Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/Yq9sUbmfd06sVg0fQoDp0N-HnKc.roa
File: Yq9sUbmfd06sVg0fQoDp0N-HnKc.roa (raw, json)
Hash identifier: RNjJpyv3L/4Omv4fiiiV8tBAQnEPbHQW3bwmX6UUvCM=
Subject key identifier: 62:AF:6C:51:B9:9F:77:4E:AC:56:0D:1F:42:80:E9:D0:DF:87:9C:A7
Certificate issuer: /CN=ef1f01881b73c8e9b5d92239229a6e512eca4e7c
Certificate serial: 018570150BCBDDBCAD829B3424C5BF16D6F8
Authority key identifier: EF:1F:01:88:1B:73:C8:E9:B5:D9:22:39:22:9A:6E:51:2E:CA:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7x8BiBtzyOm12SI5IppuUS7KTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/Yq9sUbmfd06sVg0fQoDp0N-HnKc.roa
Signing time: Mon 02 Jan 2023 01:25:05 +0000
ROA not before: Mon 02 Jan 2023 01:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202751
IP address blocks: 185.155.180.0/24 maxlen: 24
2a00:8c40:239::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:0b:cb:dd:bc:ad:82:9b:34:24:c5:bf:16:d6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1f01881b73c8e9b5d92239229a6e512eca4e7c
Validity
Not Before: Jan 2 01:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62af6c51b99f774eac560d1f4280e9d0df879ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a9:be:a5:13:b5:87:15:49:29:a6:7f:a5:d8:
28:4c:99:6b:22:cc:7e:98:d0:b9:7d:f7:7f:02:3d:
f1:38:b3:7a:2e:f6:bf:13:e8:8d:ce:fc:44:c1:a5:
1a:e0:f2:db:73:e7:a4:75:4a:de:48:9d:8e:34:da:
c3:42:eb:b5:ef:13:b8:fe:08:27:95:9c:18:fb:94:
95:cc:90:5e:76:4b:97:5e:f7:79:b3:69:06:90:e4:
74:94:7c:e0:9b:3a:ab:01:e2:ae:a9:52:c8:c9:08:
68:51:79:5b:8a:21:84:01:0c:a3:6c:df:83:0d:17:
06:7c:5f:dd:ba:97:b6:d1:46:e1:02:9c:29:e2:16:
47:79:ed:05:36:03:37:e1:d1:af:1f:fb:16:29:f3:
84:08:73:4a:82:dd:27:5f:cf:aa:d4:ed:52:92:18:
e5:ca:7e:96:4e:5d:c2:78:2e:94:04:48:e3:c7:c5:
87:e0:2c:c7:97:e2:17:ee:2b:3f:fe:29:4e:39:c6:
70:5e:3a:9b:08:e6:61:62:c5:f8:7c:2b:87:3d:57:
0b:9d:64:f1:68:36:8a:c5:cc:3a:12:27:f7:31:b9:
f8:6f:94:2f:51:14:03:51:9a:fc:90:04:72:6b:19:
9b:ab:be:72:7b:8f:a7:bd:43:48:e5:61:94:e2:f0:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AF:6C:51:B9:9F:77:4E:AC:56:0D:1F:42:80:E9:D0:DF:87:9C:A7
X509v3 Authority Key Identifier:
keyid:EF:1F:01:88:1B:73:C8:E9:B5:D9:22:39:22:9A:6E:51:2E:CA:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7x8BiBtzyOm12SI5IppuUS7KTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/Yq9sUbmfd06sVg0fQoDp0N-HnKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/675399-81be-4fec-9f86-55131cc1efea/1/7x8BiBtzyOm12SI5IppuUS7KTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.180.0/24
IPv6:
2a00:8c40:239::/48
Signature Algorithm: sha256WithRSAEncryption
4e:48:5a:91:e0:16:c8:fe:0f:6d:8c:59:80:11:f2:5e:3d:a8:
d6:cd:ef:db:95:cd:e9:72:d9:d9:a7:31:71:b9:93:a4:b5:3f:
38:c2:e7:51:49:8e:38:20:d4:5d:0a:78:81:1a:d8:25:fd:70:
e3:a6:f9:c6:ac:44:85:38:84:6e:e3:d1:40:b3:53:32:b7:6d:
1a:28:ef:45:e3:83:b0:28:fa:0a:d5:03:5e:0b:09:7b:1e:5e:
d5:6d:a6:be:23:58:a4:d2:ca:b8:19:9e:7a:fb:a6:c1:01:10:
34:23:2a:43:67:72:de:a1:80:55:20:99:a4:8c:22:07:0e:64:
b0:d0:e6:9b:ce:e5:fc:03:cd:71:09:a1:2b:53:a7:b5:9c:63:
68:cd:50:23:df:59:20:71:f7:b0:ea:9d:d2:e0:b5:da:2d:53:
ec:34:23:69:2f:29:fd:21:b4:85:8b:21:3b:6d:06:2e:80:e9:
cc:77:07:0e:bd:b4:6b:0a:9e:7e:13:7c:5d:15:42:aa:9a:c9:
55:68:f8:d7:96:43:ab:6e:a6:50:20:38:b8:f3:a1:a0:99:79:
2a:92:f2:3c:7d:fa:52:9c:c9:fb:a9:3b:1c:00:31:21:6c:03:
3f:c3:38:51:86:6b:bb:a9:8c:aa:ac:68:a6:30:f8:71:62:1b:
25:41:52:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwFQvL3bytgps0JMW/Ftb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWYwMTg4MWI3M2M4ZTliNWQ5MjIzOTIyOWE2ZTUxMmVj
YTRlN2MwHhcNMjMwMTAyMDEyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFmNmM1MWI5OWY3NzRlYWM1NjBkMWY0MjgwZTlkMGRmODc5Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAham+pRO1hxVJKaZ/pdgoTJlrIsx+
mNC5ffd/Aj3xOLN6Lva/E+iNzvxEwaUa4PLbc+ekdUreSJ2ONNrDQuu17xO4/ggn
lZwY+5SVzJBedkuXXvd5s2kGkOR0lHzgmzqrAeKuqVLIyQhoUXlbiiGEAQyjbN+D
DRcGfF/dupe20UbhApwp4hZHee0FNgM34dGvH/sWKfOECHNKgt0nX8+q1O1Skhjl
yn6WTl3CeC6UBEjjx8WH4CzHl+IX7is//ilOOcZwXjqbCOZhYsX4fCuHPVcLnWTx
aDaKxcw6Eif3Mbn4b5QvURQDUZr8kARyaxmbq75ye4+nvUNI5WGU4vCjPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGKvbFG5n3dOrFYNH0KA6dDfh5ynMB8GA1UdIwQY
MBaAFO8fAYgbc8jptdkiOSKablEuyk58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3g4QmlCdHp5T20xMlNJNUlwcHVVUzdLVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS82NzUzOTktODFiZS00ZmVjLTlmODYt
NTUxMzFjYzFlZmVhLzEvWXE5c1VibWZkMDZzVmcwZlFvRHAwTi1IbktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS82NzUzOTktODFiZS00ZmVjLTlmODYtNTUxMzFjYzFlZmVh
LzEvN3g4QmlCdHp5T20xMlNJNUlwcHVVUzdLVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZu0MA8E
AgACMAkDBwAqAIxAAjkwDQYJKoZIhvcNAQELBQADggEBAE5IWpHgFsj+D22MWYAR
8l49qNbN79uVzely2dmnMXG5k6S1PzjC51FJjjgg1F0KeIEa2CX9cOOm+casRIU4
hG7j0UCzUzK3bRoo70Xjg7Ao+grVA14LCXseXtVtpr4jWKTSyrgZnnr7psEBEDQj
KkNnct6hgFUgmaSMIgcOZLDQ5pvO5fwDzXEJoStTp7WcY2jNUCPfWSBx97DqndLg
tdotU+w0I2kvKf0htIWLITttBi6A6cx3Bw69tGsKnn4TfF0VQqqayVVo+NeWQ6tu
plAgOLjzoaCZeSqS8jx9+lKcyfupOxwAMSFsAz/DOFGGa7upjKqsaKYw+HFiGyVB
Uuw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:31 2024 by rpki-client on console-ams.rpki-client.org