Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/Yw8bRU6gxROAIFYsQd1ff1kx6cM.roa
File: Yw8bRU6gxROAIFYsQd1ff1kx6cM.roa (raw, json)
Hash identifier: K1m6Yo1JTVyjw7K57R9vzVcrgTv2Yg6eAhgDdwduCM4=
Subject key identifier: 63:0F:1B:45:4E:A0:C5:13:80:20:56:2C:41:DD:5F:7F:59:31:E9:C3
Certificate issuer: /CN=06c44b821ab5db542cc536c1f88b84baf0621654
Certificate serial: 018F5DBD47CA14EB00DE317A94EFB0EC9C49
Authority key identifier: 06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/Yw8bRU6gxROAIFYsQd1ff1kx6cM.roa
Signing time: Thu 09 May 2024 14:23:56 +0000
ROA not before: Thu 09 May 2024 14:23:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203653
IP address blocks: 185.128.36.0/24 maxlen: 24
185.128.39.0/24 maxlen: 24
2a03:9f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 19 May 2024 22:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:bd:47:ca:14:eb:00:de:31:7a:94:ef:b0:ec:9c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c44b821ab5db542cc536c1f88b84baf0621654
Validity
Not Before: May 9 14:23:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=630f1b454ea0c5138020562c41dd5f7f5931e9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:3f:05:ce:01:19:43:bd:95:00:d5:0e:4b:
af:83:e5:ad:7a:e2:67:c1:5b:d7:4a:85:a0:8f:c8:
e6:8d:c7:21:13:f0:63:fe:bb:c5:48:5f:a0:55:35:
de:af:3e:31:34:d0:cc:28:3e:bb:15:0f:5a:e0:bc:
cb:23:8f:f0:9c:6b:18:68:43:bf:31:80:34:36:ae:
cb:a2:8b:6f:bd:41:cc:08:bd:32:9b:76:83:14:e3:
05:16:3e:ac:9f:fa:a5:33:05:a1:8d:16:66:d2:f2:
2f:e2:b4:5f:d2:0e:99:40:be:17:c6:c1:08:1b:62:
16:86:06:18:49:f8:2d:39:ae:90:22:37:4d:ca:0e:
f0:8f:a0:b8:2e:22:e9:a8:5c:33:6e:57:63:06:ac:
8b:d3:fd:b0:d7:bd:24:0a:83:11:a4:ee:f7:10:67:
92:f5:60:3f:d3:7d:fa:57:e8:88:ba:78:ff:23:2e:
9d:5e:ea:1b:c4:27:c1:88:db:8a:5f:81:c6:bf:1d:
0a:96:ea:72:f4:3f:8c:29:a7:dd:45:62:0e:a5:0b:
b9:c2:79:90:eb:37:62:26:36:00:88:69:a6:ed:5c:
a2:f0:80:8c:6c:13:59:1e:52:c6:ac:39:de:cb:b6:
28:07:b4:3f:73:0f:03:52:6e:f0:cb:1a:3d:1c:7e:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0F:1B:45:4E:A0:C5:13:80:20:56:2C:41:DD:5F:7F:59:31:E9:C3
X509v3 Authority Key Identifier:
keyid:06:C4:4B:82:1A:B5:DB:54:2C:C5:36:C1:F8:8B:84:BA:F0:62:16:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsRLghq121QsxTbB-IuEuvBiFlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/Yw8bRU6gxROAIFYsQd1ff1kx6cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/79cef8-43a1-4089-809f-dc984265567d/1/BsRLghq121QsxTbB-IuEuvBiFlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.36.0/24
185.128.39.0/24
IPv6:
2a03:9f60::/32
Signature Algorithm: sha256WithRSAEncryption
9d:96:0f:b1:57:e6:0c:3f:2b:e4:36:f7:80:00:d9:15:17:b2:
a4:eb:0a:11:f8:4e:77:41:d0:ab:6d:0f:50:54:af:74:c1:a6:
0a:cf:63:ce:38:e3:0a:63:4e:5a:16:f6:0b:63:ec:c3:ac:a6:
78:7c:5c:8b:39:c1:9e:1e:30:fa:4b:62:4f:7e:eb:67:0b:ff:
d3:cb:e2:42:98:fe:b4:18:da:55:63:7a:56:50:58:93:33:86:
fe:04:87:a3:ad:65:65:27:ff:de:7c:ae:8c:cf:16:97:ec:fa:
c3:12:54:69:dc:cc:4b:90:79:a5:d9:1f:61:1e:18:a2:77:32:
ec:ef:f5:b2:fb:14:05:4f:67:7a:75:f1:7f:1e:7f:a5:41:d6:
d5:d6:e3:77:09:50:c5:db:f9:fa:76:ee:cb:60:d9:f3:32:b7:
18:9b:77:0f:f1:98:b4:29:d9:ec:7e:5c:4c:d5:7e:6b:a1:97:
a1:cd:72:ba:65:92:f0:6a:55:dd:23:2b:62:01:a7:fb:2e:73:
33:1f:5f:37:58:24:e4:48:b6:c4:6e:7a:b8:16:86:e0:ac:2b:
41:da:d3:fb:1c:f3:47:05:2f:bc:c2:a0:83:0c:f4:de:27:a3:
fa:28:bb:55:a3:13:2a:d4:a3:61:96:6a:71:2d:2c:38:b0:a4:
bf:bc:90:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9dvUfKFOsA3jF6lO+w7JxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzQ0YjgyMWFiNWRiNTQyY2M1MzZjMWY4OGI4NGJhZjA2
MjE2NTQwHhcNMjQwNTA5MTQyMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBmMWI0NTRlYTBjNTEzODAyMDU2MmM0MWRkNWY3ZjU5MzFlOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvno/Bc4BGUO9lQDVDkuvg+WteuJn
wVvXSoWgj8jmjcchE/Bj/rvFSF+gVTXerz4xNNDMKD67FQ9a4LzLI4/wnGsYaEO/
MYA0Nq7LootvvUHMCL0ym3aDFOMFFj6sn/qlMwWhjRZm0vIv4rRf0g6ZQL4XxsEI
G2IWhgYYSfgtOa6QIjdNyg7wj6C4LiLpqFwzbldjBqyL0/2w170kCoMRpO73EGeS
9WA/0336V+iIunj/Iy6dXuobxCfBiNuKX4HGvx0Klupy9D+MKafdRWIOpQu5wnmQ
6zdiJjYAiGmm7Vyi8ICMbBNZHlLGrDney7YoB7Q/cw8DUm7wyxo9HH6hewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGMPG0VOoMUTgCBWLEHdX39ZMenDMB8GA1UdIwQY
MBaAFAbES4IatdtULMU2wfiLhLrwYhZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYt
ZGM5ODQyNjU1NjdkLzEvWXc4YlJVNmd4Uk9BSUZZc1FkMWZmMWt4NmNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83OWNlZjgtNDNhMS00MDg5LTgwOWYtZGM5ODQyNjU1Njdk
LzEvQnNSTGdocTEyMVFzeFRiQi1JdUV1dkJpRmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYAkAwQA
uYAnMA0EAgACMAcDBQAqA59gMA0GCSqGSIb3DQEBCwUAA4IBAQCdlg+xV+YMPyvk
NveAANkVF7Kk6woR+E53QdCrbQ9QVK90waYKz2POOOMKY05aFvYLY+zDrKZ4fFyL
OcGeHjD6S2JPfutnC//Ty+JCmP60GNpVY3pWUFiTM4b+BIejrWVlJ//efK6MzxaX
7PrDElRp3MxLkHml2R9hHhiidzLs7/Wy+xQFT2d6dfF/Hn+lQdbV1uN3CVDF2/n6
du7LYNnzMrcYm3cP8Zi0KdnsflxM1X5roZehzXK6ZZLwalXdIytiAaf7LnMzH183
WCTkSLbEbnq4FobgrCtB2tP7HPNHBS+8wqCDDPTeJ6P6KLtVoxMq1KNhlmpxLSw4
sKS/vJC1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:25 2024 by rpki-client on console-ams.rpki-client.org