Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/yymJb7pMHSCsu2M76NVYPClr3ts.roa
File: yymJb7pMHSCsu2M76NVYPClr3ts.roa (raw, json)
Hash identifier: 48KyKYFftZGgpSWKGF/QIlKVccuvKps2xiHmkRAc2Yc=
Subject key identifier: CB:29:89:6F:BA:4C:1D:20:AC:BB:63:3B:E8:D5:58:3C:29:6B:DE:DB
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 01858E4CE33890C16E7DD4400306F74DABE8
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/yymJb7pMHSCsu2M76NVYPClr3ts.roa
Signing time: Sat 07 Jan 2023 22:14:41 +0000
ROA not before: Sat 07 Jan 2023 22:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208705
IP address blocks: 193.33.121.0/24 maxlen: 24
2a12:6dc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8e:4c:e3:38:90:c1:6e:7d:d4:40:03:06:f7:4d:ab:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Jan 7 22:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb29896fba4c1d20acbb633be8d5583c296bdedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4e:9a:56:32:74:e8:a7:24:a4:ac:d3:3d:ae:
17:a8:d6:f9:f9:b1:fe:94:ad:c4:cc:43:b9:9f:eb:
41:e2:03:44:e9:5c:ae:e2:7c:cb:34:47:43:27:3d:
be:6d:5b:19:f8:4b:ed:4c:53:81:a9:be:32:2d:e7:
e3:70:54:86:7d:13:ed:cd:8c:d5:e7:e6:35:bb:90:
5e:6d:2d:db:9a:09:d7:4b:0c:a5:8e:83:56:51:d5:
7d:f2:26:ed:9d:7b:04:4b:5f:f5:15:20:ba:66:3f:
78:78:ad:39:67:7d:6a:7f:7b:b3:5a:91:df:5f:80:
8b:99:93:b5:66:26:06:96:37:8e:c7:92:f7:a3:72:
44:18:0a:de:18:6e:64:ca:ee:bb:81:d7:97:93:5e:
5b:23:dd:7a:b3:23:16:2a:5e:73:e0:28:3c:9d:74:
2d:9b:0c:2b:6f:2d:59:25:da:90:a5:f2:70:0d:27:
3b:7e:4b:95:e8:8d:31:db:dc:7d:bf:02:82:88:47:
9e:86:a5:2a:c0:5d:95:f6:8c:20:59:c4:8f:f1:a1:
2a:ca:1c:40:3a:39:99:a5:31:86:ae:6d:19:c1:88:
4f:e1:7f:b7:e1:a1:94:13:39:58:64:b8:2c:bb:a9:
d7:0e:20:35:78:db:75:35:84:78:7f:cd:5b:bf:a7:
0f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:29:89:6F:BA:4C:1D:20:AC:BB:63:3B:E8:D5:58:3C:29:6B:DE:DB
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/yymJb7pMHSCsu2M76NVYPClr3ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.121.0/24
IPv6:
2a12:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:a0:9f:f1:07:5b:dc:76:f3:ce:ef:ff:f0:d4:94:43:f7:52:
04:04:ac:67:73:76:a1:52:15:8f:3f:02:41:d8:08:2c:f3:31:
c6:71:b5:ec:a5:fb:6a:f9:c6:9a:93:60:03:90:cd:9a:db:66:
ba:f5:72:6c:62:3f:de:3a:02:08:4f:4f:38:4e:81:90:90:e3:
07:61:1c:32:5f:41:d2:6c:31:50:c0:25:fa:9c:ae:22:0a:ae:
a3:14:80:c9:ec:81:bc:7d:db:84:c0:f7:17:13:42:5d:50:89:
da:9d:8c:15:aa:29:3c:10:9a:8b:f0:06:1e:bf:f3:0a:97:14:
3d:e8:e8:6b:3b:b9:ac:32:7d:23:21:78:6a:04:4d:fc:69:3c:
34:5e:bc:73:fb:20:b0:1b:09:a4:67:08:77:0f:59:ca:4d:d6:
3b:37:17:ed:2e:98:03:71:78:7b:56:13:08:0a:29:01:bf:ea:
bb:52:39:46:a7:bc:5e:e6:e8:09:11:33:23:85:ce:39:85:21:
6e:09:ed:94:6a:c1:d3:4d:4a:53:ec:3f:65:8a:41:e2:e0:67:
84:3e:28:2c:a1:a5:3f:50:4b:8f:83:a0:0c:0c:4d:66:46:e3:
4b:02:fc:89:57:1b:32:79:97:61:9d:be:6b:6f:89:a9:fd:a6:
41:19:d6:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWOTOM4kMFufdRAAwb3TavoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjMwMTA3MjIxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjI5ODk2ZmJhNGMxZDIwYWNiYjYzM2JlOGQ1NTgzYzI5NmJkZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA606aVjJ06KckpKzTPa4XqNb5+bH+
lK3EzEO5n+tB4gNE6Vyu4nzLNEdDJz2+bVsZ+EvtTFOBqb4yLefjcFSGfRPtzYzV
5+Y1u5BebS3bmgnXSwyljoNWUdV98ibtnXsES1/1FSC6Zj94eK05Z31qf3uzWpHf
X4CLmZO1ZiYGljeOx5L3o3JEGAreGG5kyu67gdeXk15bI916syMWKl5z4Cg8nXQt
mwwrby1ZJdqQpfJwDSc7fkuV6I0x29x9vwKCiEeehqUqwF2V9owgWcSP8aEqyhxA
OjmZpTGGrm0ZwYhP4X+34aGUEzlYZLgsu6nXDiA1eNt1NYR4f81bv6cPPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMspiW+6TB0grLtjO+jVWDwpa97bMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEveXltSmI3cE1IU0NzdTJNNzZOVllQQ2xyM3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSF5MA0E
AgACMAcDBQMqEm3AMA0GCSqGSIb3DQEBCwUAA4IBAQANoJ/xB1vcdvPO7//w1JRD
91IEBKxnc3ahUhWPPwJB2Ags8zHGcbXspftq+caak2ADkM2a22a69XJsYj/eOgII
T084ToGQkOMHYRwyX0HSbDFQwCX6nK4iCq6jFIDJ7IG8fduEwPcXE0JdUInanYwV
qik8EJqL8AYev/MKlxQ96OhrO7msMn0jIXhqBE38aTw0Xrxz+yCwGwmkZwh3D1nK
TdY7NxftLpgDcXh7VhMICikBv+q7UjlGp7xe5ugJETMjhc45hSFuCe2UasHTTUpT
7D9likHi4GeEPigsoaU/UEuPg6AMDE1mRuNLAvyJVxsyeZdhnb5rb4mp/aZBGda5
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:25 2024 by rpki-client on console-ams.rpki-client.org