Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/yoOvgZR3QbD0sUdFGi1qwRFJ0nQ.roa
File: yoOvgZR3QbD0sUdFGi1qwRFJ0nQ.roa (raw, json)
Hash identifier: yWyHUAx6hNtny15LCKUywHsPsPbizU0b8o/aUJaWmDc=
Subject key identifier: CA:83:AF:81:94:77:41:B0:F4:B1:47:45:1A:2D:6A:C1:11:49:D2:74
Certificate issuer: /CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Certificate serial: 01856D5CF7755510B6E3A2905223871D4464
Authority key identifier: 23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/yoOvgZR3QbD0sUdFGi1qwRFJ0nQ.roa
Signing time: Sun 01 Jan 2023 12:44:47 +0000
ROA not before: Sun 01 Jan 2023 12:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201701
IP address blocks: 185.66.192.0/22 maxlen: 22
185.66.193.0/24 maxlen: 24
185.66.195.0/24 maxlen: 24
185.66.194.0/24 maxlen: 24
2a03:2260:1000::/36 maxlen: 36
2a03:2260:3000::/36 maxlen: 36
2a03:2260:2000::/36 maxlen: 36
2a03:2260::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f7:75:55:10:b6:e3:a2:90:52:23:87:1d:44:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Validity
Not Before: Jan 1 12:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca83af81947741b0f4b147451a2d6ac11149d274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:62:db:e0:97:15:ed:88:cc:e9:96:78:24:
8a:3e:60:65:c0:98:08:33:82:e9:55:13:2d:ca:8c:
01:ff:de:50:e7:30:34:16:fa:ff:e4:76:6e:01:7a:
1a:24:48:0e:d7:3f:07:ab:75:ff:c0:6c:56:b2:3c:
f4:e3:12:75:7b:24:00:71:05:ed:7c:a2:5c:be:06:
42:97:bd:8d:20:88:df:be:10:f3:d9:38:14:3c:0d:
2b:37:1a:ef:ca:92:a9:61:17:bf:80:93:c0:e8:b9:
f7:16:5b:8d:3b:71:30:f3:43:4d:66:9a:74:ea:ef:
f6:fb:38:a0:b3:ca:46:09:fe:25:47:eb:f8:c9:11:
3b:d0:58:99:de:60:bb:f6:eb:71:68:cc:b5:dc:64:
ce:33:75:04:a3:90:f3:c2:ca:3a:28:7a:42:69:d3:
e1:2b:b1:f6:29:91:b3:97:d5:e7:7f:61:7e:6b:97:
2e:58:4c:43:66:ac:6a:77:50:f9:2f:61:6b:86:de:
85:90:8f:1f:1b:e9:6e:95:ed:72:03:47:f6:d9:e9:
6a:71:28:35:4b:b0:9a:7f:e5:df:bd:97:a3:c2:65:
aa:2f:79:36:ec:86:62:96:80:10:ab:b5:f8:23:e7:
d3:60:51:de:66:0a:80:19:d6:19:48:03:c7:a7:48:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:83:AF:81:94:77:41:B0:F4:B1:47:45:1A:2D:6A:C1:11:49:D2:74
X509v3 Authority Key Identifier:
keyid:23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/yoOvgZR3QbD0sUdFGi1qwRFJ0nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.192.0/22
IPv6:
2a03:2260::/30
Signature Algorithm: sha256WithRSAEncryption
30:9a:fc:54:71:c2:61:b1:fa:47:ff:13:2d:f9:3c:f1:48:a7:
a0:af:95:b3:3e:80:f3:18:91:e1:ad:d9:cf:0a:84:4a:a2:84:
6d:aa:2a:9d:81:cb:00:14:a0:e4:8c:b6:dd:31:34:95:ca:dd:
cb:1d:bf:37:b1:8a:d4:2a:e9:3e:fe:c4:f2:e9:a8:39:37:e8:
a3:fb:96:3d:28:bc:0e:22:9b:1e:0f:15:95:d0:0c:31:f5:24:
15:13:89:6e:57:c9:72:5f:7d:1d:36:39:47:58:24:09:e6:aa:
21:dd:c7:c3:b2:00:07:8f:69:a8:32:2d:4c:fd:36:43:0a:75:
73:71:32:da:50:93:fb:87:c4:10:7c:c6:4b:89:93:71:96:14:
03:64:ec:5a:a7:66:de:d8:3b:7e:08:18:8a:12:47:33:2d:9d:
bd:d2:bc:ed:45:39:bd:17:8b:c3:91:58:78:bc:e7:78:2f:e6:
1c:93:6a:14:ed:0c:98:f7:82:95:26:17:a2:2c:36:1e:64:2d:
4c:b5:b6:45:3c:af:d7:79:b2:43:3c:67:42:a3:b4:94:0b:e4:
d8:99:0b:ca:3e:10:5e:ce:8d:57:28:80:6b:3e:fa:81:41:8c:
fb:31:8a:96:ab:0c:1e:a6:ce:6d:a0:94:9b:d0:6f:8a:21:b6:
60:b3:80:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXPd1VRC246KQUiOHHURkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNjYyYzlhOTgwYWQ3NTg0NjUwYWJhYTM1NDViOWVhOTFk
M2UzNWUwHhcNMjMwMTAxMTI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgzYWY4MTk0Nzc0MWIwZjRiMTQ3NDUxYTJkNmFjMTExNDlkMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUNi2+CXFe2IzOmWeCSKPmBlwJgI
M4LpVRMtyowB/95Q5zA0Fvr/5HZuAXoaJEgO1z8Hq3X/wGxWsjz04xJ1eyQAcQXt
fKJcvgZCl72NIIjfvhDz2TgUPA0rNxrvypKpYRe/gJPA6Ln3FluNO3Ew80NNZpp0
6u/2+zigs8pGCf4lR+v4yRE70FiZ3mC79utxaMy13GTOM3UEo5Dzwso6KHpCadPh
K7H2KZGzl9Xnf2F+a5cuWExDZqxqd1D5L2Frht6FkI8fG+lule1yA0f22elqcSg1
S7Caf+XfvZejwmWqL3k27IZiloAQq7X4I+fTYFHeZgqAGdYZSAPHp0hkrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMqDr4GUd0Gw9LFHRRotasERSdJ0MB8GA1UdIwQY
MBaAFCNmLJqYCtdYRlCrqjVFueqR0+NeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEt
ODIzMmUzNTBkNDU4LzEveW9PdmdaUjNRYkQwc1VkRkdpMXF3UkZKMG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEtODIzMmUzNTBkNDU4
LzEvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuULAMA0E
AgACMAcDBQIqAyJgMA0GCSqGSIb3DQEBCwUAA4IBAQAwmvxUccJhsfpH/xMt+Tzx
SKegr5WzPoDzGJHhrdnPCoRKooRtqiqdgcsAFKDkjLbdMTSVyt3LHb83sYrUKuk+
/sTy6ag5N+ij+5Y9KLwOIpseDxWV0Awx9SQVE4luV8lyX30dNjlHWCQJ5qoh3cfD
sgAHj2moMi1M/TZDCnVzcTLaUJP7h8QQfMZLiZNxlhQDZOxap2be2Dt+CBiKEkcz
LZ290rztRTm9F4vDkVh4vOd4L+Yck2oU7QyY94KVJheiLDYeZC1MtbZFPK/XebJD
PGdCo7SUC+TYmQvKPhBezo1XKIBrPvqBQYz7MYqWqwweps5toJSb0G+KIbZgs4Ax
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:57 2024 by rpki-client on console-fra.rpki-client.org