Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/YOS3QnwrB4NZkmcwy2K00tg3QgI.roa
File: YOS3QnwrB4NZkmcwy2K00tg3QgI.roa (raw, json)
Hash identifier: jufAt6/mMMwzFkkayCRLKrBGSx0I1f2hJVo1T61p/eU=
Subject key identifier: 60:E4:B7:42:7C:2B:07:83:59:92:67:30:CB:62:B4:D2:D8:37:42:02
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018570E756AC42ABF4B8095316FF6F10A9CA
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/YOS3QnwrB4NZkmcwy2K00tg3QgI.roa
Signing time: Mon 02 Jan 2023 05:14:47 +0000
ROA not before: Mon 02 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201096
IP address blocks: 85.206.144.0/23 maxlen: 24
85.206.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:56:ac:42:ab:f4:b8:09:53:16:ff:6f:10:a9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60e4b7427c2b078359926730cb62b4d2d8374202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:c5:9d:9a:e6:63:2d:45:3e:5b:41:66:d0:
9c:98:f7:03:cc:b8:0e:69:91:b2:af:bf:ea:42:d4:
cd:ce:59:bc:09:7d:08:21:ae:3e:b4:57:96:d9:eb:
14:d5:2c:32:73:68:d9:56:50:a3:9d:a9:d9:51:a5:
09:d7:21:22:42:7d:38:62:90:cb:b4:0a:0c:75:be:
42:a4:88:fe:48:1e:a3:71:12:97:74:b8:e0:f0:83:
7e:34:54:98:40:67:00:d4:07:30:fe:21:6d:ad:4e:
da:ac:68:ba:c6:c3:24:26:99:58:ef:1a:65:75:f8:
c5:a8:80:ee:e7:73:a5:1d:64:bd:70:f0:4d:c4:f7:
d0:03:69:e4:20:5b:03:69:48:7a:56:fa:6a:99:2a:
67:3d:55:7e:b8:6b:65:44:9d:76:21:ee:69:ce:ed:
04:23:13:f6:e5:42:d6:93:a2:a6:9c:a9:7b:7d:a6:
09:d3:e9:3d:83:35:69:ec:3d:41:6c:5c:7d:5a:cf:
a6:09:32:b6:9f:2c:5e:ab:16:fd:0a:44:30:d3:81:
fd:46:49:a7:fc:f9:4d:85:46:86:e8:15:11:94:1d:
69:52:a0:14:31:6b:d2:5f:25:c2:54:09:c7:ff:16:
24:e5:8c:4b:f7:f4:56:16:2f:96:23:45:a7:e6:bd:
dc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E4:B7:42:7C:2B:07:83:59:92:67:30:CB:62:B4:D2:D8:37:42:02
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/YOS3QnwrB4NZkmcwy2K00tg3QgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.144.0/22
Signature Algorithm: sha256WithRSAEncryption
71:34:dc:25:f5:9f:ce:d3:de:92:0d:ad:6c:ba:06:09:16:5c:
ee:50:b0:23:78:dc:f2:e0:7f:1f:67:8e:b7:06:47:33:37:e3:
01:38:01:0a:fb:65:14:7c:5e:fb:33:02:f5:db:8b:cc:79:ad:
7d:2f:f5:2f:7c:63:58:55:5f:45:64:5b:5e:27:b1:22:dd:e6:
fe:de:a1:c0:5d:63:f1:67:eb:b5:3d:37:1f:94:85:b6:d5:18:
91:78:33:85:7c:32:0e:2a:73:94:d9:e5:ba:7c:00:f4:5a:b8:
fa:23:24:ca:11:52:51:4b:16:b5:5c:8c:12:14:34:73:04:b8:
b5:66:f3:e7:dc:4b:8b:a5:fb:6b:02:d5:38:0a:4a:56:94:c7:
38:b1:0a:96:20:b8:83:01:45:bf:56:83:cd:08:ed:96:d4:38:
9e:66:3b:13:40:33:1c:63:d8:eb:34:84:cc:36:df:32:58:a0:
f8:aa:1d:3c:2e:a1:ee:0f:e8:8d:5f:68:ed:3b:65:1a:f3:08:
e9:e2:70:96:97:e8:89:5f:b6:f2:cd:60:74:d2:c3:d9:63:d0:
9a:82:b2:d2:7f:91:b4:d0:8e:20:25:98:88:d3:91:8b:14:a9:
41:b7:b6:b8:9b:99:ec:c5:35:ff:10:16:da:2a:78:d2:a8:ff:
51:05:a6:45
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVw51asQqv0uAlTFv9vEKnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU0Yjc0MjdjMmIwNzgzNTk5MjY3MzBjYjYyYjRkMmQ4Mzc0MjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQnFnZrmYy1FPltBZtCcmPcDzLgO
aZGyr7/qQtTNzlm8CX0IIa4+tFeW2esU1Swyc2jZVlCjnanZUaUJ1yEiQn04YpDL
tAoMdb5CpIj+SB6jcRKXdLjg8IN+NFSYQGcA1Acw/iFtrU7arGi6xsMkJplY7xpl
dfjFqIDu53OlHWS9cPBNxPfQA2nkIFsDaUh6VvpqmSpnPVV+uGtlRJ12Ie5pzu0E
IxP25ULWk6KmnKl7faYJ0+k9gzVp7D1BbFx9Ws+mCTK2nyxeqxb9CkQw04H9Rkmn
/PlNhUaG6BURlB1pUqAUMWvSXyXCVAnH/xYk5YxL9/RWFi+WI0Wn5r3cpwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGDkt0J8KweDWZJnMMtitNLYN0ICMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL1lPUzNRbndyQjROWmttY3d5MkswMHRnM1FnSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJVzpAw
DQYJKoZIhvcNAQELBQADggEBAHE03CX1n87T3pINrWy6BgkWXO5QsCN43PLgfx9n
jrcGRzM34wE4AQr7ZRR8XvszAvXbi8x5rX0v9S98Y1hVX0VkW14nsSLd5v7eocBd
Y/Fn67U9Nx+UhbbVGJF4M4V8Mg4qc5TZ5bp8APRauPojJMoRUlFLFrVcjBIUNHME
uLVm8+fcS4ul+2sC1TgKSlaUxzixCpYguIMBRb9Wg80I7ZbUOJ5mOxNAMxxj2Os0
hMw23zJYoPiqHTwuoe4P6I1faO07ZRrzCOnicJaX6IlftvLNYHTSw9lj0JqCstJ/
kbTQjiAlmIjTkYsUqUG3tribmezFNf8QFtoqeNKo/1EFpkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org