Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yXp0DipiICs_Qj7MvJFCacfjmhI.roa
File: yXp0DipiICs_Qj7MvJFCacfjmhI.roa (raw, json)
Hash identifier: 5aXWlwg1nosZTOhnIuW05acq+nNHtuQ8oegze8wAUn8=
Subject key identifier: C9:7A:74:0E:2A:62:20:2B:3F:42:3E:CC:BC:91:42:69:C7:E3:9A:12
Certificate issuer: /CN=327b3420c25013795e822a2ae50d38dc1d382793
Certificate serial: 018CC4937D6514A78A86BB3F275EA0DEB815
Authority key identifier: 32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yXp0DipiICs_Qj7MvJFCacfjmhI.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207582
IP address blocks: 185.248.59.0/24 maxlen: 24
91.205.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7d:65:14:a7:8a:86:bb:3f:27:5e:a0:de:b8:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327b3420c25013795e822a2ae50d38dc1d382793
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c97a740e2a62202b3f423eccbc914269c7e39a12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:15:86:41:8b:74:6f:40:4b:fe:4a:db:cf:0d:
c8:4d:b6:df:56:f2:8d:61:e1:5c:47:dd:2b:56:ba:
a3:4d:b0:76:e6:06:f7:77:31:4f:8d:62:67:92:e9:
9a:54:98:a3:64:0c:c7:f7:af:8e:73:8c:9c:66:98:
9f:a9:dd:3e:49:a7:61:39:a9:91:d3:3a:90:8c:4c:
f4:40:5d:9c:b6:65:f0:ba:7d:bd:93:38:76:d8:4d:
0d:c2:16:21:6d:cd:da:59:d1:a2:3f:c8:23:6c:e7:
8e:74:d5:2e:6a:b5:6c:c6:ad:b0:bf:e5:e4:e4:91:
3b:e7:a1:81:9a:78:79:85:9b:1a:3c:1c:6e:d4:51:
6a:22:40:1d:46:ac:7d:90:df:a1:ce:df:b6:8a:b8:
d6:9f:89:98:f8:73:b8:53:a7:e9:b9:23:45:8e:a1:
de:cf:a4:a3:50:e0:1e:d1:93:3b:77:26:50:5d:5e:
10:9f:83:58:f5:60:d3:59:ad:5d:64:02:73:9d:48:
0d:52:58:e9:19:7b:6c:6e:9a:98:99:ea:9e:7d:0a:
79:96:a5:2b:bb:bb:15:34:74:68:f4:04:36:af:bd:
5a:97:1c:42:8b:e3:fa:e1:8e:5b:04:42:89:c2:d6:
6f:8a:e0:6f:76:2c:8c:7b:53:21:e2:2e:4a:bf:07:
46:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7A:74:0E:2A:62:20:2B:3F:42:3E:CC:BC:91:42:69:C7:E3:9A:12
X509v3 Authority Key Identifier:
keyid:32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/yXp0DipiICs_Qj7MvJFCacfjmhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.41.0/24
185.248.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2c:36:92:58:08:ae:3c:d1:8b:c1:91:d1:25:18:a5:49:48:
e7:be:54:ed:39:31:5c:37:29:30:3c:d4:f6:ce:22:47:eb:52:
80:04:8d:dc:c2:3b:85:5d:a6:66:e3:5b:23:ff:4b:1f:fe:56:
69:58:b3:6a:28:cc:99:2c:f3:03:56:02:b1:70:4f:2f:b6:8d:
ba:25:ba:d0:d3:f9:38:e1:7b:61:2b:8d:c4:5b:d1:d5:8c:46:
49:07:3b:0e:b2:eb:d0:de:e1:1b:30:62:b6:20:44:16:82:30:
26:9c:1a:e5:5c:42:a7:27:ad:7e:df:43:5f:8c:40:db:ae:26:
32:0a:56:6c:80:7a:34:48:4d:0a:c0:74:44:32:6c:8a:92:1a:
3e:1e:4d:56:71:01:a4:31:1f:9d:f1:c2:a9:8a:fb:e0:e4:5b:
ae:31:8e:63:0b:fa:6b:c6:d7:19:20:a5:65:09:14:9b:03:5f:
64:ee:c8:27:36:b2:d6:ad:b4:03:32:0d:8e:be:2e:46:2b:b6:
d2:0d:8c:14:e5:c8:55:38:f8:87:cb:ed:f3:aa:38:cd:93:d2:
d7:4f:86:fd:cd:c8:ec:17:60:02:4b:94:ca:b4:af:e4:11:10:
da:8a:13:9d:b4:eb:e5:40:2a:7a:c4:ba:90:fc:14:9c:6b:29:
16:d2:04:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk31lFKeKhrs/J16g3rgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyN2IzNDIwYzI1MDEzNzk1ZTgyMmEyYWU1MGQzOGRjMWQz
ODI3OTMwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdhNzQwZTJhNjIyMDJiM2Y0MjNlY2NiYzkxNDI2OWM3ZTM5YTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBWGQYt0b0BL/krbzw3ITbbfVvKN
YeFcR90rVrqjTbB25gb3dzFPjWJnkumaVJijZAzH96+Oc4ycZpifqd0+SadhOamR
0zqQjEz0QF2ctmXwun29kzh22E0NwhYhbc3aWdGiP8gjbOeOdNUuarVsxq2wv+Xk
5JE756GBmnh5hZsaPBxu1FFqIkAdRqx9kN+hzt+2irjWn4mY+HO4U6fpuSNFjqHe
z6SjUOAe0ZM7dyZQXV4Qn4NY9WDTWa1dZAJznUgNUljpGXtsbpqYmeqefQp5lqUr
u7sVNHRo9AQ2r71alxxCi+P64Y5bBEKJwtZviuBvdiyMe1Mh4i5KvwdGxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMl6dA4qYiArP0I+zLyRQmnH45oSMB8GA1UdIwQY
MBaAFDJ7NCDCUBN5XoIqKuUNONwdOCeTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQt
NjY4MmIwN2ZhOTQ3LzEveVhwMERpcGlJQ3NfUWo3TXZKRkNhY2ZqbWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQtNjY4MmIwN2ZhOTQ3
LzEvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW80pAwQA
ufg7MA0GCSqGSIb3DQEBCwUAA4IBAQA6LDaSWAiuPNGLwZHRJRilSUjnvlTtOTFc
NykwPNT2ziJH61KABI3cwjuFXaZm41sj/0sf/lZpWLNqKMyZLPMDVgKxcE8vto26
JbrQ0/k44XthK43EW9HVjEZJBzsOsuvQ3uEbMGK2IEQWgjAmnBrlXEKnJ61+30Nf
jEDbriYyClZsgHo0SE0KwHREMmyKkho+Hk1WcQGkMR+d8cKpivvg5FuuMY5jC/pr
xtcZIKVlCRSbA19k7sgnNrLWrbQDMg2Ovi5GK7bSDYwU5chVOPiHy+3zqjjNk9LX
T4b9zcjsF2ACS5TKtK/kERDaihOdtOvlQCp6xLqQ/BScaykW0gQe
-----END CERTIFICATE-----
Generated at Mon Jan 15 14:32:52 2024 by rpki-client on console-ams.rpki-client.org