Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ef9ce3-0e7b-428a-b1dd-571bb7690e34/1/yfUTiV40n9FKWybtUbNRDymLQn8.roa
File: yfUTiV40n9FKWybtUbNRDymLQn8.roa (raw, json)
Hash identifier: 5XcKEmdqoB6rit8sgSwK+9DahBpsralhuzbVcCPRcH8=
Subject key identifier: C9:F5:13:89:5E:34:9F:D1:4A:5B:26:ED:51:B3:51:0F:29:8B:42:7F
Certificate issuer: /CN=56be7dabe8edce2dc2e654bd0f42da0b6195a0f7
Certificate serial: 018572BA660F46EFC0505091EAA8DFFC0CC7
Authority key identifier: 56:BE:7D:AB:E8:ED:CE:2D:C2:E6:54:BD:0F:42:DA:0B:61:95:A0:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vr59q-jtzi3C5lS9D0LaC2GVoPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ef9ce3-0e7b-428a-b1dd-571bb7690e34/1/yfUTiV40n9FKWybtUbNRDymLQn8.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204488
IP address blocks: 185.247.170.0/24 maxlen: 24
185.247.169.0/24 maxlen: 24
185.247.168.0/24 maxlen: 24
185.247.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:66:0f:46:ef:c0:50:50:91:ea:a8:df:fc:0c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56be7dabe8edce2dc2e654bd0f42da0b6195a0f7
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f513895e349fd14a5b26ed51b3510f298b427f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a3:f7:cd:ca:69:0b:25:e8:49:fc:09:8f:fc:
5c:53:d8:b0:45:03:ec:1c:02:07:6f:d7:4b:df:16:
f6:bb:0b:27:05:b6:b4:08:ca:b4:62:96:66:da:ae:
82:7f:70:83:3a:fa:b0:66:36:18:f5:70:32:50:da:
0a:c6:1d:b5:f5:6c:fc:92:1b:89:4c:de:12:fc:46:
52:dc:7c:dc:93:91:9b:60:30:ab:38:61:5f:33:50:
25:c9:fa:05:4e:ef:bb:b1:62:fa:cd:fc:00:f4:ed:
9f:a4:53:d2:2e:cb:ec:33:fd:4d:57:5e:a5:9b:46:
e1:5d:03:27:0a:1b:f3:25:96:03:ef:03:7f:79:0f:
ab:e5:71:d5:f4:f4:b4:21:cc:6d:1d:7a:48:b1:fc:
1d:79:ee:a5:58:c6:84:dc:bd:67:77:30:b0:12:a3:
13:d3:0e:10:dc:cc:89:a8:a8:da:ab:0f:a4:1b:12:
c4:55:27:fc:73:05:8b:58:6f:80:e0:4e:4c:ed:5a:
83:86:15:29:be:20:30:05:b7:96:9d:b9:d4:cb:be:
5f:ca:8f:12:e9:cc:c8:cd:b1:d4:4f:65:5e:66:2e:
3d:94:99:a9:38:3b:db:53:e9:96:bb:fb:12:ac:24:
b0:bc:9a:22:a9:5d:95:9a:43:36:68:84:28:03:bf:
b9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F5:13:89:5E:34:9F:D1:4A:5B:26:ED:51:B3:51:0F:29:8B:42:7F
X509v3 Authority Key Identifier:
keyid:56:BE:7D:AB:E8:ED:CE:2D:C2:E6:54:BD:0F:42:DA:0B:61:95:A0:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vr59q-jtzi3C5lS9D0LaC2GVoPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ef9ce3-0e7b-428a-b1dd-571bb7690e34/1/yfUTiV40n9FKWybtUbNRDymLQn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ef9ce3-0e7b-428a-b1dd-571bb7690e34/1/Vr59q-jtzi3C5lS9D0LaC2GVoPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:73:45:c4:ba:b1:74:1d:ac:f2:8b:25:0b:1e:86:a6:5b:8c:
8a:44:5f:13:fe:b6:18:51:74:87:7f:d9:e0:dc:43:c3:fd:e9:
70:59:6d:59:dd:47:52:4e:ce:b7:37:b3:11:34:eb:d0:4c:ff:
49:f0:18:eb:eb:e4:ed:90:c3:82:aa:39:02:61:15:bb:74:71:
fb:04:b6:b4:b0:52:c8:a4:00:40:04:92:60:cd:ba:2b:fb:82:
6e:3d:83:96:3e:fd:f3:b0:81:26:28:35:64:71:40:95:2e:85:
85:2d:e1:1b:c0:0d:d8:33:52:ad:15:f5:ba:f2:e2:7b:e5:23:
cb:70:31:60:c0:95:26:f7:98:a3:d1:c2:40:1e:a1:7d:ce:51:
bb:5e:91:c1:24:aa:39:dc:d9:ad:d3:57:37:13:60:2e:51:70:
dc:b5:5e:8a:25:6d:2e:cb:bc:43:c8:ba:c8:92:75:db:48:4a:
3e:05:43:08:6a:bc:ea:11:00:8b:e9:b5:99:02:c7:6f:0a:18:
7d:5d:55:d0:ef:a5:b2:9c:4d:05:74:83:3a:be:da:b6:48:ca:
d0:c5:58:fb:c5:0a:7b:3a:8d:cd:48:ac:44:6d:fb:be:3e:16:
c3:04:69:24:4b:c9:ef:8d:95:2a:d8:9e:9e:89:2f:8b:70:85:
cb:60:56:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyumYPRu/AUFCR6qjf/AzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YmU3ZGFiZThlZGNlMmRjMmU2NTRiZDBmNDJkYTBiNjE5
NWEwZjcwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY1MTM4OTVlMzQ5ZmQxNGE1YjI2ZWQ1MWIzNTEwZjI5OGI0MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqP3zcppCyXoSfwJj/xcU9iwRQPs
HAIHb9dL3xb2uwsnBba0CMq0YpZm2q6Cf3CDOvqwZjYY9XAyUNoKxh219Wz8khuJ
TN4S/EZS3Hzck5GbYDCrOGFfM1AlyfoFTu+7sWL6zfwA9O2fpFPSLsvsM/1NV16l
m0bhXQMnChvzJZYD7wN/eQ+r5XHV9PS0IcxtHXpIsfwdee6lWMaE3L1ndzCwEqMT
0w4Q3MyJqKjaqw+kGxLEVSf8cwWLWG+A4E5M7VqDhhUpviAwBbeWnbnUy75fyo8S
6czIzbHUT2VeZi49lJmpODvbU+mWu/sSrCSwvJoiqV2VmkM2aIQoA7+5GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMn1E4leNJ/RSlsm7VGzUQ8pi0J/MB8GA1UdIwQY
MBaAFFa+favo7c4twuZUvQ9C2gthlaD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnI1OXEtanR6aTNDNWxTOUQwTGFDMkdWb1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZjljZTMtMGU3Yi00MjhhLWIxZGQt
NTcxYmI3NjkwZTM0LzEveWZVVGlWNDBuOUZLV3lidFViTlJEeW1MUW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZjljZTMtMGU3Yi00MjhhLWIxZGQtNTcxYmI3NjkwZTM0
LzEvVnI1OXEtanR6aTNDNWxTOUQwTGFDMkdWb1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufeoMA0G
CSqGSIb3DQEBCwUAA4IBAQA8c0XEurF0HazyiyULHoamW4yKRF8T/rYYUXSHf9ng
3EPD/elwWW1Z3UdSTs63N7MRNOvQTP9J8Bjr6+TtkMOCqjkCYRW7dHH7BLa0sFLI
pABABJJgzbor+4JuPYOWPv3zsIEmKDVkcUCVLoWFLeEbwA3YM1KtFfW68uJ75SPL
cDFgwJUm95ij0cJAHqF9zlG7XpHBJKo53Nmt01c3E2AuUXDctV6KJW0uy7xDyLrI
knXbSEo+BUMIarzqEQCL6bWZAsdvChh9XVXQ76WynE0FdIM6vtq2SMrQxVj7xQp7
Oo3NSKxEbfu+PhbDBGkkS8nvjZUq2J6eiS+LcIXLYFYF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:05 2024 by rpki-client on console-fra.rpki-client.org