Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/YmG7xOY3ZKuD4SHmrP0iq6G7QFc.roa
File: YmG7xOY3ZKuD4SHmrP0iq6G7QFc.roa (raw, json)
Hash identifier: AlQsByhW3PUFP/7bx3WGR1YP5nmxFzN9nG0VZoSH82o=
Subject key identifier: 62:61:BB:C4:E6:37:64:AB:83:E1:21:E6:AC:FD:22:AB:A1:BB:40:57
Certificate issuer: /CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Certificate serial: 018BD9223C512C497A2FED31E0E707E22C91
Authority key identifier: AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/YmG7xOY3ZKuD4SHmrP0iq6G7QFc.roa
Signing time: Thu 16 Nov 2023 17:16:21 +0000
ROA not before: Thu 16 Nov 2023 17:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197075
IP address blocks: 185.25.234.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d9:22:3c:51:2c:49:7a:2f:ed:31:e0:e7:07:e2:2c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aab1db0e00820876dfa20bec9b719aa795acc1de
Validity
Not Before: Nov 16 17:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6261bbc4e63764ab83e121e6acfd22aba1bb4057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8b:39:bd:a3:1e:ea:80:ce:e9:5f:e2:ba:99:
8a:80:38:5f:be:bf:c1:1e:95:2a:7d:a9:0c:e5:2e:
1c:d1:25:e5:0f:a6:76:83:7d:d6:31:a2:2f:a8:82:
fd:e9:90:af:c5:dc:1a:c9:c1:c8:da:ca:ed:26:1f:
a2:5b:f9:ec:8c:8f:c1:2d:59:d2:48:45:79:4e:5e:
e3:21:27:1d:4b:c9:7d:1b:0f:bf:30:62:32:16:4e:
aa:1e:1e:f0:83:aa:dc:51:d5:db:fc:9d:50:9f:8b:
23:68:6a:6e:7d:42:7f:17:47:45:c1:17:ab:ae:12:
4b:3e:89:da:ec:d3:8f:94:88:3b:65:b6:9e:f8:e5:
d6:50:02:05:eb:b7:61:59:3c:09:e1:6a:58:f5:6b:
ac:60:55:f6:d6:26:43:7e:cf:2c:1f:7a:2d:74:6e:
74:83:c8:e4:2e:7d:78:ba:2c:0a:a2:29:dc:04:bd:
8e:28:8d:0c:c0:94:00:22:66:cf:17:32:5f:15:cc:
20:c3:b7:80:76:db:4e:bd:0f:82:29:9a:e4:96:fa:
1f:44:84:e1:e1:3c:b6:99:3a:88:1d:cc:13:f9:da:
1c:8f:86:9f:7d:7f:69:c7:81:47:a0:a9:b4:66:00:
7f:be:d0:cb:59:f1:e9:51:58:83:bf:91:2c:25:c6:
aa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:61:BB:C4:E6:37:64:AB:83:E1:21:E6:AC:FD:22:AB:A1:BB:40:57
X509v3 Authority Key Identifier:
keyid:AA:B1:DB:0E:00:82:08:76:DF:A2:0B:EC:9B:71:9A:A7:95:AC:C1:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qrHbDgCCCHbfogvsm3Gap5Wswd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/YmG7xOY3ZKuD4SHmrP0iq6G7QFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6add07-e6ad-4dba-9b8b-23e3813651d4/1/qrHbDgCCCHbfogvsm3Gap5Wswd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.234.0/23
Signature Algorithm: sha256WithRSAEncryption
13:df:6f:da:c9:90:0c:56:58:29:7e:90:6a:eb:b9:80:0f:95:
76:1a:ae:37:40:a1:7f:1c:2e:9b:d0:3c:4f:50:ba:3f:57:39:
37:a5:9f:3b:ba:b2:47:87:93:7f:e9:ee:14:e6:d7:c8:66:ea:
10:eb:17:a3:55:4c:dc:f5:21:09:db:31:b9:6b:e5:05:a8:ef:
8d:79:39:9c:50:d8:f1:8a:27:3c:6c:c3:5d:89:10:71:3a:c4:
44:43:c9:cb:00:a1:c0:38:7f:0b:fc:e0:51:7a:c8:6c:9d:7b:
db:7f:62:cf:55:3d:c8:b1:47:5b:18:74:9e:e1:3e:a8:3e:ee:
c7:2a:85:2a:3f:75:c3:61:6f:87:4a:8f:dd:44:35:5b:a3:1b:
59:ec:1c:81:bb:76:c1:61:8f:d6:79:29:a0:90:a7:ad:74:6d:
f9:6f:49:6d:10:60:a2:de:ba:a4:6d:27:d7:95:14:9c:c4:d0:
7f:ce:8c:9f:14:ce:64:97:a9:b2:cd:65:a6:15:dc:82:e7:f3:
38:bb:d3:74:aa:0b:7e:4d:2a:12:7e:f3:ba:b4:9f:52:ce:27:
f7:d2:7c:51:dd:27:65:86:44:66:61:f7:f4:15:0e:f4:8e:6a:
9d:42:a6:d0:c1:ec:2e:fd:e6:9e:5c:ec:c3:23:47:7c:6c:5f:
4f:c8:9a:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvZIjxRLEl6L+0x4OcH4iyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhYjFkYjBlMDA4MjA4NzZkZmEyMGJlYzliNzE5YWE3OTVh
Y2MxZGUwHhcNMjMxMTE2MTcxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjYxYmJjNGU2Mzc2NGFiODNlMTIxZTZhY2ZkMjJhYmExYmI0MDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmos5vaMe6oDO6V/iupmKgDhfvr/B
HpUqfakM5S4c0SXlD6Z2g33WMaIvqIL96ZCvxdwaycHI2srtJh+iW/nsjI/BLVnS
SEV5Tl7jIScdS8l9Gw+/MGIyFk6qHh7wg6rcUdXb/J1Qn4sjaGpufUJ/F0dFwRer
rhJLPona7NOPlIg7Zbae+OXWUAIF67dhWTwJ4WpY9WusYFX21iZDfs8sH3otdG50
g8jkLn14uiwKoincBL2OKI0MwJQAImbPFzJfFcwgw7eAdttOvQ+CKZrklvofRITh
4Ty2mTqIHcwT+docj4affX9px4FHoKm0ZgB/vtDLWfHpUViDv5EsJcaqxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJhu8TmN2Srg+Eh5qz9Iquhu0BXMB8GA1UdIwQY
MBaAFKqx2w4Aggh236IL7JtxmqeVrMHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGIt
MjNlMzgxMzY1MWQ0LzEvWW1HN3hPWTNaS3VENFNIbXJQMGlxNkc3UUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YWRkMDctZTZhZC00ZGJhLTliOGItMjNlMzgxMzY1MWQ0
LzEvcXJIYkRnQ0NDSGJmb2d2c20zR2FwNVdzd2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRnqMA0G
CSqGSIb3DQEBCwUAA4IBAQAT32/ayZAMVlgpfpBq67mAD5V2Gq43QKF/HC6b0DxP
ULo/Vzk3pZ87urJHh5N/6e4U5tfIZuoQ6xejVUzc9SEJ2zG5a+UFqO+NeTmcUNjx
iic8bMNdiRBxOsREQ8nLAKHAOH8L/OBReshsnXvbf2LPVT3IsUdbGHSe4T6oPu7H
KoUqP3XDYW+HSo/dRDVboxtZ7ByBu3bBYY/WeSmgkKetdG35b0ltEGCi3rqkbSfX
lRScxNB/zoyfFM5kl6myzWWmFdyC5/M4u9N0qgt+TSoSfvO6tJ9Szif30nxR3Sdl
hkRmYff0FQ70jmqdQqbQwewu/eaeXOzDI0d8bF9PyJpe
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:01 2024 by rpki-client on console-fra.rpki-client.org