Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/yb3uyNSllAhxSQAZ-3CuoNqD_UY.roa
File: yb3uyNSllAhxSQAZ-3CuoNqD_UY.roa (raw, json)
Hash identifier: xrBN88QX8ty7NU6Tr1ac96fz1oBMOHeu51/pKdej1So=
Subject key identifier: C9:BD:EE:C8:D4:A5:94:08:71:49:00:19:FB:70:AE:A0:DA:83:FD:46
Certificate issuer: /CN=2928db241541d6b6a6490004060aa71ad6ec189c
Certificate serial: 01856CF84A183B60C16DC191BB198886148F
Authority key identifier: 29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/yb3uyNSllAhxSQAZ-3CuoNqD_UY.roa
Signing time: Sun 01 Jan 2023 10:54:49 +0000
ROA not before: Sun 01 Jan 2023 10:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60283
IP address blocks: 185.243.84.0/22 maxlen: 22
185.243.84.0/23 maxlen: 23
185.243.86.0/23 maxlen: 23
185.243.86.0/24 maxlen: 24
185.243.87.0/24 maxlen: 24
193.200.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:4a:18:3b:60:c1:6d:c1:91:bb:19:88:86:14:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2928db241541d6b6a6490004060aa71ad6ec189c
Validity
Not Before: Jan 1 10:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9bdeec8d4a5940871490019fb70aea0da83fd46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:26:52:84:0e:d7:bf:ec:64:2f:8d:52:9d:af:
78:9c:2e:0f:5f:00:1d:08:30:54:fc:70:4a:33:55:
c8:7a:64:a2:5d:f1:ba:c4:c8:e2:98:bf:a7:8b:ca:
c2:de:6b:38:ee:d1:af:1d:e5:d4:80:cd:7f:33:75:
86:e6:f2:25:2c:0f:fb:09:db:9c:ed:2f:8f:28:9a:
13:cf:f1:e6:bf:a4:0b:9b:e7:3f:49:7f:6b:98:7f:
5c:12:6a:07:7f:21:5b:76:25:ef:dd:8e:d8:b4:a7:
c2:da:75:a2:50:6e:9f:d7:74:a7:ed:00:65:7a:23:
4e:fb:9f:fe:e0:97:f5:ef:04:61:03:df:ff:a9:ea:
d5:44:4b:16:f4:bf:4b:2e:48:b7:67:8f:af:69:9f:
28:52:ce:58:68:d6:44:36:28:d6:e0:8f:b4:f7:69:
07:17:34:5f:62:77:22:a2:65:5e:4f:56:6d:80:10:
2b:bc:97:15:f5:70:8b:c4:66:62:37:7b:b5:26:96:
78:79:96:87:d8:ba:18:99:ca:55:54:e4:32:ae:73:
b6:11:51:75:86:0d:36:10:ec:0d:01:98:24:3c:2d:
c5:6d:7d:4c:46:df:e0:72:81:5a:c0:bd:21:07:16:
bf:c1:77:4b:69:f6:c7:cf:44:01:d4:54:c9:4f:d4:
91:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BD:EE:C8:D4:A5:94:08:71:49:00:19:FB:70:AE:A0:DA:83:FD:46
X509v3 Authority Key Identifier:
keyid:29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/yb3uyNSllAhxSQAZ-3CuoNqD_UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.84.0/22
193.200.250.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e1:b6:c2:30:1f:5e:cf:1c:7b:1f:d7:df:22:3f:fe:04:51:
ac:2e:fd:56:28:ab:0f:bb:ba:c2:0e:dc:f4:9e:55:e0:4c:23:
74:24:64:f2:7d:15:18:10:d5:68:ca:8a:ea:cf:5e:1a:48:fd:
27:ab:6d:99:99:04:44:12:af:0d:57:e9:82:eb:20:aa:13:87:
bf:17:06:ee:34:42:1a:f1:17:33:ee:9a:79:0b:45:80:80:dc:
de:96:52:a2:38:64:1e:c5:ef:f2:aa:88:7b:50:00:46:df:7d:
86:74:bb:c9:f7:8e:b9:15:74:e8:17:ea:89:a7:1f:29:ce:da:
46:48:35:f7:22:2f:e5:df:c6:1f:5b:5b:0c:c8:f3:fd:29:89:
31:2e:08:2f:29:27:da:db:23:2d:fa:1f:0e:2e:cc:6f:46:6c:
aa:17:b3:63:7c:39:9d:e7:59:4b:4d:da:37:ba:a7:a0:56:20:
81:64:7c:3c:18:21:3c:2a:d5:86:a8:8a:b7:e1:64:57:08:24:
b6:d1:33:07:6b:f7:14:96:28:32:58:f1:e2:9f:36:f7:be:b5:
88:80:0f:04:cb:76:28:39:3e:16:9d:51:a6:fd:93:a5:75:1b:
5d:09:40:b6:e7:76:62:2b:82:23:88:2d:94:a9:4d:bf:bd:ef:
0d:9f:e8:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs+EoYO2DBbcGRuxmIhhSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MjhkYjI0MTU0MWQ2YjZhNjQ5MDAwNDA2MGFhNzFhZDZl
YzE4OWMwHhcNMjMwMTAxMTA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJkZWVjOGQ0YTU5NDA4NzE0OTAwMTlmYjcwYWVhMGRhODNmZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiZShA7Xv+xkL41Sna94nC4PXwAd
CDBU/HBKM1XIemSiXfG6xMjimL+ni8rC3ms47tGvHeXUgM1/M3WG5vIlLA/7Cduc
7S+PKJoTz/Hmv6QLm+c/SX9rmH9cEmoHfyFbdiXv3Y7YtKfC2nWiUG6f13Sn7QBl
eiNO+5/+4Jf17wRhA9//qerVREsW9L9LLki3Z4+vaZ8oUs5YaNZENijW4I+092kH
FzRfYnciomVeT1ZtgBArvJcV9XCLxGZiN3u1JpZ4eZaH2LoYmcpVVOQyrnO2EVF1
hg02EOwNAZgkPC3FbX1MRt/gcoFawL0hBxa/wXdLafbHz0QB1FTJT9SRDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMm97sjUpZQIcUkAGftwrqDag/1GMB8GA1UdIwQY
MBaAFCko2yQVQda2pkkABAYKpxrW7BicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQt
MjkzNTYzNDFjNWZkLzEveWIzdXlOU2xsQWh4U1FBWi0zQ3VvTnFEX1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQtMjkzNTYzNDFjNWZk
LzEvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufNUAwQA
wcj6MA0GCSqGSIb3DQEBCwUAA4IBAQAX4bbCMB9ezxx7H9ffIj/+BFGsLv1WKKsP
u7rCDtz0nlXgTCN0JGTyfRUYENVoyorqz14aSP0nq22ZmQREEq8NV+mC6yCqE4e/
FwbuNEIa8Rcz7pp5C0WAgNzellKiOGQexe/yqoh7UABG332GdLvJ9465FXToF+qJ
px8pztpGSDX3Ii/l38YfW1sMyPP9KYkxLggvKSfa2yMt+h8OLsxvRmyqF7NjfDmd
51lLTdo3uqegViCBZHw8GCE8KtWGqIq34WRXCCS20TMHa/cUligyWPHinzb3vrWI
gA8Ey3YoOT4WnVGm/ZOldRtdCUC253ZiK4IjiC2UqU2/ve8Nn+iO
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:30:55 2024 by rpki-client on console-fra.rpki-client.org