Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/YCQ-pWrheyBiInNOINPXtxueYZ8.roa
File: YCQ-pWrheyBiInNOINPXtxueYZ8.roa (raw, json)
Hash identifier: /8BSMA0ZNlONV36dzThjQfi7iWA7vWSE4kuIbCObQsY=
Subject key identifier: 60:24:3E:A5:6A:E1:7B:20:62:22:73:4E:20:D3:D7:B7:1B:9E:61:9F
Certificate issuer: /CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Certificate serial: 01856EB90B2A5F2E3DC804228A71AFB506EE
Authority key identifier: 7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/YCQ-pWrheyBiInNOINPXtxueYZ8.roa
Signing time: Sun 01 Jan 2023 19:04:58 +0000
ROA not before: Sun 01 Jan 2023 19:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205131
IP address blocks: 194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:0b:2a:5f:2e:3d:c8:04:22:8a:71:af:b5:06:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd6c0236ff4d6050906957ffd380b3879e6ed6e
Validity
Not Before: Jan 1 19:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60243ea56ae17b206222734e20d3d7b71b9e619f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0c:ea:24:34:fe:91:1f:5a:ac:a8:a8:fd:7f:
2e:d5:c0:4b:b1:6b:b8:31:ca:9b:fd:07:a0:5d:d5:
e2:31:a1:d0:3a:ac:3e:f6:f9:de:d9:5a:18:6f:ce:
35:f6:84:42:45:6c:ca:3f:d4:32:c2:a6:a5:23:4c:
c7:8b:4a:86:b2:65:14:42:c4:61:8e:20:9d:be:95:
33:42:5b:02:7c:df:27:14:68:4e:2e:d3:98:2a:c7:
a2:b0:62:56:3c:28:f4:86:da:8c:47:a0:d3:95:ad:
6a:5d:9c:a8:16:cd:e1:04:8b:11:ad:ae:4b:a0:08:
b6:35:e8:12:39:6e:18:a0:25:17:34:ee:bb:0e:57:
d5:f1:5c:e0:fa:97:a6:bf:c0:1c:50:8f:8e:9e:97:
1e:ab:84:4e:c2:b6:48:a2:b5:e1:8e:c7:98:68:09:
43:09:ef:69:dc:ff:83:d7:45:6c:ed:c5:f5:b9:35:
f5:3d:d7:0d:10:d9:98:b0:5d:12:08:53:cb:ba:b4:
a9:db:29:97:9c:50:1e:45:d2:96:a5:a6:65:31:96:
ce:1a:e8:40:ba:d7:c1:a3:e7:85:44:7b:19:3a:6d:
b7:c1:9d:d2:ba:ff:27:c5:02:7f:7f:6c:d6:85:90:
d6:7b:7a:00:bc:0c:cc:ff:1b:61:55:6b:e1:22:c9:
98:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:24:3E:A5:6A:E1:7B:20:62:22:73:4E:20:D3:D7:B7:1B:9E:61:9F
X509v3 Authority Key Identifier:
keyid:7C:D6:C0:23:6F:F4:D6:05:09:06:95:7F:FD:38:0B:38:79:E6:ED:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNbAI2_01gUJBpV__TgLOHnm7W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/YCQ-pWrheyBiInNOINPXtxueYZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ee78b-815c-4995-82e1-c80c288ebeea/1/fNbAI2_01gUJBpV__TgLOHnm7W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.156.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:17:4e:32:31:9f:9a:01:04:42:bc:69:3c:d0:49:ef:07:b2:
32:0f:9f:1a:49:48:69:7e:4f:e4:61:2a:21:63:b6:ee:8b:88:
e6:4e:2c:fb:25:24:fc:a0:1d:6a:f8:0f:51:0a:0d:b9:2e:37:
35:39:00:ed:e1:f7:eb:52:56:ca:da:68:72:3b:7d:f4:ba:50:
30:9f:02:88:11:33:27:11:75:ca:02:42:58:24:34:18:42:75:
20:19:bf:f5:52:b6:a9:71:6c:5a:d1:bb:c8:39:58:5b:8e:b7:
bf:d8:da:6f:ef:4c:54:72:96:9c:ad:54:48:43:e0:c1:5a:73:
e6:e9:27:4b:bd:40:b1:f7:01:97:fa:fb:44:04:6e:50:5b:a8:
0a:a0:84:64:6f:83:fa:ac:8e:5d:b2:53:d1:b6:70:04:29:84:
5f:f1:5f:54:f2:63:b1:e2:f2:89:91:92:fc:2a:b9:26:67:5e:
96:37:65:e9:8a:29:01:77:89:59:eb:bc:20:36:68:4a:0b:c3:
3d:69:8c:bd:09:c6:16:88:f0:30:0e:cb:9d:23:22:81:61:65:
48:ed:10:20:c8:36:4b:65:dc:5c:20:9b:24:7c:94:41:fa:62:
0d:bf:dd:4e:19:7d:f1:fd:8c:ca:c5:d7:ee:2f:85:27:f0:31:
65:56:76:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuQsqXy49yAQiinGvtQbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDZjMDIzNmZmNGQ2MDUwOTA2OTU3ZmZkMzgwYjM4Nzll
NmVkNmUwHhcNMjMwMTAxMTkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI0M2VhNTZhZTE3YjIwNjIyMjczNGUyMGQzZDdiNzFiOWU2MTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswzqJDT+kR9arKio/X8u1cBLsWu4
Mcqb/QegXdXiMaHQOqw+9vne2VoYb8419oRCRWzKP9QywqalI0zHi0qGsmUUQsRh
jiCdvpUzQlsCfN8nFGhOLtOYKseisGJWPCj0htqMR6DTla1qXZyoFs3hBIsRra5L
oAi2NegSOW4YoCUXNO67DlfV8Vzg+pemv8AcUI+Onpceq4ROwrZIorXhjseYaAlD
Ce9p3P+D10Vs7cX1uTX1PdcNENmYsF0SCFPLurSp2ymXnFAeRdKWpaZlMZbOGuhA
utfBo+eFRHsZOm23wZ3Suv8nxQJ/f2zWhZDWe3oAvAzM/xthVWvhIsmYnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAkPqVq4XsgYiJzTiDT17cbnmGfMB8GA1UdIwQY
MBaAFHzWwCNv9NYFCQaVf/04Czh55u1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEt
YzgwYzI4OGViZWVhLzEvWUNRLXBXcmhleUJpSW5OT0lOUFh0eHVlWVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZWU3OGItODE1Yy00OTk1LTgyZTEtYzgwYzI4OGViZWVh
LzEvZk5iQUkyXzAxZ1VKQnBWX19UZ0xPSG5tN1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjacMA0G
CSqGSIb3DQEBCwUAA4IBAQCfF04yMZ+aAQRCvGk80EnvB7IyD58aSUhpfk/kYSoh
Y7bui4jmTiz7JST8oB1q+A9RCg25Ljc1OQDt4ffrUlbK2mhyO330ulAwnwKIETMn
EXXKAkJYJDQYQnUgGb/1UrapcWxa0bvIOVhbjre/2Npv70xUcpacrVRIQ+DBWnPm
6SdLvUCx9wGX+vtEBG5QW6gKoIRkb4P6rI5dslPRtnAEKYRf8V9U8mOx4vKJkZL8
KrkmZ16WN2XpiikBd4lZ67wgNmhKC8M9aYy9CcYWiPAwDsudIyKBYWVI7RAgyDZL
ZdxcIJskfJRB+mINv91OGX3x/YzKxdfuL4Un8DFlVnYs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:48 2024 by rpki-client on console-ams.rpki-client.org