Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/_YLi4JAeZeWBwqQkjgmVUi6eNBg.roa
File: _YLi4JAeZeWBwqQkjgmVUi6eNBg.roa (raw, json)
Hash identifier: Z3Q1EKX8xXd5MSQavhc4dk33mRgzR/+yt0Dzz/27dPY=
Subject key identifier: FD:82:E2:E0:90:1E:65:E5:81:C2:A4:24:8E:09:95:52:2E:9E:34:18
Certificate issuer: /CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Certificate serial: 01856D01608569D991B4694492518C0C2A4E
Authority key identifier: 43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/_YLi4JAeZeWBwqQkjgmVUi6eNBg.roa
Signing time: Sun 01 Jan 2023 11:04:44 +0000
ROA not before: Sun 01 Jan 2023 11:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202813
IP address blocks: 185.14.60.0/22 maxlen: 24
185.178.16.0/22 maxlen: 24
185.153.224.0/22 maxlen: 24
2a09:74c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:60:85:69:d9:91:b4:69:44:92:51:8c:0c:2a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=437e030d44661a4c201eba03de452b04b8e7d9e5
Validity
Not Before: Jan 1 11:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd82e2e0901e65e581c2a4248e0995522e9e3418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:79:d4:3a:19:51:26:2b:c0:9f:fb:ad:38:8c:
23:73:2f:84:78:0a:43:4a:1f:e8:19:5c:8c:3f:d7:
da:9c:47:7e:30:bd:12:b8:fc:78:0d:ec:6c:dc:bf:
d6:ab:63:a9:77:a0:06:df:de:67:3d:9f:a3:70:d8:
92:f6:8f:af:bc:bb:67:93:cd:6b:d0:c2:25:ac:85:
20:3b:4e:2e:ac:bf:ef:a8:a2:d7:6a:e0:98:9e:83:
43:a5:e2:46:d3:d3:47:e9:3f:28:10:50:4b:78:1c:
f9:b3:56:2f:6a:87:a3:db:11:52:6e:d2:bc:6f:fa:
8c:07:b7:23:0b:8f:b7:08:20:16:9b:ba:15:f4:51:
f1:2a:14:57:28:27:d4:df:4b:7a:4a:b8:2f:5b:c6:
f8:4a:e4:15:e3:92:41:dd:d5:02:2f:db:44:64:84:
b9:5c:33:3b:bb:24:c5:c1:35:4c:82:db:31:64:f3:
56:25:10:19:40:34:5c:e2:b9:19:83:8c:1f:af:0e:
f7:83:ed:e3:48:eb:36:90:47:ab:d8:81:65:8b:08:
04:e8:14:7f:e9:a0:53:1e:b8:28:2c:c0:70:47:9c:
e7:3b:43:db:73:a2:31:9d:cf:76:26:2c:b6:15:95:
0f:df:44:69:0e:e2:c1:e9:6d:38:48:8c:d4:97:fd:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:82:E2:E0:90:1E:65:E5:81:C2:A4:24:8E:09:95:52:2E:9E:34:18
X509v3 Authority Key Identifier:
keyid:43:7E:03:0D:44:66:1A:4C:20:1E:BA:03:DE:45:2B:04:B8:E7:D9:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q34DDURmGkwgHroD3kUrBLjn2eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/_YLi4JAeZeWBwqQkjgmVUi6eNBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/4be259-be96-40fa-880e-bbd2106f3370/1/Q34DDURmGkwgHroD3kUrBLjn2eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.60.0/22
185.153.224.0/22
185.178.16.0/22
IPv6:
2a09:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:fb:de:82:ef:e6:16:09:51:3f:9e:44:f4:a3:a4:a7:d4:27:
7c:2a:0b:38:63:92:ab:18:2d:3b:02:02:b4:9d:25:5b:72:bf:
77:7b:75:06:97:36:cc:65:e0:b7:a0:9f:3c:51:54:3c:ef:9e:
77:a9:09:fd:1a:67:7a:0c:b3:d3:47:17:ea:1a:26:35:be:74:
5c:ce:bf:8b:f7:7f:54:31:7f:b0:2d:88:5b:30:ef:d0:17:0b:
bd:e8:17:76:b7:01:6b:0f:0d:c9:20:3f:1b:ee:2b:30:6f:5b:
4f:d7:4a:c7:4b:8e:4a:3e:93:a0:58:1d:54:fb:c6:2b:2c:17:
9b:a7:c5:6d:d1:8c:06:96:f4:61:ca:ee:ef:66:dc:4f:51:96:
18:fd:8b:18:42:f4:e6:2e:cc:e3:3a:a8:28:dc:2b:12:11:13:
16:94:18:9a:68:53:a1:fc:93:16:52:b6:b5:c5:3b:2a:c2:99:
95:8c:8c:7a:ac:a2:5b:22:3f:e9:6c:b8:50:94:a6:50:24:dd:
4e:eb:fd:39:e3:1b:ae:1f:0d:dc:15:f2:b9:da:7d:87:4e:10:
55:9d:ec:09:89:16:01:89:4f:1f:bd:4c:78:4d:45:b5:b2:ca:
98:b0:30:06:c6:b2:f2:20:42:a6:69:3d:d9:1d:bb:3e:c6:a6:
df:2c:e7:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtAWCFadmRtGlEklGMDCpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzN2UwMzBkNDQ2NjFhNGMyMDFlYmEwM2RlNDUyYjA0Yjhl
N2Q5ZTUwHhcNMjMwMTAxMTEwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDgyZTJlMDkwMWU2NWU1ODFjMmE0MjQ4ZTA5OTU1MjJlOWUzNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XnUOhlRJivAn/utOIwjcy+EeApD
Sh/oGVyMP9fanEd+ML0SuPx4Dexs3L/Wq2Opd6AG395nPZ+jcNiS9o+vvLtnk81r
0MIlrIUgO04urL/vqKLXauCYnoNDpeJG09NH6T8oEFBLeBz5s1Yvaoej2xFSbtK8
b/qMB7cjC4+3CCAWm7oV9FHxKhRXKCfU30t6SrgvW8b4SuQV45JB3dUCL9tEZIS5
XDM7uyTFwTVMgtsxZPNWJRAZQDRc4rkZg4wfrw73g+3jSOs2kEer2IFliwgE6BR/
6aBTHrgoLMBwR5znO0Pbc6Ixnc92Jiy2FZUP30RpDuLB6W04SIzUl/1qiwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP2C4uCQHmXlgcKkJI4JlVIunjQYMB8GA1UdIwQY
MBaAFEN+Aw1EZhpMIB66A95FKwS459nlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUt
YmJkMjEwNmYzMzcwLzEvX1lMaTRKQWVaZVdCd3FRa2pnbVZVaTZlTkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS80YmUyNTktYmU5Ni00MGZhLTg4MGUtYmJkMjEwNmYzMzcw
LzEvUTM0RERVUm1Ha3dnSHJvRDNrVXJCTGpuMmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ48AwQC
uZngAwQCubIQMA0EAgACMAcDBQMqCXTAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+96C
7+YWCVE/nkT0o6Sn1Cd8Kgs4Y5KrGC07AgK0nSVbcr93e3UGlzbMZeC3oJ88UVQ8
7553qQn9Gmd6DLPTRxfqGiY1vnRczr+L939UMX+wLYhbMO/QFwu96Bd2twFrDw3J
ID8b7iswb1tP10rHS45KPpOgWB1U+8YrLBebp8Vt0YwGlvRhyu7vZtxPUZYY/YsY
QvTmLszjOqgo3CsSERMWlBiaaFOh/JMWUra1xTsqwpmVjIx6rKJbIj/pbLhQlKZQ
JN1O6/054xuuHw3cFfK52n2HThBVnewJiRYBiU8fvUx4TUW1ssqYsDAGxrLyIEKm
aT3ZHbs+xqbfLOe9
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:36 2024 by rpki-client on console-ams.rpki-client.org