Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/YNJBW4GdKtloYQcTSJKe5xjF120.roa
File: YNJBW4GdKtloYQcTSJKe5xjF120.roa (raw, json)
Hash identifier: uV+iCDUXs9KnS0mcqrKWQSNgVQvZQDFPcp8S5pAm8Nc=
Subject key identifier: 60:D2:41:5B:81:9D:2A:D9:68:61:07:13:48:92:9E:E7:18:C5:D7:6D
Certificate issuer: /CN=fe31ddef25d96c84b001a2ac5047b04e060a0ac3
Certificate serial: 01856F1D92B2F6680419647FF78D2BB88E32
Authority key identifier: FE:31:DD:EF:25:D9:6C:84:B0:01:A2:AC:50:47:B0:4E:06:0A:0A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_jHd7yXZbISwAaKsUEewTgYKCsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/YNJBW4GdKtloYQcTSJKe5xjF120.roa
Signing time: Sun 01 Jan 2023 20:54:47 +0000
ROA not before: Sun 01 Jan 2023 20:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48492
IP address blocks: 185.56.192.0/24 maxlen: 24
185.56.192.0/22 maxlen: 22
185.56.193.0/24 maxlen: 24
185.56.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 05:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:92:b2:f6:68:04:19:64:7f:f7:8d:2b:b8:8e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe31ddef25d96c84b001a2ac5047b04e060a0ac3
Validity
Not Before: Jan 1 20:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60d2415b819d2ad96861071348929ee718c5d76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:16:d7:b4:ed:2c:bd:9d:9c:3e:35:a8:a0:89:
63:67:3c:b7:fa:0b:43:74:eb:6c:80:78:d1:12:cb:
f8:f9:da:ed:5e:f5:ae:17:20:d1:bb:4f:cb:6d:60:
b9:47:9d:78:f5:2c:cb:21:9c:7d:16:90:7f:f8:56:
e2:47:70:f9:28:1d:29:97:48:7c:b8:f7:dd:ef:e1:
2f:2a:54:c3:ee:c1:ca:8b:ef:c2:11:24:da:db:71:
62:3d:13:33:b5:95:f7:d3:ff:9d:ab:72:0f:ff:ec:
88:be:43:df:e4:26:85:4f:53:57:dc:1a:af:4b:ad:
a9:1c:f4:fd:21:4a:46:36:18:f3:66:f2:9d:32:1b:
66:2c:cc:e4:9b:b1:60:8f:9e:68:e9:5f:4c:9c:ae:
cf:82:65:ce:bb:e4:23:b6:b6:0b:08:b2:99:31:5a:
4a:0c:30:c0:8d:fb:7d:e0:48:bd:04:25:ed:7f:0a:
e3:3c:3c:fe:78:ce:eb:cc:46:88:33:32:5d:7c:d0:
8c:b1:68:90:0e:8d:50:a3:86:68:c9:52:bb:cd:fc:
80:7f:1c:5b:3a:e9:b0:ad:d9:dc:9b:90:24:d0:69:
42:d8:cc:12:10:d8:21:1f:c5:2c:d5:13:93:1c:20:
07:ea:93:b4:25:fd:aa:f8:83:a3:16:b0:75:f0:40:
92:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D2:41:5B:81:9D:2A:D9:68:61:07:13:48:92:9E:E7:18:C5:D7:6D
X509v3 Authority Key Identifier:
keyid:FE:31:DD:EF:25:D9:6C:84:B0:01:A2:AC:50:47:B0:4E:06:0A:0A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_jHd7yXZbISwAaKsUEewTgYKCsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/YNJBW4GdKtloYQcTSJKe5xjF120.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/7c0f14-5b24-4b1b-8eb5-b4d8c2b7a103/1/_jHd7yXZbISwAaKsUEewTgYKCsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.192.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:58:84:d2:b1:69:bd:24:51:43:4f:51:92:1b:e5:ea:b6:c6:
99:fe:45:37:b7:db:09:50:57:85:04:d2:20:28:ba:2f:1a:30:
35:a1:e3:48:38:f8:fd:b3:2a:6d:d7:95:fa:8d:31:7a:7f:d5:
3c:0d:ca:f3:77:da:ee:40:37:ee:30:6b:2a:4e:6e:21:10:8b:
0b:7a:bd:c0:32:7e:8e:dd:58:37:97:dc:a0:f9:eb:f9:d8:e6:
76:18:1c:6c:d8:f0:e3:0d:cf:82:ec:c1:54:8b:6e:cb:14:ac:
3f:e8:80:df:8f:ca:66:11:f9:85:da:19:a3:e2:38:f2:08:53:
41:1a:03:1a:3e:f0:0b:74:e9:10:4e:5a:65:89:71:89:73:b4:
e5:a4:59:8c:15:e1:7a:68:d1:99:5a:56:f6:a8:4c:ab:e9:1f:
a6:5e:46:d4:ef:70:90:1e:97:87:1c:1d:89:1e:e3:93:e7:03:
32:81:96:6f:41:71:9b:2a:54:26:a1:d6:60:2d:fb:07:6c:82:
35:95:15:7c:59:dc:92:90:ac:23:42:db:b0:77:39:7f:91:e9:
f9:dc:27:5b:5e:7d:33:54:47:f6:e6:5b:5b:77:ec:7e:e3:74:
83:91:b3:f5:e3:7f:b8:0b:b2:72:02:91:e6:bb:36:2c:48:b1:
4d:48:32:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZKy9mgEGWR/940ruI4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlMzFkZGVmMjVkOTZjODRiMDAxYTJhYzUwNDdiMDRlMDYw
YTBhYzMwHhcNMjMwMTAxMjA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQyNDE1YjgxOWQyYWQ5Njg2MTA3MTM0ODkyOWVlNzE4YzVkNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBbXtO0svZ2cPjWooIljZzy3+gtD
dOtsgHjREsv4+drtXvWuFyDRu0/LbWC5R5149SzLIZx9FpB/+FbiR3D5KB0pl0h8
uPfd7+EvKlTD7sHKi+/CESTa23FiPRMztZX30/+dq3IP/+yIvkPf5CaFT1NX3Bqv
S62pHPT9IUpGNhjzZvKdMhtmLMzkm7Fgj55o6V9MnK7PgmXOu+QjtrYLCLKZMVpK
DDDAjft94Ei9BCXtfwrjPDz+eM7rzEaIMzJdfNCMsWiQDo1Qo4ZoyVK7zfyAfxxb
Oumwrdncm5Ak0GlC2MwSENghH8Us1ROTHCAH6pO0Jf2q+IOjFrB18ECSVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDSQVuBnSrZaGEHE0iSnucYxddtMB8GA1UdIwQY
MBaAFP4x3e8l2WyEsAGirFBHsE4GCgrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2pIZDd5WFpiSVN3QWFLc1VFZXdUZ1lLQ3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83YzBmMTQtNWIyNC00YjFiLThlYjUt
YjRkOGMyYjdhMTAzLzEvWU5KQlc0R2RLdGxvWVFjVFNKS2U1eGpGMTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83YzBmMTQtNWIyNC00YjFiLThlYjUtYjRkOGMyYjdhMTAz
LzEvX2pIZDd5WFpiSVN3QWFLc1VFZXdUZ1lLQ3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTjAMA0G
CSqGSIb3DQEBCwUAA4IBAQCbWITSsWm9JFFDT1GSG+XqtsaZ/kU3t9sJUFeFBNIg
KLovGjA1oeNIOPj9sypt15X6jTF6f9U8Dcrzd9ruQDfuMGsqTm4hEIsLer3AMn6O
3Vg3l9yg+ev52OZ2GBxs2PDjDc+C7MFUi27LFKw/6IDfj8pmEfmF2hmj4jjyCFNB
GgMaPvALdOkQTlpliXGJc7TlpFmMFeF6aNGZWlb2qEyr6R+mXkbU73CQHpeHHB2J
HuOT5wMygZZvQXGbKlQmodZgLfsHbII1lRV8WdySkKwjQtuwdzl/ken53CdbXn0z
VEf25ltbd+x+43SDkbP143+4C7JyApHmuzYsSLFNSDJr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:08 2024 by rpki-client on console-ams.rpki-client.org