Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/yrSOS9ruVfvJC2vYLRRiHKConkE.roa
File: yrSOS9ruVfvJC2vYLRRiHKConkE.roa (raw, json)
Hash identifier: q8JpF78Mo2xS05aHkQKcUss4Kukbzn4meshdkT+l7Hs=
Subject key identifier: CA:B4:8E:4B:DA:EE:55:FB:C9:0B:6B:D8:2D:14:62:1C:A0:A8:9E:41
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 0188E7B14D5D64BC99B075744DDE8CE25FDB
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/yrSOS9ruVfvJC2vYLRRiHKConkE.roa
Signing time: Fri 23 Jun 2023 09:58:56 +0000
ROA not before: Fri 23 Jun 2023 09:58:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.152.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Jun 2023 11:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:b1:4d:5d:64:bc:99:b0:75:74:4d:de:8c:e2:5f:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jun 23 09:58:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab48e4bdaee55fbc90b6bd82d14621ca0a89e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1b:49:1b:74:ce:f9:4d:bf:67:b8:fa:d3:f3:
ff:a3:b4:c4:f5:5b:a1:d6:2e:9b:14:48:ba:1b:41:
a6:f0:ee:4e:2d:68:b7:d1:be:84:43:47:b8:eb:26:
85:27:1d:71:d3:95:57:f6:94:6d:e1:7b:2d:27:84:
46:6f:ab:d1:26:50:34:60:b9:8d:38:07:9d:6f:c1:
10:b6:c7:e3:f8:e3:31:34:4d:6c:74:d9:a4:06:4d:
87:21:9e:3e:0a:c4:10:b6:89:3a:27:3b:37:48:bf:
d9:ee:32:df:4b:15:e4:93:bb:d5:60:df:0c:31:fa:
6a:3e:aa:c9:ff:d2:f1:a6:ca:d1:f9:9d:ef:3e:6b:
46:1e:6e:9e:5e:03:21:a6:0b:f6:8c:3f:df:11:ca:
7c:37:5b:86:ad:16:ae:96:cd:41:80:10:9e:8d:9c:
fe:22:07:94:37:3a:f5:c3:17:36:ee:9a:b6:b0:53:
94:6c:8f:a1:e8:1e:10:76:9e:62:9b:13:a1:3d:7d:
1b:db:22:3e:21:6e:24:1f:94:d5:07:74:64:a8:8e:
04:73:21:e9:ac:5a:b0:00:45:e5:2e:60:16:07:81:
19:a6:26:51:1a:d6:ee:93:07:be:1f:15:8a:0e:ab:
20:0b:fa:25:32:67:35:a0:11:ad:34:83:5b:2f:19:
73:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B4:8E:4B:DA:EE:55:FB:C9:0B:6B:D8:2D:14:62:1C:A0:A8:9E:41
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/yrSOS9ruVfvJC2vYLRRiHKConkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::/43
Signature Algorithm: sha256WithRSAEncryption
a3:cb:62:7b:f4:e5:53:7c:51:97:89:25:d3:9c:31:53:77:40:
34:c0:61:04:07:91:99:1d:a0:46:85:af:21:5c:96:79:f2:13:
0f:48:e9:4b:32:96:69:f9:ad:d1:35:7a:4a:1b:f2:5f:4b:c0:
16:95:da:3d:70:c1:6b:a9:07:fc:85:21:14:48:94:32:32:26:
66:85:74:0c:c3:c2:a3:c2:e7:99:56:65:12:f7:ba:87:03:9d:
61:17:89:4d:c9:c4:26:ca:b3:2d:34:07:0f:e6:b1:37:04:c2:
8b:e0:f9:d1:5b:9a:ab:26:ce:8e:37:02:c5:cf:39:db:e6:4f:
94:17:31:d4:9c:61:39:0e:2c:ba:d1:eb:7b:5b:40:dd:35:e3:
4d:cc:00:b7:d4:e7:ec:06:e8:1a:19:5d:57:d3:9e:8b:97:0d:
30:3e:72:49:50:2a:99:e9:9b:ee:ee:bf:9b:c6:2b:94:0e:34:
c4:e6:04:51:0e:1e:3d:d8:d6:6d:ae:1c:99:07:82:b8:ef:58:
73:6e:ed:d1:b1:c8:14:02:02:1a:fe:0c:99:04:e1:e7:44:f6:
1d:3f:90:73:bf:ed:2a:a5:cc:2d:fc:f7:db:85:42:71:d7:5a:
3b:83:d0:2c:72:6e:9e:5a:13:dc:7d:23:63:f4:39:35:44:25:
b1:86:1d:fb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjnsU1dZLyZsHV0Td6M4l/bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjMwNjIzMDk1ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI0OGU0YmRhZWU1NWZiYzkwYjZiZDgyZDE0NjIxY2EwYTg5ZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRtJG3TO+U2/Z7j60/P/o7TE9Vuh
1i6bFEi6G0Gm8O5OLWi30b6EQ0e46yaFJx1x05VX9pRt4XstJ4RGb6vRJlA0YLmN
OAedb8EQtsfj+OMxNE1sdNmkBk2HIZ4+CsQQtok6Jzs3SL/Z7jLfSxXkk7vVYN8M
MfpqPqrJ/9LxpsrR+Z3vPmtGHm6eXgMhpgv2jD/fEcp8N1uGrRauls1BgBCejZz+
IgeUNzr1wxc27pq2sFOUbI+h6B4Qdp5imxOhPX0b2yI+IW4kH5TVB3RkqI4EcyHp
rFqwAEXlLmAWB4EZpiZRGtbukwe+HxWKDqsgC/olMmc1oBGtNINbLxlzIQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMq0jkva7lX7yQtr2C0UYhygqJ5BMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEveXJTT1M5cnVWZnZKQzJ2WUxSUmlIS0NvbmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuZKYAwQB
uZKaMA8EAgACMAkDBwUqB0+AAAAwDQYJKoZIhvcNAQELBQADggEBAKPLYnv05VN8
UZeJJdOcMVN3QDTAYQQHkZkdoEaFryFclnnyEw9I6Usylmn5rdE1ekob8l9LwBaV
2j1wwWupB/yFIRRIlDIyJmaFdAzDwqPC55lWZRL3uocDnWEXiU3JxCbKsy00Bw/m
sTcEwovg+dFbmqsmzo43AsXPOdvmT5QXMdScYTkOLLrR63tbQN01403MALfU5+wG
6BoZXVfTnouXDTA+cklQKpnpm+7uv5vGK5QONMTmBFEOHj3Y1m2uHJkHgrjvWHNu
7dGxyBQCAhr+DJkE4edE9h0/kHO/7SqlzC3899uFQnHXWjuD0Cxybp5aE9x9I2P0
OTVEJbGGHfs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org