Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/yhokhq5sjcm9LtzFWZGex3BKTD8.roa
File: yhokhq5sjcm9LtzFWZGex3BKTD8.roa (raw, json)
Hash identifier: IHFO9qb/xtlpyuoDWxnq03pNnx+57bVZ+HV6OPErnno=
Subject key identifier: CA:1A:24:86:AE:6C:8D:C9:BD:2E:DC:C5:59:91:9E:C7:70:4A:4C:3F
Certificate issuer: /CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Certificate serial: 018FEBA89F3B8B3462F38F93922F610545A4
Authority key identifier: 6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/yhokhq5sjcm9LtzFWZGex3BKTD8.roa
Signing time: Thu 06 Jun 2024 03:47:27 +0000
ROA not before: Thu 06 Jun 2024 03:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202513
IP address blocks: 185.98.16.0/22 maxlen: 24
185.249.148.0/22 maxlen: 24
2a0c:97c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 17 Jun 2024 21:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:eb:a8:9f:3b:8b:34:62:f3:8f:93:92:2f:61:05:45:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d85061361b19f212efe90c2d8cf3eee617f20e5
Validity
Not Before: Jun 6 03:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca1a2486ae6c8dc9bd2edcc559919ec7704a4c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:10:a7:3a:3b:20:a7:d0:ef:6d:02:97:41:78:
b7:a3:1a:42:19:19:74:e1:af:e4:a2:b1:03:ae:99:
35:ce:d8:7a:37:df:e4:04:84:29:76:ea:0e:d5:51:
ec:f0:57:e8:55:81:cd:9b:b4:13:92:63:86:af:10:
60:f8:e6:91:39:79:af:6b:ff:a8:aa:d9:5c:7d:07:
76:97:22:bb:a9:ab:1e:f7:7d:53:58:a6:f1:94:ff:
c7:d1:aa:93:83:90:09:f6:39:b6:d0:52:fd:7c:81:
c6:8b:57:53:8c:ff:ae:c7:1d:17:67:2a:54:db:c6:
c4:5c:62:7a:70:64:c1:b9:90:89:59:ba:50:0b:d7:
b6:f2:f0:4c:f4:08:15:2f:e2:4a:90:52:1a:48:38:
e9:98:74:58:fc:e6:3d:d5:ae:2d:01:7b:f3:1b:2e:
95:8b:d0:a9:a8:dc:2e:92:1b:b0:d8:31:42:00:45:
43:a1:c1:ca:e1:5d:dd:db:33:4b:2c:ae:e5:15:c1:
43:44:3d:83:37:e9:3f:26:ea:86:47:ba:3c:42:60:
c6:bd:58:51:73:c6:d0:a1:67:c2:cf:f5:b9:d4:f3:
45:33:1f:15:dc:60:ef:dd:6a:6c:51:88:0d:a1:5d:
1a:51:a9:cd:e5:34:22:2c:49:ee:7c:01:ef:00:62:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1A:24:86:AE:6C:8D:C9:BD:2E:DC:C5:59:91:9E:C7:70:4A:4C:3F
X509v3 Authority Key Identifier:
keyid:6D:85:06:13:61:B1:9F:21:2E:FE:90:C2:D8:CF:3E:EE:61:7F:20:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYUGE2GxnyEu_pDC2M8-7mF_IOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/yhokhq5sjcm9LtzFWZGex3BKTD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/7e7b8b-79e0-4f51-b866-67ad60d386dd/1/bYUGE2GxnyEu_pDC2M8-7mF_IOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.16.0/22
185.249.148.0/22
IPv6:
2a0c:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:43:36:65:40:87:98:70:ab:eb:31:da:58:db:2c:47:d1:d8:
82:06:92:63:19:13:e0:62:1a:f4:fb:47:3c:d7:42:06:8c:20:
25:55:91:cd:46:50:fd:88:db:37:a3:95:73:52:3d:ef:67:0a:
08:40:56:bc:b1:50:1f:a2:bf:d2:71:bb:4e:60:86:dc:eb:bc:
2d:a3:e9:6c:02:b5:f5:6d:07:87:ff:a9:2a:47:c7:c1:0a:04:
c4:72:5c:85:3a:92:57:a5:d0:b8:e6:c8:ae:cb:a5:3c:f9:97:
c7:30:d5:0c:8a:29:22:b1:a1:d7:5d:e4:d0:28:52:86:26:5b:
a9:2c:1e:f4:a7:2a:29:47:92:e5:58:18:8a:a7:5d:67:de:42:
63:1a:38:60:0f:5d:4e:15:c9:fe:57:dd:7d:b2:aa:4a:8f:26:
da:c6:c1:99:ea:63:2e:33:6b:53:b7:d1:bc:ce:5e:59:23:3f:
d5:98:d6:d1:e3:a9:db:d9:e0:76:41:62:35:04:84:08:3c:94:
28:26:da:88:60:47:cd:3c:f1:6a:e9:59:d9:98:48:8b:75:7b:
e9:45:1c:25:91:dc:69:6a:88:2f:12:a6:47:cf:a8:01:e8:de:
8b:ed:b4:7f:0c:91:06:9d:ea:d9:5c:e1:e8:f1:c6:d6:da:c8:
60:0e:77:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/rqJ87izRi84+Tki9hBUWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkODUwNjEzNjFiMTlmMjEyZWZlOTBjMmQ4Y2YzZWVlNjE3
ZjIwZTUwHhcNMjQwNjA2MDM0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFhMjQ4NmFlNmM4ZGM5YmQyZWRjYzU1OTkxOWVjNzcwNGE0YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBCnOjsgp9DvbQKXQXi3oxpCGRl0
4a/korEDrpk1zth6N9/kBIQpduoO1VHs8FfoVYHNm7QTkmOGrxBg+OaROXmva/+o
qtlcfQd2lyK7qase931TWKbxlP/H0aqTg5AJ9jm20FL9fIHGi1dTjP+uxx0XZypU
28bEXGJ6cGTBuZCJWbpQC9e28vBM9AgVL+JKkFIaSDjpmHRY/OY91a4tAXvzGy6V
i9CpqNwukhuw2DFCAEVDocHK4V3d2zNLLK7lFcFDRD2DN+k/JuqGR7o8QmDGvVhR
c8bQoWfCz/W51PNFMx8V3GDv3WpsUYgNoV0aUanN5TQiLEnufAHvAGKjNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMoaJIaubI3JvS7cxVmRnsdwSkw/MB8GA1UdIwQY
MBaAFG2FBhNhsZ8hLv6QwtjPPu5hfyDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYllVR0UyR3hueUV1X3BEQzJNOC03bUZfSU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83ZTdiOGItNzllMC00ZjUxLWI4NjYt
NjdhZDYwZDM4NmRkLzEveWhva2hxNXNqY205THR6RldaR2V4M0JLVEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83ZTdiOGItNzllMC00ZjUxLWI4NjYtNjdhZDYwZDM4NmRk
LzEvYllVR0UyR3hueUV1X3BEQzJNOC03bUZfSU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWIQAwQC
ufmUMA0EAgACMAcDBQMqDJfAMA0GCSqGSIb3DQEBCwUAA4IBAQB8QzZlQIeYcKvr
MdpY2yxH0diCBpJjGRPgYhr0+0c810IGjCAlVZHNRlD9iNs3o5VzUj3vZwoIQFa8
sVAfor/ScbtOYIbc67wto+lsArX1bQeH/6kqR8fBCgTEclyFOpJXpdC45siuy6U8
+ZfHMNUMiikisaHXXeTQKFKGJlupLB70pyopR5LlWBiKp11n3kJjGjhgD11OFcn+
V919sqpKjybaxsGZ6mMuM2tTt9G8zl5ZIz/VmNbR46nb2eB2QWI1BIQIPJQoJtqI
YEfNPPFq6VnZmEiLdXvpRRwlkdxpaogvEqZHz6gB6N6L7bR/DJEGnerZXOHo8cbW
2shgDnc5
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:16:20 2025 by rpki-client