Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ys-ggIquF0cZJ7qcly9H5-u-qxg.roa
File: ys-ggIquF0cZJ7qcly9H5-u-qxg.roa (raw, json)
Hash identifier: UffQmoXOQDQQeU/Ch8Z5eRgL2uGceLLfm2TxVy6gUNc=
Subject key identifier: CA:CF:A0:80:8A:AE:17:47:19:27:BA:9C:97:2F:47:E7:EB:BE:AB:18
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CB596A585C1B5DB19200109C6DA34
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ys-ggIquF0cZJ7qcly9H5-u-qxg.roa
Signing time: Mon 02 Jan 2023 16:24:45 +0000
ROA not before: Mon 02 Jan 2023 16:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141757
IP address blocks: 193.118.161.0/24 maxlen: 24
193.118.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:b5:96:a5:85:c1:b5:db:19:20:01:09:c6:da:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cacfa0808aae17471927ba9c972f47e7ebbeab18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:37:e7:3e:96:50:63:91:24:50:bf:28:f0:98:
16:f6:fe:4a:73:04:b2:fe:81:03:0d:1d:7c:68:51:
c7:15:7e:ad:9e:b1:bf:76:ea:01:51:37:5d:b4:76:
45:a5:51:8c:db:1b:ba:be:d9:b0:d2:bd:88:0b:a0:
e8:09:9f:45:6c:96:3a:55:46:96:88:12:a7:c9:ff:
cb:46:64:ec:8e:4b:2c:0e:e6:14:ce:a0:94:91:e8:
33:3b:59:fd:15:2e:e5:10:70:d0:74:7f:e6:aa:8f:
b7:31:ac:57:67:73:dc:fc:f0:e0:27:93:32:89:53:
5f:ab:3c:34:39:e9:1d:49:0c:81:6d:4a:ab:0b:84:
4f:0b:fa:75:d1:c5:a7:86:fc:47:e2:17:46:3f:69:
32:69:ce:37:ab:31:aa:f2:76:49:5b:80:a5:2a:83:
0b:14:8e:fb:b8:91:da:9a:82:72:02:42:ea:ca:59:
3c:ec:2e:1e:c6:d0:06:bd:a9:76:81:92:b1:ff:af:
00:b3:66:17:e2:e6:8b:7d:44:4f:af:70:be:11:78:
96:fc:96:c5:71:4a:6c:56:d6:0f:19:27:af:c8:bd:
95:c6:11:55:2e:4a:d2:d7:3e:07:2d:50:33:f1:56:
9a:16:bd:24:28:45:d3:9c:c1:47:19:6a:5b:ee:f6:
25:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CF:A0:80:8A:AE:17:47:19:27:BA:9C:97:2F:47:E7:EB:BE:AB:18
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ys-ggIquF0cZJ7qcly9H5-u-qxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.118.160.0/23
Signature Algorithm: sha256WithRSAEncryption
37:43:13:fb:2c:67:c3:30:54:ee:13:a0:78:a6:19:1f:81:68:
7d:41:2b:30:35:83:5c:27:b4:40:18:b2:a7:ed:8d:cf:02:38:
ef:c0:3c:a1:ea:92:88:68:93:99:6e:ad:b7:3a:4a:e3:0a:51:
6d:97:65:6d:77:3f:61:67:18:74:43:be:3f:95:ca:a5:5a:c4:
1b:8d:c6:5a:a8:a3:69:10:56:f2:f9:4d:1b:4f:5b:34:58:df:
f8:47:aa:f1:37:30:65:26:fd:f6:da:4b:b9:ff:e8:1d:99:02:
ab:d9:f7:5d:2d:c7:9f:0a:19:e1:67:7e:20:71:c2:eb:22:e1:
3e:a6:11:2c:31:e8:45:85:68:1f:1e:c6:39:e8:a2:3d:d3:83:
74:2b:77:6d:8b:aa:d4:0b:ea:4e:ca:e7:9d:50:f5:22:33:5b:
34:07:6b:01:3b:1a:4f:b3:91:82:cd:3f:67:27:de:04:00:47:
36:0b:ab:9a:2d:3e:45:bc:6f:ba:47:87:09:4b:68:62:99:06:
e8:6a:b6:ed:23:03:1d:33:0e:e8:51:9b:3e:32:48:36:0d:1b:
e3:4f:9e:dd:b8:fa:c9:76:da:e3:08:21:2a:5a:aa:b0:a3:a5:
95:7b:fc:50:0a:3b:8a:66:0c:1e:74:5b:1f:83:92:05:9f:55:
49:92:62:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTLWWpYXBtdsZIAEJxto0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNmYTA4MDhhYWUxNzQ3MTkyN2JhOWM5NzJmNDdlN2ViYmVhYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTfnPpZQY5EkUL8o8JgW9v5KcwSy
/oEDDR18aFHHFX6tnrG/duoBUTddtHZFpVGM2xu6vtmw0r2IC6DoCZ9FbJY6VUaW
iBKnyf/LRmTsjkssDuYUzqCUkegzO1n9FS7lEHDQdH/mqo+3MaxXZ3Pc/PDgJ5My
iVNfqzw0OekdSQyBbUqrC4RPC/p10cWnhvxH4hdGP2kyac43qzGq8nZJW4ClKoML
FI77uJHamoJyAkLqylk87C4extAGval2gZKx/68As2YX4uaLfURPr3C+EXiW/JbF
cUpsVtYPGSevyL2VxhFVLkrS1z4HLVAz8VaaFr0kKEXTnMFHGWpb7vYlLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrPoICKrhdHGSe6nJcvR+frvqsYMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEveXMtZ2dJcXVGMGNaSjdxY2x5OUg1LXUtcXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwXagMA0G
CSqGSIb3DQEBCwUAA4IBAQA3QxP7LGfDMFTuE6B4phkfgWh9QSswNYNcJ7RAGLKn
7Y3PAjjvwDyh6pKIaJOZbq23OkrjClFtl2Vtdz9hZxh0Q74/lcqlWsQbjcZaqKNp
EFby+U0bT1s0WN/4R6rxNzBlJv322ku5/+gdmQKr2fddLcefChnhZ34gccLrIuE+
phEsMehFhWgfHsY56KI904N0K3dti6rUC+pOyuedUPUiM1s0B2sBOxpPs5GCzT9n
J94EAEc2C6uaLT5FvG+6R4cJS2himQboarbtIwMdMw7oUZs+Mkg2DRvjT57duPrJ
dtrjCCEqWqqwo6WVe/xQCjuKZgwedFsfg5IFn1VJkmLJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org