Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/yQrLZi1qL1JQEU3DjGdtmLL-lYo.roa
File: yQrLZi1qL1JQEU3DjGdtmLL-lYo.roa (raw, json)
Hash identifier: bG4GWGrYNgJZVu5L4WhFcxSbBhx70Vux9RANu1x4VBY=
Subject key identifier: C9:0A:CB:66:2D:6A:2F:52:50:11:4D:C3:8C:67:6D:98:B2:FE:95:8A
Certificate issuer: /CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Certificate serial: 01889AC74A347E74BF5C2A1F0160C3FC94CC
Authority key identifier: 2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/yQrLZi1qL1JQEU3DjGdtmLL-lYo.roa
Signing time: Thu 08 Jun 2023 11:32:11 +0000
ROA not before: Thu 08 Jun 2023 11:32:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 185.138.183.0/24 maxlen: 24
185.138.180.0/22 maxlen: 24
185.138.180.0/24 maxlen: 24
185.138.180.0/23 maxlen: 24
185.138.182.0/24 maxlen: 24
185.138.182.0/23 maxlen: 24
185.138.181.0/24 maxlen: 24
2a07:b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 27 Jul 2023 10:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:c7:4a:34:7e:74:bf:5c:2a:1f:01:60:c3:fc:94:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f4c9dfe7b1a72a551bba15a999a6c19333fff96
Validity
Not Before: Jun 8 11:32:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c90acb662d6a2f5250114dc38c676d98b2fe958a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3e:63:c2:75:56:56:4a:88:fe:5b:df:81:cc:
02:08:7b:20:5e:e7:92:ee:ad:44:3c:2f:3b:0c:90:
63:f8:82:e5:aa:2f:8a:4e:c9:ff:ec:20:1d:77:1a:
c8:40:ba:3f:71:7c:2c:c1:60:10:16:03:c2:6f:9a:
43:72:3f:00:b8:b2:53:2f:f5:7d:9c:42:fb:1d:52:
80:77:8e:99:b2:1f:ca:50:59:c7:68:45:54:09:8d:
af:f8:59:43:ee:13:15:32:77:13:8f:28:92:7e:88:
5f:01:16:a6:06:d2:a0:a2:cf:9d:95:2d:47:4e:c1:
17:b7:e1:da:88:e8:19:43:e2:08:3f:1e:64:36:fa:
c5:62:0b:58:d6:af:c9:f0:06:b7:03:05:66:1a:73:
ba:98:ba:a9:59:40:08:ca:31:dc:27:06:62:e7:82:
fa:c6:44:b7:8c:ee:29:ef:50:63:02:17:85:e2:f1:
60:89:7f:59:41:03:7b:59:ee:11:d7:f6:47:bb:97:
f0:70:e8:af:5d:8b:38:e3:3f:e3:77:99:ae:3a:60:
ca:8c:8b:88:9b:05:9b:ee:19:c2:df:1e:e0:ed:63:
55:56:1c:bd:b7:f1:05:81:cc:5e:99:8d:52:0e:24:
6a:79:97:69:7b:53:7c:71:b9:40:4a:d3:41:32:2e:
2d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0A:CB:66:2D:6A:2F:52:50:11:4D:C3:8C:67:6D:98:B2:FE:95:8A
X509v3 Authority Key Identifier:
keyid:2F:4C:9D:FE:7B:1A:72:A5:51:BB:A1:5A:99:9A:6C:19:33:3F:FF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L0yd_nsacqVRu6FamZpsGTM__5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/yQrLZi1qL1JQEU3DjGdtmLL-lYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/efa002-00b5-476b-85cf-e9e388812752/1/L0yd_nsacqVRu6FamZpsGTM__5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.180.0/22
IPv6:
2a07:b40::/29
Signature Algorithm: sha256WithRSAEncryption
ed:dd:74:88:78:41:00:db:75:85:ca:8a:06:4e:7c:bb:3f:2f:
f1:8a:7c:55:54:bf:af:07:0e:6b:d3:84:69:b3:f9:5f:2d:0d:
b2:df:a4:b0:ed:21:6d:c2:6b:b7:3e:c1:bd:d3:aa:cd:8f:76:
17:a9:2f:e2:78:00:9f:d7:48:5d:ec:ec:bc:83:92:c7:fa:4d:
33:65:48:8c:3d:09:19:32:06:8e:7a:55:e8:0f:0a:77:fc:40:
17:45:5d:60:82:df:ef:4f:da:74:d2:99:c7:1b:ed:53:70:4c:
84:df:1b:99:b0:ed:38:11:61:a5:9a:54:29:6e:40:dd:d2:e9:
a3:a4:ff:dd:8a:d5:7a:9a:6a:70:76:fd:1b:e8:ae:df:fb:25:
af:1e:cf:5e:64:3c:b1:e8:00:0c:c5:78:73:89:14:ef:d9:4e:
9a:c8:cd:a9:89:93:33:be:70:50:09:a8:76:91:36:d9:b4:fd:
d8:ff:42:e0:5a:b3:8a:62:c6:61:d8:92:25:7f:26:7d:03:be:
11:61:ce:10:31:70:76:59:5c:c8:16:dc:1d:63:84:5b:f7:a1:
6a:76:77:a3:14:05:fd:bf:70:05:c5:d3:ee:c1:91:18:01:62:
b0:16:be:1a:4f:37:c6:d6:4e:27:ca:ad:be:3d:44:78:23:25:
a4:58:5c:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiax0o0fnS/XCofAWDD/JTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNGM5ZGZlN2IxYTcyYTU1MWJiYTE1YTk5OWE2YzE5MzMz
ZmZmOTYwHhcNMjMwNjA4MTEzMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBhY2I2NjJkNmEyZjUyNTAxMTRkYzM4YzY3NmQ5OGIyZmU5NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT5jwnVWVkqI/lvfgcwCCHsgXueS
7q1EPC87DJBj+ILlqi+KTsn/7CAddxrIQLo/cXwswWAQFgPCb5pDcj8AuLJTL/V9
nEL7HVKAd46Zsh/KUFnHaEVUCY2v+FlD7hMVMncTjyiSfohfARamBtKgos+dlS1H
TsEXt+HaiOgZQ+IIPx5kNvrFYgtY1q/J8Aa3AwVmGnO6mLqpWUAIyjHcJwZi54L6
xkS3jO4p71BjAheF4vFgiX9ZQQN7We4R1/ZHu5fwcOivXYs44z/jd5muOmDKjIuI
mwWb7hnC3x7g7WNVVhy9t/EFgcxemY1SDiRqeZdpe1N8cblAStNBMi4tEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMkKy2Ytai9SUBFNw4xnbZiy/pWKMB8GA1UdIwQY
MBaAFC9Mnf57GnKlUbuhWpmabBkzP/+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2Yt
ZTllMzg4ODEyNzUyLzEveVFyTFppMXFMMUpRRVUzRGpHZHRtTEwtbFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lZmEwMDItMDBiNS00NzZiLTg1Y2YtZTllMzg4ODEyNzUy
LzEvTDB5ZF9uc2FjcVZSdTZGYW1acHNHVE1fXzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYq0MA0E
AgACMAcDBQMqBwtAMA0GCSqGSIb3DQEBCwUAA4IBAQDt3XSIeEEA23WFyooGTny7
Py/xinxVVL+vBw5r04Rps/lfLQ2y36Sw7SFtwmu3PsG906rNj3YXqS/ieACf10hd
7Oy8g5LH+k0zZUiMPQkZMgaOelXoDwp3/EAXRV1ggt/vT9p00pnHG+1TcEyE3xuZ
sO04EWGlmlQpbkDd0umjpP/ditV6mmpwdv0b6K7f+yWvHs9eZDyx6AAMxXhziRTv
2U6ayM2piZMzvnBQCah2kTbZtP3Y/0LgWrOKYsZh2JIlfyZ9A74RYc4QMXB2WVzI
FtwdY4Rb96FqdnejFAX9v3AFxdPuwZEYAWKwFr4aTzfG1k4nyq2+PUR4IyWkWFw+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:23 2024 by rpki-client on console-ams.rpki-client.org