Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/yJeeRP5qQScHbVrWkoetIxPPwyc.roa
File: yJeeRP5qQScHbVrWkoetIxPPwyc.roa (raw, json)
Hash identifier: X08cyV52g16jHvKa3M3pYkWDd9E6PRpR2PVBxNMRb60=
Subject key identifier: C8:97:9E:44:FE:6A:41:27:07:6D:5A:D6:92:87:AD:23:13:CF:C3:27
Certificate issuer: /CN=7d3b2c333b729557ac0be02740b22296d802bf81
Certificate serial: 01856FB1148635646AFBEDB7C67541175071
Authority key identifier: 7D:3B:2C:33:3B:72:95:57:AC:0B:E0:27:40:B2:22:96:D8:02:BF:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTssMztylVesC-AnQLIiltgCv4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/yJeeRP5qQScHbVrWkoetIxPPwyc.roa
Signing time: Sun 01 Jan 2023 23:35:54 +0000
ROA not before: Sun 01 Jan 2023 23:35:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207242
IP address blocks: 185.195.84.0/22 maxlen: 22
185.162.24.0/22 maxlen: 22
185.194.44.0/22 maxlen: 22
185.195.224.0/22 maxlen: 22
185.242.72.0/22 maxlen: 22
2a0a:5f40::/32 maxlen: 32
2a0c:c380::/32 maxlen: 32
2a07:ca40::/29 maxlen: 29
2a0a:5640::/32 maxlen: 32
2a0a:4440::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:14:86:35:64:6a:fb:ed:b7:c6:75:41:17:50:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d3b2c333b729557ac0be02740b22296d802bf81
Validity
Not Before: Jan 1 23:35:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8979e44fe6a4127076d5ad69287ad2313cfc327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:91:9b:1a:a3:e4:96:0d:36:3e:f2:32:23:80:
2a:ab:60:69:7e:c7:bc:c3:13:8c:7a:f8:67:48:84:
ad:c6:9e:fa:ec:3a:d5:46:37:f6:37:69:32:49:bf:
1f:4b:db:7c:02:22:f2:f4:aa:61:86:35:25:31:67:
2a:65:7a:e3:33:62:b2:35:d1:a3:d8:8d:5d:06:af:
30:ee:78:e9:39:88:56:e5:c6:11:a9:94:29:e3:94:
27:6e:78:e8:23:01:6c:ea:53:81:a4:48:13:b0:f1:
aa:08:7a:60:62:99:2b:a2:52:6a:c7:e4:31:70:cc:
8e:2d:64:3a:05:b6:03:58:3e:99:a9:2b:23:7f:3b:
bc:a2:fa:2b:7d:e5:fb:20:26:46:2c:15:dc:6b:02:
ed:20:7f:98:df:2c:27:bd:0e:e2:62:58:a4:7b:0e:
cf:6a:24:41:83:9a:2d:84:72:f3:b4:c7:12:08:0e:
7a:fc:28:03:9d:04:b5:67:e2:6a:2e:44:22:b3:42:
30:a7:45:42:69:32:38:ab:fd:06:90:50:73:d5:7f:
8b:e5:e2:72:89:5e:bc:b4:d8:f0:71:3b:32:49:43:
89:32:8e:56:b0:41:0a:45:0f:b0:0b:ac:f4:3f:55:
31:ba:1c:f6:7b:da:df:6c:c0:3a:f6:6e:33:12:1e:
c8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:97:9E:44:FE:6A:41:27:07:6D:5A:D6:92:87:AD:23:13:CF:C3:27
X509v3 Authority Key Identifier:
keyid:7D:3B:2C:33:3B:72:95:57:AC:0B:E0:27:40:B2:22:96:D8:02:BF:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTssMztylVesC-AnQLIiltgCv4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/yJeeRP5qQScHbVrWkoetIxPPwyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/fTssMztylVesC-AnQLIiltgCv4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.24.0/22
185.194.44.0/22
185.195.84.0/22
185.195.224.0/22
185.242.72.0/22
IPv6:
2a07:ca40::/29
2a0a:4440::/32
2a0a:5640::/32
2a0a:5f40::/32
2a0c:c380::/32
Signature Algorithm: sha256WithRSAEncryption
54:06:3b:36:47:17:6a:e1:f0:17:73:09:f9:ca:52:4d:15:8a:
b5:75:1a:4c:49:bc:c9:89:81:df:45:3b:00:6b:d9:3d:c9:25:
f3:01:1e:82:a6:e7:9b:ae:69:9a:5c:2b:f8:82:b5:c8:60:fc:
9e:b3:ed:12:e1:dc:65:24:94:30:0d:75:84:e5:60:d1:ed:5e:
36:15:31:45:a7:ab:c9:87:fc:b8:4e:94:b6:f6:af:c3:2b:78:
9a:de:01:66:a5:25:fe:5b:a5:df:c7:68:36:f8:40:7a:88:51:
6c:50:f1:8a:ad:ef:3b:95:c9:20:a2:45:57:9f:c6:6d:a9:7f:
64:5a:b4:82:0e:69:3a:1f:0a:90:74:14:f6:82:1b:51:0c:c8:
9e:7f:ba:b3:0b:1f:63:ca:36:56:11:72:38:c1:e1:af:86:08:
e8:59:22:7a:22:10:72:82:09:c4:ea:43:a1:03:ef:26:8f:18:
a1:2f:2d:e6:b1:0b:24:ae:ba:fd:ff:13:3c:a4:ae:bd:ae:6c:
2b:7d:a3:c3:dc:0e:85:e6:2a:96:9a:fd:b9:46:c9:f4:5a:9a:
af:bb:50:50:cd:56:19:90:cd:fd:e5:ca:32:55:0d:1f:86:65:
77:83:32:04:2d:3d:43:9d:7f:c4:45:32:f8:b4:2e:2f:75:38:
33:33:5d:f7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVvsRSGNWRq++23xnVBF1BxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkM2IyYzMzM2I3Mjk1NTdhYzBiZTAyNzQwYjIyMjk2ZDgw
MmJmODEwHhcNMjMwMTAxMjMzNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk3OWU0NGZlNmE0MTI3MDc2ZDVhZDY5Mjg3YWQyMzEzY2ZjMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJGbGqPklg02PvIyI4Aqq2Bpfse8
wxOMevhnSIStxp767DrVRjf2N2kySb8fS9t8AiLy9KphhjUlMWcqZXrjM2KyNdGj
2I1dBq8w7njpOYhW5cYRqZQp45QnbnjoIwFs6lOBpEgTsPGqCHpgYpkrolJqx+Qx
cMyOLWQ6BbYDWD6ZqSsjfzu8ovorfeX7ICZGLBXcawLtIH+Y3ywnvQ7iYlikew7P
aiRBg5othHLztMcSCA56/CgDnQS1Z+JqLkQis0Iwp0VCaTI4q/0GkFBz1X+L5eJy
iV68tNjwcTsySUOJMo5WsEEKRQ+wC6z0P1Uxuhz2e9rfbMA69m4zEh7I4wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFMiXnkT+akEnB21a1pKHrSMTz8MnMB8GA1UdIwQY
MBaAFH07LDM7cpVXrAvgJ0CyIpbYAr+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRzc016dHlsVmVzQy1BblFMSWlsdGdDdjRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82YjFiNjQtMjU2NC00N2E3LWIxYzEt
NTI4MzVkYjY1MTJjLzEveUplZVJQNXFRU2NIYlZyV2tvZXRJeFBQd3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82YjFiNjQtMjU2NC00N2E3LWIxYzEtNTI4MzVkYjY1MTJj
LzEvZlRzc016dHlsVmVzQy1BblFMSWlsdGdDdjRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQCuaIYAwQC
ucIsAwQCucNUAwQCucPgAwQCufJIMCkEAgACMCMDBQMqB8pAAwUAKgpEQAMFACoK
VkADBQAqCl9AAwUAKgzDgDANBgkqhkiG9w0BAQsFAAOCAQEAVAY7NkcXauHwF3MJ
+cpSTRWKtXUaTEm8yYmB30U7AGvZPckl8wEegqbnm65pmlwr+IK1yGD8nrPtEuHc
ZSSUMA11hOVg0e1eNhUxRaeryYf8uE6Utvavwyt4mt4BZqUl/lul38doNvhAeohR
bFDxiq3vO5XJIKJFV5/Gbal/ZFq0gg5pOh8KkHQU9oIbUQzInn+6swsfY8o2VhFy
OMHhr4YI6FkieiIQcoIJxOpDoQPvJo8YoS8t5rELJK66/f8TPKSuva5sK32jw9wO
heYqlpr9uUbJ9Fqar7tQUM1WGZDN/eXKMlUNH4Zld4MyBC09Q51/xEUy+LQuL3U4
MzNd9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:31 2024 by rpki-client on console-fra.rpki-client.org