Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/yiHyQwZcFjLa0rsQq8JPD8ooKTI.roa
File: yiHyQwZcFjLa0rsQq8JPD8ooKTI.roa (raw, json)
Hash identifier: ZasMU9fAlzsIoZ/apgA7JHAqvH8PudGXLtP8eQ4DCB8=
Subject key identifier: CA:21:F2:43:06:5C:16:32:DA:D2:BB:10:AB:C2:4F:0F:CA:28:29:32
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 0189F51DF3B82039C1489B9BC2186D071F8F
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/yiHyQwZcFjLa0rsQq8JPD8ooKTI.roa
Signing time: Mon 14 Aug 2023 17:35:28 +0000
ROA not before: Mon 14 Aug 2023 17:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 2a05:541:125::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f5:1d:f3:b8:20:39:c1:48:9b:9b:c2:18:6d:07:1f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Aug 14 17:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca21f243065c1632dad2bb10abc24f0fca282932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:66:3d:96:45:3b:6b:26:e6:79:65:71:c6:c8:
74:b6:e2:33:76:9a:92:a9:c4:55:3e:cd:40:4f:aa:
08:76:0e:5c:98:0c:88:15:ba:e8:ed:ad:32:0c:bb:
57:5b:e8:05:ce:ed:58:4e:2f:b3:2b:18:ad:f4:4e:
23:9b:51:16:f9:e0:53:3b:30:30:ab:10:fb:c5:67:
48:a2:7b:4d:87:f2:08:3b:3d:27:cc:2a:88:d6:3b:
69:66:b8:5d:79:e7:26:c3:ad:13:93:fb:56:fa:00:
9c:52:06:9c:d2:9d:f7:5d:37:b0:fb:04:a7:39:dd:
f2:50:23:00:b8:0a:f7:61:5c:18:98:fc:ec:3e:54:
2c:2d:37:6a:d3:c5:af:80:dd:86:f6:47:95:c5:10:
cd:67:9b:b2:f8:3a:bb:f6:cf:2a:c3:3c:62:3f:73:
49:b6:80:70:f3:4a:06:af:34:3a:1a:76:d3:fc:dc:
fa:e8:09:b8:7b:87:ec:15:e3:b3:93:3b:67:83:3e:
e1:a3:bc:d2:45:39:e6:a8:18:6b:9a:79:0e:0f:bf:
ea:32:17:63:26:e6:92:8a:28:d1:b9:ec:68:21:62:
2c:16:28:4e:e4:10:65:70:46:36:47:bb:19:d9:95:
dc:99:f1:cd:71:c3:81:b2:41:23:53:d7:b3:de:ce:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:21:F2:43:06:5C:16:32:DA:D2:BB:10:AB:C2:4F:0F:CA:28:29:32
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/yiHyQwZcFjLa0rsQq8JPD8ooKTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:109::/48
2a05:541:114::/48
2a05:541:119::/48
2a05:541:121::-2a05:541:123:ffff:ffff:ffff:ffff:ffff
2a05:541:125::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::/48
Signature Algorithm: sha256WithRSAEncryption
22:89:1a:b5:1a:9e:c2:ca:81:8b:04:cd:81:47:ae:7e:8c:eb:
5f:c9:fc:38:da:0a:00:18:3b:2e:ef:66:de:ee:dd:b7:73:6d:
cc:b9:7a:53:d5:d7:fe:0c:2b:c7:ee:5b:85:5a:ea:3d:d5:5e:
cd:f5:4a:0b:1a:2d:51:56:9b:96:f9:7c:cc:30:03:9d:a9:0e:
7f:50:cd:fe:06:02:8a:71:84:cf:94:13:6d:02:71:e8:83:3f:
aa:e4:12:da:f0:36:93:20:2e:b3:d6:03:02:9b:9d:2a:26:a8:
22:7e:05:27:bb:61:f5:23:bb:80:e8:a9:17:99:19:42:bc:85:
47:7a:a6:87:bd:f4:7e:b4:60:1b:b3:5d:4f:eb:fd:3b:a1:12:
50:41:09:31:3d:b8:d4:79:ec:0f:b5:57:c9:d0:17:67:3f:72:
62:7b:d5:8f:04:b9:d0:00:d9:08:f9:6b:f1:4d:38:ff:11:d4:
6f:69:5d:06:22:e2:2d:8d:29:c1:c6:79:7d:dd:40:78:d7:0d:
58:4e:26:33:6f:9f:4d:88:a1:b7:46:68:93:8b:c0:6b:25:33:
51:4c:f6:5a:b5:0b:c0:fb:5a:87:56:fa:09:13:c9:fe:01:6b:
9a:7f:7c:03:b7:d8:af:2e:32:1c:a6:fa:3b:e4:c0:8a:16:90:
ba:14:86:0f
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYn1HfO4IDnBSJubwhhtBx+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwODE0MTczNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTIxZjI0MzA2NWMxNjMyZGFkMmJiMTBhYmMyNGYwZmNhMjgyOTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmY9lkU7aybmeWVxxsh0tuIzdpqS
qcRVPs1AT6oIdg5cmAyIFbro7a0yDLtXW+gFzu1YTi+zKxit9E4jm1EW+eBTOzAw
qxD7xWdIontNh/IIOz0nzCqI1jtpZrhdeecmw60Tk/tW+gCcUgac0p33XTew+wSn
Od3yUCMAuAr3YVwYmPzsPlQsLTdq08WvgN2G9keVxRDNZ5uy+Dq79s8qwzxiP3NJ
toBw80oGrzQ6GnbT/Nz66Am4e4fsFeOzkztngz7ho7zSRTnmqBhrmnkOD7/qMhdj
JuaSiijRuexoIWIsFihO5BBlcEY2R7sZ2ZXcmfHNccOBskEjU9ez3s6YowIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFMoh8kMGXBYy2tK7EKvCTw/KKCkyMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEveWlIeVF3WmNGakxhMHJzUXE4SlBEOG9vS1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAAjBVAwcAKgUFQQEJ
AwcAKgUFQQEUAwcAKgUFQQEZMBIDBwAqBQVBASEDBwIqBQVBASAwEgMHACoFBUEB
JQMHAyoFBUEBIAMHACoFBUEBKQMHACoFBUEBMTANBgkqhkiG9w0BAQsFAAOCAQEA
IokatRqewsqBiwTNgUeufozrX8n8ONoKABg7Lu9m3u7dt3NtzLl6U9XX/gwrx+5b
hVrqPdVezfVKCxotUVablvl8zDADnakOf1DN/gYCinGEz5QTbQJx6IM/quQS2vA2
kyAus9YDApudKiaoIn4FJ7th9SO7gOipF5kZQryFR3qmh730frRgG7NdT+v9O6ES
UEEJMT241HnsD7VXydAXZz9yYnvVjwS50ADZCPlr8U04/xHUb2ldBiLiLY0pwcZ5
fd1AeNcNWE4mM2+fTYiht0Zok4vAayUzUUz2WrULwPtah1b6CRPJ/gFrmn98A7fY
ry4yHKb6O+TAihaQuhSGDw==
-----END CERTIFICATE-----
Generated at Thu Aug 17 17:36:49 2023 by rpki-client on console-fra.rpki-client.org