Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/ykVK1VlId7tW3wAXehLp7xkPKeI.roa
File: ykVK1VlId7tW3wAXehLp7xkPKeI.roa (raw, json)
Hash identifier: 6tlN4bODgr9fX0m9szucC0XkCoZQm+kBpEr8Lxl4I/Y=
Subject key identifier: CA:45:4A:D5:59:48:77:BB:56:DF:00:17:7A:12:E9:EF:19:0F:29:E2
Certificate issuer: /CN=ec05986897d024e48c7cd25e1891c4208ff3bbb2
Certificate serial: 0185723A321B750A2A794196FDC56C30D097
Authority key identifier: EC:05:98:68:97:D0:24:E4:8C:7C:D2:5E:18:91:C4:20:8F:F3:BB:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7AWYaJfQJOSMfNJeGJHEII_zu7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/ykVK1VlId7tW3wAXehLp7xkPKeI.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12301
IP address blocks: 193.178.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:32:1b:75:0a:2a:79:41:96:fd:c5:6c:30:d0:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec05986897d024e48c7cd25e1891c4208ff3bbb2
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca454ad5594877bb56df00177a12e9ef190f29e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:b1:e0:2a:07:76:00:0f:88:66:bc:b0:fd:
0f:9a:e0:ba:b0:f7:42:aa:05:a6:56:e7:fc:55:04:
97:40:f6:1a:61:dd:7c:5f:2a:72:3d:ec:5d:4d:bd:
55:12:e8:61:73:c1:a7:a4:57:e2:3f:b1:b1:77:89:
31:1f:fc:08:90:93:a6:be:7f:c3:4d:ab:85:f6:2e:
5e:ab:2c:fb:17:6a:37:a0:ce:de:02:74:db:28:ad:
20:89:ea:6f:27:ac:d5:61:38:5e:a9:49:6b:b1:05:
fa:32:51:37:35:6c:d7:f7:42:de:63:c2:05:09:c6:
a7:0f:dd:58:ee:41:46:c2:6b:89:b9:9a:a4:08:e8:
2e:a1:8b:ec:1f:2d:98:09:69:5d:40:be:57:92:02:
13:be:ee:2e:d7:44:5c:fb:69:66:1d:01:dd:f4:60:
77:91:a5:f2:38:f5:b8:0e:ad:a6:e7:bb:38:86:2e:
19:cb:37:38:41:ee:75:81:2f:6d:0f:fe:99:17:29:
c8:4e:22:da:8f:3f:ee:4e:d8:eb:b5:4b:3a:4b:ab:
0b:6e:9b:bf:c1:d6:1a:90:18:d2:52:75:09:c5:75:
d5:28:37:14:d4:df:c1:70:87:de:b4:ed:d1:d8:d0:
58:21:71:70:c5:45:11:aa:a8:cd:63:8d:11:50:62:
89:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:45:4A:D5:59:48:77:BB:56:DF:00:17:7A:12:E9:EF:19:0F:29:E2
X509v3 Authority Key Identifier:
keyid:EC:05:98:68:97:D0:24:E4:8C:7C:D2:5E:18:91:C4:20:8F:F3:BB:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7AWYaJfQJOSMfNJeGJHEII_zu7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/ykVK1VlId7tW3wAXehLp7xkPKeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/ad6af0-005f-43a3-aa9d-766d1f32433c/1/7AWYaJfQJOSMfNJeGJHEII_zu7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:85:f5:0c:20:d7:c0:39:56:35:48:a0:f8:c8:41:1f:28:2d:
68:63:d1:15:38:ee:a3:d7:a1:bb:22:34:2d:96:04:25:68:e8:
9f:43:cc:d4:ae:bb:c7:68:0c:e2:85:0e:3a:09:06:44:42:89:
58:95:84:34:78:4c:52:52:47:d9:b3:c3:01:e2:a1:dd:c0:96:
c4:c0:0c:d5:46:47:39:44:48:17:25:88:53:dd:90:67:aa:3f:
ca:2c:54:02:ac:a0:9e:5b:e6:0c:1c:fb:dd:4d:40:d7:4d:31:
ad:be:db:67:07:73:8a:d9:ee:41:c1:22:f4:7a:f1:8a:99:33:
f6:48:94:27:9c:9a:9b:50:fb:e9:6d:f1:e1:61:e1:7f:61:c3:
1d:a5:2b:ee:85:22:2b:6e:2d:e6:d4:51:45:f6:c4:06:dc:cc:
11:83:6c:55:9e:8b:15:5c:f4:4f:61:e5:ad:36:e8:2c:cc:eb:
e8:18:9d:27:03:d4:d4:89:2b:33:25:39:8f:b4:ef:97:58:92:
10:b9:66:d2:b7:7c:50:6b:d1:c2:0b:e3:52:f4:81:8e:4c:8b:
04:de:ed:eb:39:0d:37:52:f0:44:58:b7:6f:10:67:48:68:ad:
5e:b7:48:11:cf:1e:e8:40:73:a7:52:12:e7:86:b3:2b:37:4b:
23:ce:35:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOjIbdQoqeUGW/cVsMNCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMDU5ODY4OTdkMDI0ZTQ4YzdjZDI1ZTE4OTFjNDIwOGZm
M2JiYjIwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ1NGFkNTU5NDg3N2JiNTZkZjAwMTc3YTEyZTllZjE5MGYyOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpix4CoHdgAPiGa8sP0PmuC6sPdC
qgWmVuf8VQSXQPYaYd18XypyPexdTb1VEuhhc8GnpFfiP7Gxd4kxH/wIkJOmvn/D
TauF9i5eqyz7F2o3oM7eAnTbKK0giepvJ6zVYTheqUlrsQX6MlE3NWzX90LeY8IF
CcanD91Y7kFGwmuJuZqkCOguoYvsHy2YCWldQL5XkgITvu4u10Rc+2lmHQHd9GB3
kaXyOPW4Dq2m57s4hi4Zyzc4Qe51gS9tD/6ZFynITiLajz/uTtjrtUs6S6sLbpu/
wdYakBjSUnUJxXXVKDcU1N/BcIfetO3R2NBYIXFwxUURqqjNY40RUGKJ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpFStVZSHe7Vt8AF3oS6e8ZDyniMB8GA1UdIwQY
MBaAFOwFmGiX0CTkjHzSXhiRxCCP87uyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0FXWWFKZlFKT1NNZk5KZUdKSEVJSV96dTdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9hZDZhZjAtMDA1Zi00M2EzLWFhOWQt
NzY2ZDFmMzI0MzNjLzEveWtWSzFWbElkN3RXM3dBWGVoTHA3eGtQS2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9hZDZhZjAtMDA1Zi00M2EzLWFhOWQtNzY2ZDFmMzI0MzNj
LzEvN0FXWWFKZlFKT1NNZk5KZUdKSEVJSV96dTdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbKoMA0G
CSqGSIb3DQEBCwUAA4IBAQCohfUMINfAOVY1SKD4yEEfKC1oY9EVOO6j16G7IjQt
lgQlaOifQ8zUrrvHaAzihQ46CQZEQolYlYQ0eExSUkfZs8MB4qHdwJbEwAzVRkc5
REgXJYhT3ZBnqj/KLFQCrKCeW+YMHPvdTUDXTTGtvttnB3OK2e5BwSL0evGKmTP2
SJQnnJqbUPvpbfHhYeF/YcMdpSvuhSIrbi3m1FFF9sQG3MwRg2xVnosVXPRPYeWt
NugszOvoGJ0nA9TUiSszJTmPtO+XWJIQuWbSt3xQa9HCC+NS9IGOTIsE3u3rOQ03
UvBEWLdvEGdIaK1et0gRzx7oQHOnUhLnhrMrN0sjzjU5
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:37 2024 by rpki-client on console-fra.rpki-client.org