Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iYJanY0CDzwEQcanQxXKonETnjs.roa
File: iYJanY0CDzwEQcanQxXKonETnjs.roa (raw, json)
Hash identifier: 2TdW3C/t2LpfQqxE5bvx/9BKvW1ChIAVdNr952zBmzI=
Subject key identifier: 89:82:5A:9D:8D:02:0F:3C:04:41:C6:A7:43:15:CA:A2:71:13:9E:3B
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0185A28CA69F305CFF73C05A8B831157E762
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iYJanY0CDzwEQcanQxXKonETnjs.roa
Signing time: Wed 11 Jan 2023 20:36:44 +0000
ROA not before: Wed 11 Jan 2023 20:36:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 19:43:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:8c:a6:9f:30:5c:ff:73:c0:5a:8b:83:11:57:e7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 11 20:36:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89825a9d8d020f3c0441c6a74315caa271139e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b3:f6:25:e5:cb:93:db:da:e7:31:a8:1b:81:
99:a2:46:da:de:06:c2:3a:76:6d:0b:b2:14:fb:ec:
59:c4:78:c1:d6:83:4f:ea:ea:bd:a6:38:90:b7:8f:
ad:f6:5e:9f:00:6a:72:40:db:04:22:e5:2b:20:55:
2f:81:32:03:90:62:6b:de:3a:4c:77:c5:01:94:1c:
2b:dc:3d:27:c3:d0:31:89:d3:d0:a1:3b:4e:1f:93:
61:bd:97:73:8b:c1:24:3e:61:e2:f6:32:ed:2e:db:
55:f0:5c:f1:16:f4:cc:da:2c:15:79:08:e9:2b:2d:
c3:d1:ca:4f:af:50:10:39:ec:19:57:4b:3e:59:ba:
7d:97:22:ab:cc:2e:10:73:d8:c5:0e:31:6b:6b:6f:
99:9e:31:13:ae:54:bb:c2:f4:97:b0:c6:36:d4:c1:
e1:86:fe:38:11:dc:d4:8e:69:8a:b9:f2:88:86:60:
9c:a3:2d:3d:ad:51:c9:8c:82:db:45:83:d9:e2:75:
af:e3:09:e6:bf:2c:6b:12:4f:f0:bc:c2:bc:3d:fb:
5b:ea:02:30:44:8f:e2:79:dd:89:5f:2f:9f:61:2a:
d2:b4:2c:28:33:d5:f9:b8:54:c8:d2:95:06:93:56:
86:a3:13:e4:29:61:52:ed:19:2d:c8:4c:9b:29:79:
66:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:82:5A:9D:8D:02:0F:3C:04:41:C6:A7:43:15:CA:A2:71:13:9E:3B
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/iYJanY0CDzwEQcanQxXKonETnjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.86.0/24
188.132.189.0/24
188.132.191.0/24
188.132.193.0/24
188.132.249.0/24
212.68.35.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
9e:26:e3:05:85:7e:44:3f:33:a1:6c:4f:2d:d9:d0:52:bd:55:
6c:28:8f:99:7d:89:2a:f0:30:39:aa:3e:4e:31:7f:69:5c:cb:
a5:e9:81:3c:e9:83:3d:20:01:35:72:dc:a8:a9:25:0b:89:d7:
ec:df:9e:44:2f:4f:c6:35:4c:71:97:41:a8:a0:8c:81:08:81:
52:22:3b:af:da:44:04:35:c2:4e:8d:4e:96:4f:bb:4d:30:0d:
8c:2b:00:05:a4:57:cd:12:c2:de:d1:b3:20:e0:bf:a6:f1:c0:
d2:ae:47:a9:ae:7f:fd:9f:24:17:7a:da:9f:d7:d1:2e:25:a4:
5c:61:f1:fb:3b:c0:68:e8:44:30:77:ed:3a:7c:23:0d:8a:25:
92:16:1e:51:d1:7b:33:28:2f:c5:d7:a5:27:f8:0c:f2:bc:5a:
b8:b0:20:76:c7:1c:1a:03:2a:83:b5:82:43:b9:3b:a6:62:4e:
12:ce:99:9f:96:be:3c:27:2a:6d:01:21:a5:e9:f8:b1:ed:0e:
74:cf:08:b7:34:26:04:a1:de:76:b2:6c:62:4d:45:6e:98:fb:
56:82:d3:15:44:42:ea:78:04:8e:82:2d:1b:02:af:41:bc:ea:
db:f1:c7:91:4c:b2:7d:8b:20:e5:ae:66:65:1a:3f:b6:c1:a7:
2a:bf:a3:1e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYWijKafMFz/c8Bai4MRV+diMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTExMjAzNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgyNWE5ZDhkMDIwZjNjMDQ0MWM2YTc0MzE1Y2FhMjcxMTM5ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7P2JeXLk9va5zGoG4GZokba3gbC
OnZtC7IU++xZxHjB1oNP6uq9pjiQt4+t9l6fAGpyQNsEIuUrIFUvgTIDkGJr3jpM
d8UBlBwr3D0nw9AxidPQoTtOH5NhvZdzi8EkPmHi9jLtLttV8FzxFvTM2iwVeQjp
Ky3D0cpPr1AQOewZV0s+Wbp9lyKrzC4Qc9jFDjFra2+ZnjETrlS7wvSXsMY21MHh
hv44EdzUjmmKufKIhmCcoy09rVHJjILbRYPZ4nWv4wnmvyxrEk/wvMK8Pftb6gIw
RI/ied2JXy+fYSrStCwoM9X5uFTI0pUGk1aGoxPkKWFS7RktyEybKXlmRQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFImCWp2NAg88BEHGp0MVyqJxE547MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvaVlKYW5ZMENEendFUWNhblF4WEtvbkVUbmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATodJAwQA
TodWAwQAvIS9AwQAvIS/AwQAvITBAwQAvIT5AwQA1EQjMAwDBADURDsDBADURDww
DQYJKoZIhvcNAQELBQADggEBAJ4m4wWFfkQ/M6FsTy3Z0FK9VWwoj5l9iSrwMDmq
Pk4xf2lcy6XpgTzpgz0gATVy3KipJQuJ1+zfnkQvT8Y1THGXQaigjIEIgVIiO6/a
RAQ1wk6NTpZPu00wDYwrAAWkV80Swt7RsyDgv6bxwNKuR6muf/2fJBd62p/X0S4l
pFxh8fs7wGjoRDB37Tp8Iw2KJZIWHlHRezMoL8XXpSf4DPK8WriwIHbHHBoDKoO1
gkO5O6ZiThLOmZ+WvjwnKm0BIaXp+LHtDnTPCLc0JgSh3naybGJNRW6Y+1aC0xVE
Qup4BI6CLRsCr0G86tvxx5FMsn2LIOWuZmUaP7bBpyq/ox4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org