Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/YrKqWKWSceC6j-mMLo26YetlMoo.roa
File: YrKqWKWSceC6j-mMLo26YetlMoo.roa (raw, json)
Hash identifier: UUucAu052+o42kcbROEAbCyK0nlHt/B4Tugql495nag=
Subject key identifier: 62:B2:AA:58:A5:92:71:E0:BA:8F:E9:8C:2E:8D:BA:61:EB:65:32:8A
Certificate issuer: /CN=049926e1cc5e61c5c80eb46a9d7b6f5f63a1661c
Certificate serial: 01856BAECB588C8476F1CEA5E241027E70B8
Authority key identifier: 04:99:26:E1:CC:5E:61:C5:C8:0E:B4:6A:9D:7B:6F:5F:63:A1:66:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJkm4cxeYcXIDrRqnXtvX2OhZhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/YrKqWKWSceC6j-mMLo26YetlMoo.roa
Signing time: Sun 01 Jan 2023 04:54:55 +0000
ROA not before: Sun 01 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25304
IP address blocks: 193.254.230.0/23 maxlen: 23
2001:678:ecc::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:cb:58:8c:84:76:f1:ce:a5:e2:41:02:7e:70:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=049926e1cc5e61c5c80eb46a9d7b6f5f63a1661c
Validity
Not Before: Jan 1 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62b2aa58a59271e0ba8fe98c2e8dba61eb65328a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:23:70:0a:91:25:66:71:28:9e:df:31:80:
ea:4f:c8:45:d0:73:99:ef:a2:a7:0a:13:6c:03:9d:
d3:d5:43:f0:30:a3:e7:2b:bd:a4:ba:84:a4:a7:f1:
5f:dc:c2:2f:a5:b2:8b:d6:d3:51:be:c6:1c:5d:83:
e0:0b:77:85:30:4e:98:42:7e:b6:a5:d4:fa:ff:14:
3f:62:56:a2:1d:91:f2:3f:87:7c:01:23:e9:d2:50:
ff:a9:e4:cd:66:50:47:95:12:39:fb:96:14:ba:15:
9a:3b:7a:6d:87:bb:10:66:15:6d:b2:43:43:e8:95:
25:94:68:28:ef:24:00:56:bc:cf:a0:50:4b:38:6f:
91:6a:9f:44:9b:6e:98:7e:29:1f:2b:48:4b:d5:8a:
a7:75:e4:e9:a4:6d:03:d0:09:66:ef:71:ae:89:6a:
e3:0e:d5:0c:81:25:ea:3f:b3:05:b0:3b:d6:4e:be:
f2:72:9f:c7:78:24:78:87:ea:e1:dd:61:54:64:fa:
fe:37:ad:56:21:63:49:ee:57:0f:04:99:89:b3:a4:
18:e6:2e:31:08:22:59:f6:06:68:d9:89:8b:c4:f1:
fd:51:84:56:aa:48:a8:4f:b6:8a:3b:3e:bf:6b:03:
7e:f7:cf:0d:6a:47:5c:10:2f:49:b2:48:90:05:3d:
81:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B2:AA:58:A5:92:71:E0:BA:8F:E9:8C:2E:8D:BA:61:EB:65:32:8A
X509v3 Authority Key Identifier:
keyid:04:99:26:E1:CC:5E:61:C5:C8:0E:B4:6A:9D:7B:6F:5F:63:A1:66:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJkm4cxeYcXIDrRqnXtvX2OhZhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/YrKqWKWSceC6j-mMLo26YetlMoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c39caf-b777-494d-b682-8e9df96dce45/1/BJkm4cxeYcXIDrRqnXtvX2OhZhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.254.230.0/23
IPv6:
2001:678:ecc::/48
Signature Algorithm: sha256WithRSAEncryption
80:6f:e2:50:c8:82:50:d4:0d:10:67:bf:2a:af:71:00:11:ac:
25:73:87:f9:cf:80:3b:f4:6e:3e:48:07:50:1e:a3:8e:93:30:
51:13:2f:af:a3:d2:6f:92:63:33:3e:a9:38:c8:85:31:52:2c:
2c:83:21:36:99:75:2e:c8:18:7f:1e:f2:e9:01:a6:45:6d:bb:
15:55:4d:d7:a6:45:dd:e3:02:12:f6:b8:e3:c8:2b:41:4f:9c:
07:dd:89:5c:f6:d6:74:2f:85:09:ff:6f:43:a1:cf:96:fe:78:
3b:fa:1c:48:f6:21:26:ca:ea:0b:76:b0:e5:d2:c9:ad:f0:69:
62:a4:e3:ea:53:4c:0c:eb:dc:14:87:2c:61:86:9c:3c:bc:50:
4d:b7:8f:3e:26:4e:25:99:b9:fb:81:f2:59:c4:ed:54:f0:4c:
97:91:ed:12:9a:1d:e9:10:bb:7f:f8:03:0b:6e:27:09:fc:47:
6d:f9:ee:3f:b2:cf:16:67:d1:c5:08:a3:e2:cf:8d:39:03:37:
41:93:6d:a0:2a:50:32:f5:2f:79:a1:60:2f:e6:41:47:4b:11:
4d:20:b7:14:5b:f6:b7:b8:de:89:77:0d:c7:f0:0a:39:4c:c4:
6a:75:a7:0f:8c:cd:d8:e3:b3:1a:57:b9:43:5f:07:cb:85:dd:
f2:93:91:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrrstYjIR28c6l4kECfnC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OTkyNmUxY2M1ZTYxYzVjODBlYjQ2YTlkN2I2ZjVmNjNh
MTY2MWMwHhcNMjMwMTAxMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIyYWE1OGE1OTI3MWUwYmE4ZmU5OGMyZThkYmE2MWViNjUzMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosQjcAqRJWZxKJ7fMYDqT8hF0HOZ
76KnChNsA53T1UPwMKPnK72kuoSkp/Ff3MIvpbKL1tNRvsYcXYPgC3eFME6YQn62
pdT6/xQ/YlaiHZHyP4d8ASPp0lD/qeTNZlBHlRI5+5YUuhWaO3pth7sQZhVtskND
6JUllGgo7yQAVrzPoFBLOG+Rap9Em26YfikfK0hL1YqndeTppG0D0Alm73GuiWrj
DtUMgSXqP7MFsDvWTr7ycp/HeCR4h+rh3WFUZPr+N61WIWNJ7lcPBJmJs6QY5i4x
CCJZ9gZo2YmLxPH9UYRWqkioT7aKOz6/awN+988NakdcEC9JskiQBT2BBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGKyqlilknHguo/pjC6NumHrZTKKMB8GA1UdIwQY
MBaAFASZJuHMXmHFyA60ap17b19joWYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkprbTRjeGVZY1hJRHJScW5YdHZYMk9oWmh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jMzljYWYtYjc3Ny00OTRkLWI2ODIt
OGU5ZGY5NmRjZTQ1LzEvWXJLcVdLV1NjZUM2ai1tTUxvMjZZZXRsTW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jMzljYWYtYjc3Ny00OTRkLWI2ODItOGU5ZGY5NmRjZTQ1
LzEvQkprbTRjeGVZY1hJRHJScW5YdHZYMk9oWmh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwf7mMA8E
AgACMAkDBwAgAQZ4DswwDQYJKoZIhvcNAQELBQADggEBAIBv4lDIglDUDRBnvyqv
cQARrCVzh/nPgDv0bj5IB1Aeo46TMFETL6+j0m+SYzM+qTjIhTFSLCyDITaZdS7I
GH8e8ukBpkVtuxVVTdemRd3jAhL2uOPIK0FPnAfdiVz21nQvhQn/b0Ohz5b+eDv6
HEj2ISbK6gt2sOXSya3waWKk4+pTTAzr3BSHLGGGnDy8UE23jz4mTiWZufuB8lnE
7VTwTJeR7RKaHekQu3/4AwtuJwn8R2357j+yzxZn0cUIo+LPjTkDN0GTbaAqUDL1
L3mhYC/mQUdLEU0gtxRb9re43ol3DcfwCjlMxGp1pw+MzdjjsxpXuUNfB8uF3fKT
kRQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:38 2024 by rpki-client on console-fra.rpki-client.org