Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa
File: YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa (raw, json)
Hash identifier: X7wpCRJKcXeXf3xPREawf/IzITGWAqRG73qxrSy5zGs=
Subject key identifier: 62:F3:C2:67:CD:A6:D4:9F:9F:28:AF:AF:C5:17:7F:98:E7:84:2F:F5
Certificate issuer: /CN=d4bbed63091439823ed391a472536c0fcafe8957
Certificate serial: 01856F9DC9758E3594A63DC9D71B4A0862D6
Authority key identifier: D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29266
IP address blocks: 159.20.0.0/21 maxlen: 21
195.85.253.0/24 maxlen: 24
195.137.194.0/23 maxlen: 23
2a03:2180::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c9:75:8e:35:94:a6:3d:c9:d7:1b:4a:08:62:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4bbed63091439823ed391a472536c0fcafe8957
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62f3c267cda6d49f9f28afafc5177f98e7842ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0f:3f:20:c0:85:be:73:99:c2:a1:32:bc:f0:
f8:54:f6:65:a1:39:59:42:6f:3a:96:f9:87:02:5b:
ea:19:a6:27:ba:47:1d:d0:38:dd:bb:53:8e:93:91:
56:53:13:d4:17:d0:cb:a4:f3:df:29:3c:be:f5:b9:
00:86:30:36:16:36:0f:84:e4:87:64:57:70:41:67:
a5:3f:85:49:c9:c6:fb:c3:e4:fe:d0:de:3d:0a:1a:
12:a1:26:f5:4b:aa:b3:13:ca:36:21:fc:3e:d3:89:
f1:f2:c9:a3:f6:b1:a5:53:44:2c:bb:2c:fe:e2:a2:
ca:05:ed:21:48:51:66:54:b4:b1:4f:28:0c:6b:18:
be:16:85:38:a7:48:18:0d:47:86:8d:0f:55:08:c3:
b2:17:64:5a:28:11:4b:ff:71:85:4d:e4:bf:15:56:
55:b4:af:3a:82:9a:a5:c6:2f:c8:7e:97:77:71:86:
7e:dd:ab:9d:1f:eb:5f:cd:aa:93:57:c6:c0:14:90:
f2:d2:3c:21:e9:33:0d:cd:da:17:02:18:a8:5d:2c:
23:74:ce:7f:b7:c2:6b:b5:45:be:28:02:80:28:d6:
dc:e3:0d:a0:11:52:bc:96:30:ce:9e:37:71:f7:d6:
58:90:1c:01:3b:33:8a:06:ca:2e:06:91:df:83:41:
98:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:C2:67:CD:A6:D4:9F:9F:28:AF:AF:C5:17:7F:98:E7:84:2F:F5
X509v3 Authority Key Identifier:
keyid:D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/YvPCZ82m1J-fKK-vxRd_mOeEL_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/1LvtYwkUOYI-05GkclNsD8r-iVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.20.0.0/21
195.85.253.0/24
195.137.194.0/23
IPv6:
2a03:2180::/32
Signature Algorithm: sha256WithRSAEncryption
9b:e5:c2:73:8b:1a:02:b4:ed:2c:28:41:13:da:ed:94:85:cd:
39:f6:0f:88:6b:87:27:f7:3a:a8:1e:64:ca:8e:db:2d:c8:12:
97:4d:d3:4e:9d:4a:ef:d7:3c:fa:f1:71:c5:92:2b:95:80:e4:
30:91:72:56:47:a8:9f:65:5e:e0:3d:82:c1:66:66:1b:cf:06:
37:05:cb:2a:9a:84:58:3d:7d:89:59:57:37:3b:3e:c0:86:f6:
25:6a:f3:d9:01:ce:96:fd:a5:c1:94:47:d8:c8:16:7a:4e:5d:
85:83:17:0b:22:a9:35:6b:95:80:c5:46:f5:07:61:48:fd:31:
f4:fd:18:f5:9b:c1:12:5c:10:59:0e:79:0d:42:d6:ab:22:f8:
54:f5:ff:a6:79:ca:b0:d1:73:b7:52:51:96:dd:6c:ea:89:97:
e9:bf:62:aa:90:8d:a4:a4:36:cf:d1:fa:7c:8b:dd:55:1a:d4:
43:e2:b9:89:19:8b:f6:d4:4a:aa:dc:23:b1:44:2d:63:ef:c0:
21:1a:8c:c1:ab:8f:51:8e:25:cb:20:4f:cd:40:12:0d:77:fd:
a7:74:7c:d3:ed:b3:33:d7:0d:27:7d:ae:bf:30:4b:ea:01:cb:
91:87:fa:5e:6a:eb:60:e9:7b:67:37:85:40:dc:93:41:c9:26:
73:41:61:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvncl1jjWUpj3J1xtKCGLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YmJlZDYzMDkxNDM5ODIzZWQzOTFhNDcyNTM2YzBmY2Fm
ZTg5NTcwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzYzI2N2NkYTZkNDlmOWYyOGFmYWZjNTE3N2Y5OGU3ODQyZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgA8/IMCFvnOZwqEyvPD4VPZloTlZ
Qm86lvmHAlvqGaYnukcd0Djdu1OOk5FWUxPUF9DLpPPfKTy+9bkAhjA2FjYPhOSH
ZFdwQWelP4VJycb7w+T+0N49ChoSoSb1S6qzE8o2Ifw+04nx8smj9rGlU0Qsuyz+
4qLKBe0hSFFmVLSxTygMaxi+FoU4p0gYDUeGjQ9VCMOyF2RaKBFL/3GFTeS/FVZV
tK86gpqlxi/Ifpd3cYZ+3audH+tfzaqTV8bAFJDy0jwh6TMNzdoXAhioXSwjdM5/
t8JrtUW+KAKAKNbc4w2gEVK8ljDOnjdx99ZYkBwBOzOKBsouBpHfg0GYRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGLzwmfNptSfnyivr8UXf5jnhC/1MB8GA1UdIwQY
MBaAFNS77WMJFDmCPtORpHJTbA/K/olXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUx2dFl3a1VPWUktMDVHa2NsTnNEOHItaVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi83NzU3ZWQtZDAyMC00NzFmLWJiYzUt
MTdiZjIwMmU1ZWVlLzEvWXZQQ1o4Mm0xSi1mS0stdnhSZF9tT2VFTF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi83NzU3ZWQtZDAyMC00NzFmLWJiYzUtMTdiZjIwMmU1ZWVl
LzEvMUx2dFl3a1VPWUktMDVHa2NsTnNEOHItaVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDnxQAAwQA
w1X9AwQBw4nCMA0EAgACMAcDBQAqAyGAMA0GCSqGSIb3DQEBCwUAA4IBAQCb5cJz
ixoCtO0sKEET2u2Uhc059g+Ia4cn9zqoHmTKjtstyBKXTdNOnUrv1zz68XHFkiuV
gOQwkXJWR6ifZV7gPYLBZmYbzwY3BcsqmoRYPX2JWVc3Oz7AhvYlavPZAc6W/aXB
lEfYyBZ6Tl2FgxcLIqk1a5WAxUb1B2FI/TH0/Rj1m8ESXBBZDnkNQtarIvhU9f+m
ecqw0XO3UlGW3WzqiZfpv2KqkI2kpDbP0fp8i91VGtRD4rmJGYv21Eqq3COxRC1j
78AhGozBq49RjiXLIE/NQBINd/2ndHzT7bMz1w0nfa6/MEvqAcuRh/peautg6Xtn
N4VA3JNBySZzQWEJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:53 2024 by rpki-client on console-fra.rpki-client.org