Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/Y5Mn7NxGN7JE8YXtwKsgIZ0X_Jo.roa
File: Y5Mn7NxGN7JE8YXtwKsgIZ0X_Jo.roa (raw, json)
Hash identifier: 54+1Y0d6vT/zUFz6YWWOXJ9XPoIZLazCB1X792cpvQo=
Subject key identifier: 63:93:27:EC:DC:46:37:B2:44:F1:85:ED:C0:AB:20:21:9D:17:FC:9A
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 018572D5C084F8D4C93D25D04DAF5C80985B
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/Y5Mn7NxGN7JE8YXtwKsgIZ0X_Jo.roa
Signing time: Mon 02 Jan 2023 14:14:49 +0000
ROA not before: Mon 02 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15405
IP address blocks: 91.198.244.0/24 maxlen: 24
195.162.84.0/22 maxlen: 22
185.22.156.0/22 maxlen: 22
185.159.36.0/22 maxlen: 22
185.202.68.0/22 maxlen: 22
2a03:4c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:c0:84:f8:d4:c9:3d:25:d0:4d:af:5c:80:98:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Jan 2 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=639327ecdc4637b244f185edc0ab20219d17fc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e1:22:b2:36:cf:f9:93:ea:c8:aa:94:5e:96:
28:d0:2e:fe:12:b4:a9:5d:18:65:d8:1c:0e:d8:e8:
46:d9:2d:2f:09:89:e4:6a:7e:be:c0:5a:2f:44:0f:
01:bc:3c:9d:f5:11:cf:65:ee:a5:eb:53:63:27:21:
2e:a5:07:82:41:28:45:87:79:fd:f9:e8:59:ed:f7:
de:24:66:96:8a:11:1f:26:30:12:9b:48:4b:13:48:
55:72:cc:2b:ab:b7:53:fa:c5:dc:e3:ae:8c:22:50:
21:9e:3e:9d:a7:43:0c:df:56:d0:1c:08:0b:4c:b9:
d1:2c:99:b6:f1:cb:4e:eb:36:73:cb:c8:45:d3:e2:
ca:21:d0:77:d9:4a:dc:71:80:ad:e9:4d:0a:77:88:
87:a1:73:7e:48:a2:ab:92:e5:00:b4:b2:f0:09:61:
cd:7a:3f:91:7e:39:a8:d6:79:68:0a:db:99:33:63:
c9:21:8f:b4:1e:78:c3:af:7d:7a:02:4f:ae:6b:02:
18:72:cd:6f:4e:36:c9:5c:de:b0:04:f5:75:5d:c3:
91:f8:91:28:e1:06:d0:0d:0c:c5:4a:54:20:42:ae:
30:22:99:73:42:c7:b1:c6:55:f1:61:ae:f5:d3:c3:
f9:a3:01:fc:59:82:2c:b7:f6:86:f8:80:2c:38:6f:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:93:27:EC:DC:46:37:B2:44:F1:85:ED:C0:AB:20:21:9D:17:FC:9A
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/Y5Mn7NxGN7JE8YXtwKsgIZ0X_Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.244.0/24
185.22.156.0/22
185.159.36.0/22
185.202.68.0/22
195.162.84.0/22
IPv6:
2a03:4c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:57:ac:1a:43:5f:40:68:c2:25:5a:44:ec:41:ef:20:88:73:
97:de:d6:8d:3c:8c:b0:35:06:4c:0a:f2:13:2a:e7:dd:eb:1a:
53:14:0a:d8:c7:88:e1:64:f0:e7:10:7b:be:65:cf:1d:f7:18:
6a:52:6f:5d:9c:fd:2c:5e:76:eb:4c:62:c4:09:45:06:79:11:
63:fa:79:26:03:6b:58:76:0d:6d:84:f6:e5:5f:b5:0c:15:a0:
e7:94:e2:b6:94:12:e5:85:49:6e:ef:41:34:51:62:48:27:c2:
9c:40:8d:ee:5e:c2:bb:79:89:27:71:4e:d3:91:8d:b7:46:05:
9a:54:98:4a:23:0b:02:a2:18:d2:b7:46:19:d9:2f:94:6b:7f:
13:d8:30:74:23:36:99:5b:d5:92:67:c8:71:c6:87:32:e5:99:
98:bc:5c:41:10:cc:25:c1:28:97:08:a7:54:69:20:c3:4c:b8:
b5:3f:79:89:88:da:01:43:d1:14:f0:99:3e:b3:0e:93:26:c6:
1d:af:04:96:9b:fd:90:f0:36:2f:76:cc:ec:0e:b5:ec:b4:73:
f3:dd:d0:f8:dc:65:30:d4:47:6a:01:8f:c0:a7:39:05:c6:07:
58:24:8f:e9:7e:5e:f2:cd:d6:56:20:af:94:30:9b:a6:c9:f8:
3e:83:3f:08
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVy1cCE+NTJPSXQTa9cgJhbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjMwMTAyMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzkzMjdlY2RjNDYzN2IyNDRmMTg1ZWRjMGFiMjAyMTlkMTdmYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOEisjbP+ZPqyKqUXpYo0C7+ErSp
XRhl2BwO2OhG2S0vCYnkan6+wFovRA8BvDyd9RHPZe6l61NjJyEupQeCQShFh3n9
+ehZ7ffeJGaWihEfJjASm0hLE0hVcswrq7dT+sXc466MIlAhnj6dp0MM31bQHAgL
TLnRLJm28ctO6zZzy8hF0+LKIdB32UrccYCt6U0Kd4iHoXN+SKKrkuUAtLLwCWHN
ej+Rfjmo1nloCtuZM2PJIY+0HnjDr316Ak+uawIYcs1vTjbJXN6wBPV1XcOR+JEo
4QbQDQzFSlQgQq4wIplzQsexxlXxYa7108P5owH8WYIst/aG+IAsOG8stwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGOTJ+zcRjeyRPGF7cCrICGdF/yaMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvWTVNbjdOeEdON0pFOFlYdHdLc2dJWjBYX0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW8b0AwQC
uRacAwQCuZ8kAwQCucpEAwQCw6JUMA0EAgACMAcDBQAqAwTAMA0GCSqGSIb3DQEB
CwUAA4IBAQBaV6waQ19AaMIlWkTsQe8giHOX3taNPIywNQZMCvITKufd6xpTFArY
x4jhZPDnEHu+Zc8d9xhqUm9dnP0sXnbrTGLECUUGeRFj+nkmA2tYdg1thPblX7UM
FaDnlOK2lBLlhUlu70E0UWJIJ8KcQI3uXsK7eYkncU7TkY23RgWaVJhKIwsCohjS
t0YZ2S+Ua38T2DB0IzaZW9WSZ8hxxocy5ZmYvFxBEMwlwSiXCKdUaSDDTLi1P3mJ
iNoBQ9EU8Jk+sw6TJsYdrwSWm/2Q8DYvdszsDrXstHPz3dD43GUw1EdqAY/ApzkF
xgdYJI/pfl7yzdZWIK+UMJumyfg+gz8I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:39 2024 by rpki-client on console-ams.rpki-client.org