Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/yGXTtaL9BMm10aFGDN6gLUmGuc4.roa
File: yGXTtaL9BMm10aFGDN6gLUmGuc4.roa (raw, json)
Hash identifier: WOKknGci9ov6WJD2dC2chJAqQlS6QI/nOmDI9+z6Z6k=
Subject key identifier: C8:65:D3:B5:A2:FD:04:C9:B5:D1:A1:46:0C:DE:A0:2D:49:86:B9:CE
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 018A2D5454F3A2216B06A5458FB89DB3B959
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/yGXTtaL9BMm10aFGDN6gLUmGuc4.roa
Signing time: Fri 25 Aug 2023 15:33:36 +0000
ROA not before: Fri 25 Aug 2023 15:33:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206617
IP address blocks: 188.241.251.0/24 maxlen: 24
195.2.218.0/23 maxlen: 23
193.178.224.0/23 maxlen: 23
185.18.24.0/22 maxlen: 24
31.14.184.0/21 maxlen: 24
188.213.16.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
93.114.170.0/24 maxlen: 24
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.167.52.0/22 maxlen: 24
89.40.234.0/23 maxlen: 23
89.32.152.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2d:54:54:f3:a2:21:6b:06:a5:45:8f:b8:9d:b3:b9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Aug 25 15:33:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c865d3b5a2fd04c9b5d1a1460cdea02d4986b9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2a:02:43:a0:1c:60:d7:01:9d:11:c6:e2:30:
f1:38:d3:52:65:d0:e3:52:83:42:a8:7f:ee:13:77:
3d:4e:f3:2f:1e:4c:fa:38:5f:75:85:69:19:b2:cc:
8c:38:2a:d5:45:5e:a6:ce:36:60:71:76:b6:c8:41:
5e:77:1d:a6:38:b3:ac:d6:33:1a:31:fa:88:e2:72:
4a:dd:05:54:65:7a:31:ea:8f:cd:43:73:4a:8b:f2:
a8:91:65:ce:8e:63:88:1f:47:c6:d2:f2:63:ca:66:
c6:eb:d8:97:53:07:15:f8:f8:b2:5a:59:3e:41:0a:
ea:7d:ce:c2:dc:07:39:65:a1:91:97:95:5a:04:cb:
96:8b:49:f6:37:ed:85:0f:30:2f:c8:d5:9c:28:79:
97:bd:15:11:88:e5:57:95:43:39:ba:b0:dd:3f:29:
5f:23:60:79:c7:cf:4a:ff:27:e4:ab:08:ed:74:43:
3f:b4:16:69:82:48:23:5f:03:66:b4:a0:e0:be:d5:
93:37:bd:7d:a0:67:f8:09:bd:e0:89:17:ba:58:55:
dd:f2:c4:04:e4:37:a7:fc:6a:22:4f:53:c7:b5:e7:
aa:92:46:f5:96:a2:e6:54:bd:65:0d:75:86:8d:bc:
25:32:81:b2:16:4c:de:b6:bc:b5:8a:05:6a:07:b3:
fa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:65:D3:B5:A2:FD:04:C9:B5:D1:A1:46:0C:DE:A0:2D:49:86:B9:CE
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/yGXTtaL9BMm10aFGDN6gLUmGuc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
01:0d:ae:c2:68:a5:3d:e6:ff:90:05:66:73:3e:b1:5d:90:b1:
21:02:9a:4a:a1:5d:1c:7e:e9:99:ca:1c:24:55:63:d5:3a:64:
5c:6c:f1:09:ab:71:93:9c:70:33:ad:34:46:4a:9f:7e:00:5c:
db:14:a1:e7:72:c9:7a:d4:b3:ae:05:9b:ba:d7:3e:80:cb:76:
8d:4f:45:ba:9e:ea:0e:b3:9a:32:aa:e2:22:48:f8:9a:39:13:
0b:d7:f2:0a:a4:9a:ed:73:9a:89:ac:69:9c:e9:98:94:ee:70:
fa:7c:cd:12:38:8e:15:95:d3:0a:6c:d2:8e:c9:5b:61:09:74:
98:c7:15:b4:90:7f:d2:5e:08:19:73:b4:9b:ce:21:d7:44:38:
07:74:e1:7e:9a:ad:28:4b:2a:7e:58:7d:2c:13:e2:4c:4b:c0:
56:4e:7e:3b:6e:63:8b:34:b2:88:c2:6c:ab:0d:a2:1f:1e:01:
60:72:66:07:82:d8:a3:e4:ac:72:63:02:3c:96:34:2d:ba:cf:
a6:bf:24:6f:12:69:2f:b3:08:71:31:3c:f8:4e:96:8b:c2:6c:
ea:bd:6e:03:a6:d5:a4:fc:cb:af:e8:63:66:17:f8:83:df:8e:
00:7f:86:87:ff:4d:c0:b5:6e:f9:e7:f7:7b:40:ed:eb:85:22:
fa:25:2c:0a
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYotVFTzoiFrBqVFj7ids7lZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjMwODI1MTUzMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY1ZDNiNWEyZmQwNGM5YjVkMWExNDYwY2RlYTAyZDQ5ODZiOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSoCQ6AcYNcBnRHG4jDxONNSZdDj
UoNCqH/uE3c9TvMvHkz6OF91hWkZssyMOCrVRV6mzjZgcXa2yEFedx2mOLOs1jMa
MfqI4nJK3QVUZXox6o/NQ3NKi/KokWXOjmOIH0fG0vJjymbG69iXUwcV+PiyWlk+
QQrqfc7C3Ac5ZaGRl5VaBMuWi0n2N+2FDzAvyNWcKHmXvRURiOVXlUM5urDdPylf
I2B5x89K/yfkqwjtdEM/tBZpgkgjXwNmtKDgvtWTN719oGf4Cb3giRe6WFXd8sQE
5Den/GoiT1PHteeqkkb1lqLmVL1lDXWGjbwlMoGyFkzetry1igVqB7P6mQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFMhl07Wi/QTJtdGhRgzeoC1JhrnOMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEveUdYVHRhTDlCTW0xMGFGR0RONmdMVW1HdWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAAQ2uwmilPeb/kAVmcz6x
XZCxIQKaSqFdHH7pmcocJFVj1TpkXGzxCatxk5xwM600RkqffgBc2xSh53LJetSz
rgWbutc+gMt2jU9Fup7qDrOaMqriIkj4mjkTC9fyCqSa7XOaiaxpnOmYlO5w+nzN
EjiOFZXTCmzSjslbYQl0mMcVtJB/0l4IGXO0m84h10Q4B3ThfpqtKEsqflh9LBPi
TEvAVk5+O25jizSyiMJsqw2iHx4BYHJmB4LYo+SscmMCPJY0LbrPpr8kbxJpL7MI
cTE8+E6Wi8Js6r1uA6bVpPzLr+hjZhf4g9+OAH+Gh/9NwLVu+ef3e0Dt64Ui+iUs
Cg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:30 2024 by rpki-client on console-fra.rpki-client.org