Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/YS6s5ZZAJ1s9BiZojfhP_pu5eBw.roa
File: YS6s5ZZAJ1s9BiZojfhP_pu5eBw.roa (raw, json)
Hash identifier: MOpF5gKl3i0PzDXVyHBwDI4gmdddCb/WW+qjri1cEew=
Subject key identifier: 61:2E:AC:E5:96:40:27:5B:3D:06:26:68:8D:F8:4F:FE:9B:B9:78:1C
Certificate issuer: /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial: 018D78E11EE0BE1351E03F84706FD9047B5D
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/YS6s5ZZAJ1s9BiZojfhP_pu5eBw.roa
Signing time: Mon 05 Feb 2024 10:47:15 +0000
ROA not before: Mon 05 Feb 2024 10:47:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198257
IP address blocks: 185.153.0.0/22 maxlen: 22
185.153.0.0/24 maxlen: 24
185.153.1.0/24 maxlen: 24
185.153.2.0/24 maxlen: 24
185.153.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 20:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:e1:1e:e0:be:13:51:e0:3f:84:70:6f:d9:04:7b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Validity
Not Before: Feb 5 10:47:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=612eace59640275b3d0626688df84ffe9bb9781c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:32:62:dd:1c:1c:5f:87:17:9b:d1:b3:5f:82:
17:07:f7:a3:5f:bb:42:1d:17:60:9f:a4:92:6a:9d:
8d:0e:5c:8c:fa:35:42:94:44:e3:72:db:4f:f8:7e:
28:da:c7:3d:81:72:c5:37:d6:87:db:f1:56:45:11:
f1:e9:2d:26:87:d7:8d:c7:26:17:8b:f3:24:6a:85:
af:9b:76:45:7a:30:b3:6d:ec:9d:a8:b8:72:16:a9:
06:f4:c3:4f:de:40:84:08:bf:60:73:59:f0:a6:68:
55:03:bf:1a:bb:33:d6:eb:40:97:d1:21:f4:5c:9e:
b9:0d:4b:8e:c1:c6:fe:56:82:18:ff:f9:ac:64:1b:
d2:cc:bc:46:17:02:79:25:78:49:00:4c:2a:34:32:
3e:85:08:25:62:91:cb:00:e8:a0:3f:75:9c:8c:46:
3a:23:e0:1a:51:44:c7:3b:97:8c:91:ff:b7:b3:00:
5a:ad:21:9c:d5:6e:6d:c7:43:88:e0:23:4a:81:88:
96:be:3d:89:1a:2d:15:db:88:71:59:67:14:94:2d:
0a:0d:2d:92:4b:29:f4:51:b5:c8:41:e7:36:29:36:
6f:62:3f:53:9f:21:2f:00:29:40:30:00:8a:95:f6:
2f:9e:db:05:33:de:46:df:f1:31:c4:e1:59:fc:96:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2E:AC:E5:96:40:27:5B:3D:06:26:68:8D:F8:4F:FE:9B:B9:78:1C
X509v3 Authority Key Identifier:
keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/YS6s5ZZAJ1s9BiZojfhP_pu5eBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:6d:6c:9b:3d:57:6f:74:a0:4f:5d:8a:ef:a5:9a:50:82:24:
3d:28:32:8a:0d:4d:f9:b9:f4:d8:ef:4e:24:d4:9e:84:9f:01:
bf:2f:18:ab:c3:74:98:62:0a:08:ed:14:bb:af:fd:85:48:25:
f0:d9:14:5a:7d:b1:e4:09:12:93:2e:e8:ac:3d:7a:c0:74:c8:
37:ce:95:75:1b:16:f5:00:89:73:3d:19:f0:60:04:30:71:30:
57:84:bb:c7:c2:d3:2c:f0:1d:c6:21:2c:11:15:00:f2:d6:ce:
33:ff:43:2e:17:e1:73:aa:f5:6d:6e:66:04:f0:e6:b3:0d:68:
61:6b:8b:b6:72:a7:18:fa:a7:59:b0:28:2e:28:63:55:d6:64:
01:e0:28:82:4b:03:f7:33:73:bf:50:10:ff:89:71:53:43:e0:
28:21:4f:e7:e0:36:cf:6d:4a:84:55:f0:75:cc:51:b9:f8:a3:
3d:ca:ac:d3:60:78:8f:78:f5:03:d6:60:1e:cc:fc:21:23:94:
3f:cd:03:2b:34:0f:e1:de:ea:2b:e2:c5:aa:f3:8a:b2:d6:94:
44:6b:58:c8:c0:44:38:70:c9:98:38:32:db:61:52:89:c6:95:
ed:d8:ef:52:e3:f1:ac:4c:52:c3:0f:4e:8a:c7:9e:40:2e:a3:
79:47:19:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY144R7gvhNR4D+EcG/ZBHtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjQwMjA1MTA0NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJlYWNlNTk2NDAyNzViM2QwNjI2Njg4ZGY4NGZmZTliYjk3ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzJi3RwcX4cXm9GzX4IXB/ejX7tC
HRdgn6SSap2NDlyM+jVClETjcttP+H4o2sc9gXLFN9aH2/FWRRHx6S0mh9eNxyYX
i/MkaoWvm3ZFejCzbeydqLhyFqkG9MNP3kCECL9gc1nwpmhVA78auzPW60CX0SH0
XJ65DUuOwcb+VoIY//msZBvSzLxGFwJ5JXhJAEwqNDI+hQglYpHLAOigP3WcjEY6
I+AaUUTHO5eMkf+3swBarSGc1W5tx0OI4CNKgYiWvj2JGi0V24hxWWcUlC0KDS2S
Syn0UbXIQec2KTZvYj9TnyEvAClAMACKlfYvntsFM95G3/ExxOFZ/JZF6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEurOWWQCdbPQYmaI34T/6buXgcMB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvWVM2czVaWkFKMXM5Qmlab2pmaFBfcHU1ZUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYtZmM1OWRlZGIxZDJi
LzEvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkAMA0G
CSqGSIb3DQEBCwUAA4IBAQA8bWybPVdvdKBPXYrvpZpQgiQ9KDKKDU35ufTY704k
1J6EnwG/Lxirw3SYYgoI7RS7r/2FSCXw2RRafbHkCRKTLuisPXrAdMg3zpV1Gxb1
AIlzPRnwYAQwcTBXhLvHwtMs8B3GISwRFQDy1s4z/0MuF+FzqvVtbmYE8OazDWhh
a4u2cqcY+qdZsCguKGNV1mQB4CiCSwP3M3O/UBD/iXFTQ+AoIU/n4DbPbUqEVfB1
zFG5+KM9yqzTYHiPePUD1mAezPwhI5Q/zQMrNA/h3uor4sWq84qy1pREa1jIwEQ4
cMmYODLbYVKJxpXt2O9S4/GsTFLDD06Kx55ALqN5Rxnw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:46 2024 by rpki-client on console-fra.rpki-client.org