Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/yYdl-9jUpp1ZsWGhjp2aeBNCvmQ.roa
File: yYdl-9jUpp1ZsWGhjp2aeBNCvmQ.roa (raw, json)
Hash identifier: RBv2hng8Xs80JZyXukDTygoxhjOC8kK3Jfp0EFQBR5A=
Subject key identifier: C9:87:65:FB:D8:D4:A6:9D:59:B1:61:A1:8E:9D:9A:78:13:42:BE:64
Certificate issuer: /CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Certificate serial: 018571B36958D67DF158D5675F63EC7587C5
Authority key identifier: 46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/yYdl-9jUpp1ZsWGhjp2aeBNCvmQ.roa
Signing time: Mon 02 Jan 2023 08:57:41 +0000
ROA not before: Mon 02 Jan 2023 08:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16019
IP address blocks: 193.104.172.0/24 maxlen: 24
91.220.122.0/24 maxlen: 24
185.99.176.0/22 maxlen: 22
185.241.220.0/22 maxlen: 32
2a0c:b180::/29 maxlen: 48
2a00:8e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b3:69:58:d6:7d:f1:58:d5:67:5f:63:ec:75:87:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Validity
Not Before: Jan 2 08:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c98765fbd8d4a69d59b161a18e9d9a781342be64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:fb:61:9f:d0:a1:f8:60:db:bd:5d:04:c0:
d6:f8:16:60:50:df:a7:6c:52:42:2f:ee:b9:83:4b:
e5:e9:af:43:fa:5e:e5:e7:54:61:d3:92:bf:37:c8:
74:1a:df:6e:45:87:bf:93:66:9a:a6:51:44:41:00:
fd:cf:fc:9f:d0:62:99:e3:e9:79:81:1a:db:3b:55:
96:52:30:26:91:c3:02:fd:d3:40:06:31:38:91:6a:
43:5c:50:18:95:d6:d2:b0:ce:ce:1e:7d:d4:7c:7f:
19:e3:73:04:e6:91:e0:fb:97:12:d6:d2:bf:88:9e:
2a:92:4f:2e:18:08:e6:b1:d6:6d:64:4e:c3:ae:a2:
b0:1b:6a:72:9f:c7:a8:53:e3:86:ce:ab:9a:15:e1:
d8:e8:3f:3e:28:33:d3:4d:d7:ce:fe:2e:ee:97:e8:
76:6d:ce:52:e7:53:7a:8c:c3:9f:d8:77:17:71:d7:
62:a6:e0:eb:44:ef:6f:ba:1d:82:1a:bb:9e:1d:60:
7c:e6:9e:2a:59:2b:4a:21:13:19:36:19:0e:94:f5:
5a:e7:49:0f:94:96:4c:56:fd:56:69:63:82:ae:19:
ac:9a:22:94:26:27:45:65:19:49:99:97:db:22:5d:
e9:e8:69:21:79:f8:07:3f:c4:96:42:d3:24:49:ef:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:87:65:FB:D8:D4:A6:9D:59:B1:61:A1:8E:9D:9A:78:13:42:BE:64
X509v3 Authority Key Identifier:
keyid:46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/yYdl-9jUpp1ZsWGhjp2aeBNCvmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.122.0/24
185.99.176.0/22
185.241.220.0/22
193.104.172.0/24
IPv6:
2a00:8e80::/29
2a0c:b180::/29
Signature Algorithm: sha256WithRSAEncryption
9f:e8:6d:2d:64:1a:03:70:07:8c:74:68:e2:e4:5c:98:61:f4:
a9:e3:5d:76:2f:c0:86:8d:f1:e7:a7:db:ef:10:89:6f:af:58:
74:78:c2:87:b0:52:8b:ec:39:5c:7f:9a:c4:ab:7f:93:25:2a:
8b:83:12:1e:95:3d:c8:13:48:4b:6f:b9:35:87:7f:20:3c:8d:
ee:55:a2:a8:11:f2:9b:df:aa:91:60:de:4a:58:a1:15:e7:4d:
4e:ea:00:d5:2a:7e:f7:ec:43:a0:de:74:91:ad:60:31:cf:aa:
8a:f4:76:19:42:65:d2:b5:97:07:59:ce:1c:65:b6:61:2b:d6:
84:af:41:88:e7:06:17:2d:8e:49:99:24:27:d8:f8:bf:41:bf:
f5:fa:b0:d6:e0:0e:e3:95:b2:7e:cc:ca:65:f9:f7:37:5c:82:
27:28:e4:f5:0e:b3:a2:e6:df:d0:f9:fb:3a:49:5a:6e:15:29:
1e:ac:8c:ae:f4:9b:ff:1a:60:8f:68:72:b8:f4:3a:c7:68:1a:
4c:b1:70:53:23:27:5f:f3:d4:38:ff:65:a3:83:a9:93:1c:21:
55:51:7f:2a:3d:f7:dc:d7:6e:15:fd:50:07:35:85:f6:5d:e8:
69:3e:ec:b9:1b:a2:b1:9e:01:84:89:8a:df:fc:af:f7:a3:8b:
a6:c0:9c:f0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxs2lY1n3xWNVnX2PsdYfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIxMWFmOTM1NWRhOWEyYjVkZjczZWNkZDdmZDA5Njdh
NGI1OGMwHhcNMjMwMTAyMDg1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTg3NjVmYmQ4ZDRhNjlkNTliMTYxYTE4ZTlkOWE3ODEzNDJiZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMn7YZ/Qofhg271dBMDW+BZgUN+n
bFJCL+65g0vl6a9D+l7l51Rh05K/N8h0Gt9uRYe/k2aaplFEQQD9z/yf0GKZ4+l5
gRrbO1WWUjAmkcMC/dNABjE4kWpDXFAYldbSsM7OHn3UfH8Z43ME5pHg+5cS1tK/
iJ4qkk8uGAjmsdZtZE7DrqKwG2pyn8eoU+OGzquaFeHY6D8+KDPTTdfO/i7ul+h2
bc5S51N6jMOf2HcXcddipuDrRO9vuh2CGrueHWB85p4qWStKIRMZNhkOlPVa50kP
lJZMVv1WaWOCrhmsmiKUJidFZRlJmZfbIl3p6GkhefgHP8SWQtMkSe/dwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMmHZfvY1KadWbFhoY6dmngTQr5kMB8GA1UdIwQY
MBaAFEbrEa+TVdqaK133Ps3X/QlnpLWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUt
NDVmNDk2ZjJmZTc1LzEveVlkbC05alVwcDFac1dHaGpwMmFlQk5Ddm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUtNDVmNDk2ZjJmZTc1
LzEvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAW9x6AwQC
uWOwAwQCufHcAwQAwWisMBQEAgACMA4DBQMqAI6AAwUDKgyxgDANBgkqhkiG9w0B
AQsFAAOCAQEAn+htLWQaA3AHjHRo4uRcmGH0qeNddi/Aho3x56fb7xCJb69YdHjC
h7BSi+w5XH+axKt/kyUqi4MSHpU9yBNIS2+5NYd/IDyN7lWiqBHym9+qkWDeSlih
FedNTuoA1Sp+9+xDoN50ka1gMc+qivR2GUJl0rWXB1nOHGW2YSvWhK9BiOcGFy2O
SZkkJ9j4v0G/9fqw1uAO45WyfszKZfn3N1yCJyjk9Q6zoubf0Pn7OklabhUpHqyM
rvSb/xpgj2hyuPQ6x2gaTLFwUyMnX/PUOP9lo4OpkxwhVVF/Kj333NduFf1QBzWF
9l3oaT7suRuisZ4BhImK3/yv96OLpsCc8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org