:ab:1c:a5:3c:7b:48:73:be:3a:d8:76:09:
85:5f:66:57:98:d7:19:1f:5f:6e:b4:bf:66:38:36:da:b9:85:
8a:c2:c8:de:62:bb:c4:2e:39:02:40:c3:11:da:75:59:dd:5a:
b5:66:a1:3b:a5:4f:d7:3e:a4:6f:bb:93:08:60:cf:6b:4e:c2:
4d:73:15:b7:58:15:1f:ea:ac:31:00:2c:e5:e1:c9:40:45:f0:
1e:16:44:cb:5e:f7:99:9d:a0:e3:70:90:b1:96:b6:e5:eb:e3:
e3:9b:cc:73:4d:42:a3:ac:cc:3a:b8:4a:d2:67:45:75:99:f0:
86:44:61:24:45:bc:75:31:6d:eb:3d:96:ad:d3:21:95:06:a7:
a3:b0:05:49:88:aa:c2:7c:ce:7b:e1:eb:92:9b:1a:7f:06:65:
c1:79:31:7b:97:92:8c:03:8e:28:61:15:6c:9d:bd:0d:43:13:
73:08:7f:58:28:5f:de:26:b3:87:ef:00:d9:e9:18:16:01:90:
74:33:58:c2:e3:9d:e2:58:f9:fe:28:2b:61:2e:db:a2:e0:dc:
1e:95:c5:7d:1f:9c:af:74:39:ce:48:28:f8:b6:55:82:16:96:
9f:42:1f:6b:9b:18:40:59:68:fc:79:aa:14:05:82:6e:0b:21:
a2:c2:33:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfbp7NE246XgtBejsw06fqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTA3MmIxMzg4MGMxZjFiYTg2ZmNjNGM0MDI5N2Y1ZDlm
NDM3NzQwHhcNMjMwNTAyMDg1MDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY3MTJhNzU3NmRiOWQ2YjI0NDgxZjNhMzQ3NmI2YmM1MzI4ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQihCXpqaWRn9LwQR5NnXmCNVPvX
egnyEZBKyNQSvzFvCqSmm0CPgjRnuevC82Gv52U/y8y7YqWmszSahDWoosXK+Tpn
Ndxs3ZRmuzj3DdFsMvO1LtHKio8WCcZKCW7LHEvofMNpmURoL4OolKN2ZbrPy2Jl
0XXr/JdUS5ALw75uRYUyLdfW+rMJx5J+fm7nq4mCWBsMkHOrgtLGOwKfLMCdB/xl
OplOZ10QK7JmOJMFoVXXHjNZVSlHHm1Swb94YVtSkdeuBCRvPeboYCEsHPeD6jzS
AFDpcVitQ1xovIDcGxKk/x7crV2Dohp5YoH2+QkDBUbTSL+7pSDgs49KJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMn3EqdXbbnWskSB86NHa2vFMoiCMB8GA1UdIwQY
MBaAFN1QcrE4gMHxuob8xMQCl/XZ9Dd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0Mjct
NjRkMWJjNzM1YmFjLzEveWZjU3AxZHR1ZGF5UklIem8wZHJhOFV5aUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0MjctNjRkMWJjNzM1YmFj
LzEvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYfEMA0E
AgACMAcDBQMqCV9AMA0GCSqGSIb3DQEBCwUAA4IBAQBgt8otnUOrHKU8e0hzvjrY
dgmFX2ZXmNcZH19utL9mODbauYWKwsjeYrvELjkCQMMR2nVZ3Vq1ZqE7pU/XPqRv
u5MIYM9rTsJNcxW3WBUf6qwxACzl4clARfAeFkTLXveZnaDjcJCxlrbl6+Pjm8xz
TUKjrMw6uErSZ0V1mfCGRGEkRbx1MW3rPZat0yGVBqejsAVJiKrCfM574euSmxp/
BmXBeTF7l5KMA44oYRVsnb0NQxNzCH9YKF/eJrOH7wDZ6RgWAZB0M1jC453iWPn+
KCthLtui4NwelcV9H5yvdDnOSCj4tlWCFpafQh9rmxhAWWj8eaoUBYJuCyGiwjMx
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:46 2024 by rpki-client on console-ams.rpki-client.org