Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/ykG7hsUvUj21X4Pyev3-ZOLe5g0.roa
File: ykG7hsUvUj21X4Pyev3-ZOLe5g0.roa (raw, json)
Hash identifier: yLYWeYGUiaODLtLLQefcDLR4QaZ7wmSmGtOpdjOi+4U=
Subject key identifier: CA:41:BB:86:C5:2F:52:3D:B5:5F:83:F2:7A:FD:FE:64:E2:DE:E6:0D
Certificate issuer: /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial: 018AFFB1BA981FEE2AAE9D0C7641CB0B1534
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/ykG7hsUvUj21X4Pyev3-ZOLe5g0.roa
Signing time: Thu 05 Oct 2023 11:55:52 +0000
ROA not before: Thu 05 Oct 2023 11:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47714
IP address blocks: 185.137.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:b1:ba:98:1f:ee:2a:ae:9d:0c:76:41:cb:0b:15:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Validity
Not Before: Oct 5 11:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca41bb86c52f523db55f83f27afdfe64e2dee60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:23:ff:bf:0d:57:54:78:f3:b4:82:0c:51:0f:
2d:6e:4f:08:4f:17:e9:a6:43:bf:69:71:4c:2b:9d:
4c:5c:fe:13:e5:07:a6:06:ae:c9:3f:9d:32:f0:49:
67:f6:fb:35:3a:30:a1:47:94:9b:75:db:60:95:6c:
ef:01:56:4e:71:61:b3:17:61:31:fa:58:90:da:bb:
50:3b:19:70:69:f0:e3:b5:86:48:98:6a:61:2a:3b:
d2:a6:a5:9b:b4:5f:7a:1f:9d:60:cb:7b:9c:78:c4:
bf:73:b2:b2:a2:90:d5:7c:36:af:7f:49:d8:e7:81:
59:35:7e:96:d6:e5:43:bc:99:fd:cd:5c:3c:23:81:
c6:db:bf:07:c4:b4:6d:91:f4:a6:48:8c:71:b7:33:
80:17:de:84:77:db:d1:91:42:be:3f:7a:3a:f4:12:
14:70:c0:5c:af:b1:f5:42:2c:60:4b:b2:bd:87:19:
51:29:a3:0b:64:ff:80:b9:8e:18:cb:d8:2d:b7:cf:
b8:55:9d:92:30:53:a8:e4:0a:c8:39:9a:5f:9f:c4:
70:3b:48:37:94:4b:44:8b:b1:17:70:d4:cf:98:2a:
b5:05:b8:d3:2d:39:88:35:7d:2e:94:c2:28:47:8f:
ee:ce:fa:9e:f2:cd:c2:72:03:46:f3:e3:40:44:09:
b9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:41:BB:86:C5:2F:52:3D:B5:5F:83:F2:7A:FD:FE:64:E2:DE:E6:0D
X509v3 Authority Key Identifier:
keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/ykG7hsUvUj21X4Pyev3-ZOLe5g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:10:14:94:3d:04:39:d3:b3:06:0e:bd:24:a8:49:72:d7:40:
97:25:c5:e8:38:9c:e3:f3:7a:60:9c:93:5a:9e:84:fc:88:4d:
1e:f2:f3:8d:0b:3c:69:6a:69:73:b9:67:d7:dc:19:b8:fb:0b:
de:86:b5:27:33:27:73:80:48:62:ad:e7:0b:47:8c:44:67:fb:
7b:c1:46:4a:32:89:f8:13:e0:2f:27:80:5a:30:bd:81:61:ea:
51:c8:68:00:7b:bd:6d:87:a8:bb:10:3e:37:7e:10:32:0b:d2:
ec:15:16:1c:1b:83:89:29:c8:4e:5b:1a:40:19:09:3c:27:2c:
60:dd:80:7f:79:39:a1:5b:54:51:c1:7a:b4:79:d4:62:c5:ea:
e1:99:0c:e9:ee:4e:f6:a2:96:81:9f:f5:3f:01:f4:a0:79:5b:
99:b6:b7:22:a2:80:b4:b0:85:4e:a0:7d:bf:8d:17:a2:52:51:
0e:b5:3a:af:21:0b:1a:bb:4a:3d:e9:41:96:55:fd:b9:75:82:
d8:15:cc:a0:f8:0e:b0:2e:9e:68:de:dd:66:79:b7:27:0b:07:
30:d1:85:79:2f:44:fa:97:a7:34:e4:4e:d8:26:45:c7:23:51:
db:d2:fb:90:f8:d4:b0:a7:49:62:7a:17:aa:65:4c:97:f4:83:
ed:a4:48:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr/sbqYH+4qrp0MdkHLCxU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjMxMDA1MTE1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQxYmI4NmM1MmY1MjNkYjU1ZjgzZjI3YWZkZmU2NGUyZGVlNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyP/vw1XVHjztIIMUQ8tbk8ITxfp
pkO/aXFMK51MXP4T5QemBq7JP50y8Eln9vs1OjChR5SbddtglWzvAVZOcWGzF2Ex
+liQ2rtQOxlwafDjtYZImGphKjvSpqWbtF96H51gy3uceMS/c7KyopDVfDavf0nY
54FZNX6W1uVDvJn9zVw8I4HG278HxLRtkfSmSIxxtzOAF96Ed9vRkUK+P3o69BIU
cMBcr7H1QixgS7K9hxlRKaMLZP+AuY4Yy9gtt8+4VZ2SMFOo5ArIOZpfn8RwO0g3
lEtEi7EXcNTPmCq1BbjTLTmINX0ulMIoR4/uzvqe8s3CcgNG8+NARAm5jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpBu4bFL1I9tV+D8nr9/mTi3uYNMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEveWtHN2hzVXZVajIxWDRQeWV2My1aT0xlNWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYliMA0G
CSqGSIb3DQEBCwUAA4IBAQDlEBSUPQQ507MGDr0kqEly10CXJcXoOJzj83pgnJNa
noT8iE0e8vONCzxpamlzuWfX3Bm4+wvehrUnMydzgEhirecLR4xEZ/t7wUZKMon4
E+AvJ4BaML2BYepRyGgAe71th6i7ED43fhAyC9LsFRYcG4OJKchOWxpAGQk8Jyxg
3YB/eTmhW1RRwXq0edRixerhmQzp7k72opaBn/U/AfSgeVuZtrciooC0sIVOoH2/
jReiUlEOtTqvIQsau0o96UGWVf25dYLYFcyg+A6wLp5o3t1mebcnCwcw0YV5L0T6
l6c05E7YJkXHI1Hb0vuQ+NSwp0lieheqZUyX9IPtpEhb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:13 2024 by rpki-client on console-fra.rpki-client.org