Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/19c943-93cc-4597-bec7-3318ee4a50a6/1/yZkyGyX3YboxiMkovsDO9sk7R1k.roa
File: yZkyGyX3YboxiMkovsDO9sk7R1k.roa (raw, json)
Hash identifier: 58dVxscyVCcbVP3M5SXGGCrt7rbWD4UUYekxYIgEYaQ=
Subject key identifier: C9:99:32:1B:25:F7:61:BA:31:88:C9:28:BE:C0:CE:F6:C9:3B:47:59
Certificate issuer: /CN=b9ae786ec3a6d8393e023d5d75be7e3f1df9ab2e
Certificate serial: 018B947E941CD0E436CD52E6EAD5A0E5A908
Authority key identifier: B9:AE:78:6E:C3:A6:D8:39:3E:02:3D:5D:75:BE:7E:3F:1D:F9:AB:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ua54bsOm2Dk-Aj1ddb5-Px35qy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/19c943-93cc-4597-bec7-3318ee4a50a6/1/yZkyGyX3YboxiMkovsDO9sk7R1k.roa
Signing time: Fri 03 Nov 2023 09:23:25 +0000
ROA not before: Fri 03 Nov 2023 09:23:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43013
IP address blocks: 185.88.56.0/22 maxlen: 22
188.65.96.0/21 maxlen: 21
2a02:60c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:7e:94:1c:d0:e4:36:cd:52:e6:ea:d5:a0:e5:a9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ae786ec3a6d8393e023d5d75be7e3f1df9ab2e
Validity
Not Before: Nov 3 09:23:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c999321b25f761ba3188c928bec0cef6c93b4759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:f3:47:94:3d:5d:47:f3:3e:10:b0:04:2c:
11:f8:d6:2a:fb:f1:a0:a5:e3:cc:99:19:f6:7e:1d:
d9:ca:b0:e9:a1:c9:1e:91:e5:10:9a:05:64:30:f2:
89:a6:63:96:d4:82:6d:f3:51:f2:f8:cd:82:26:8b:
3b:cf:7d:1d:bb:40:1c:32:8d:82:4a:b2:45:9e:01:
6e:b5:d7:3e:16:1c:cc:b1:10:a8:65:bb:47:0c:ba:
93:dd:34:50:65:a9:eb:0e:be:9f:9f:24:e4:80:33:
00:1b:3c:15:27:51:58:0a:53:c2:7e:02:c1:89:46:
9a:43:a1:36:08:b2:b9:bb:ea:12:2a:f8:8b:1f:40:
20:23:b4:0e:b9:f5:76:b5:f0:b4:ea:14:c3:46:25:
d5:ba:b1:f1:be:67:5e:79:8a:57:b0:04:59:88:79:
94:e5:4d:93:84:5c:3f:34:53:67:ca:f5:38:0e:c4:
4e:51:ae:97:ee:05:bc:f2:09:42:af:5c:46:e1:19:
c5:df:e3:a5:2c:93:92:a2:c7:bf:1b:be:1d:f7:a0:
22:e0:e3:97:8f:55:f7:c1:9f:a4:6c:10:14:5c:32:
45:46:a7:06:fa:a8:5f:eb:5a:0e:d2:b8:c5:ac:52:
83:93:55:a4:0e:29:92:dd:4d:39:bd:84:74:06:8e:
94:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:99:32:1B:25:F7:61:BA:31:88:C9:28:BE:C0:CE:F6:C9:3B:47:59
X509v3 Authority Key Identifier:
keyid:B9:AE:78:6E:C3:A6:D8:39:3E:02:3D:5D:75:BE:7E:3F:1D:F9:AB:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ua54bsOm2Dk-Aj1ddb5-Px35qy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/19c943-93cc-4597-bec7-3318ee4a50a6/1/yZkyGyX3YboxiMkovsDO9sk7R1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/19c943-93cc-4597-bec7-3318ee4a50a6/1/ua54bsOm2Dk-Aj1ddb5-Px35qy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.56.0/22
188.65.96.0/21
IPv6:
2a02:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
66:be:82:9a:79:f9:aa:0c:af:ec:06:16:30:8d:89:e8:23:1f:
61:23:5f:44:c6:30:b6:54:7b:ff:37:fd:92:e7:bf:8b:b4:f0:
39:ef:76:1a:b1:00:32:64:9a:c2:38:f8:2f:c1:91:f7:da:fb:
df:a1:4f:f3:a2:59:f9:b4:df:48:1b:89:30:dc:ee:50:52:a3:
fc:91:1e:e5:5e:d4:4e:0b:fa:93:1c:a8:5e:86:0f:c7:e0:6e:
b3:65:fb:11:4d:df:14:74:82:8c:1a:57:80:0a:bd:aa:b2:df:
ca:b6:e6:84:5d:22:97:11:90:df:8e:bc:42:21:64:24:d9:ef:
e6:3c:e4:29:e2:a3:57:e7:79:94:47:e7:f7:74:8a:a7:16:ab:
2f:ca:34:69:93:ee:a8:63:16:aa:2f:e9:ef:66:b9:f3:23:8d:
1c:72:5f:b9:0b:56:1b:e1:86:9f:9e:cf:d8:63:8f:88:a2:ad:
fb:c4:c9:42:4a:9e:b9:95:59:08:a9:26:13:2d:79:59:d0:74:
e9:78:87:ef:a7:b1:c4:bb:c2:68:6b:ad:13:df:69:9c:f8:e3:
96:c1:bd:dd:96:93:6a:99:1d:8b:75:ab:4b:c8:9f:82:98:75:
0d:0b:be:ae:d3:50:e6:90:72:06:eb:a3:c5:ab:f2:be:aa:e5:
00:39:62:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuUfpQc0OQ2zVLm6tWg5akIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWU3ODZlYzNhNmQ4MzkzZTAyM2Q1ZDc1YmU3ZTNmMWRm
OWFiMmUwHhcNMjMxMTAzMDkyMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTk5MzIxYjI1Zjc2MWJhMzE4OGM5MjhiZWMwY2VmNmM5M2I0NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ3zR5Q9XUfzPhCwBCwR+NYq+/Gg
pePMmRn2fh3ZyrDpockekeUQmgVkMPKJpmOW1IJt81Hy+M2CJos7z30du0AcMo2C
SrJFngFutdc+FhzMsRCoZbtHDLqT3TRQZanrDr6fnyTkgDMAGzwVJ1FYClPCfgLB
iUaaQ6E2CLK5u+oSKviLH0AgI7QOufV2tfC06hTDRiXVurHxvmdeeYpXsARZiHmU
5U2ThFw/NFNnyvU4DsROUa6X7gW88glCr1xG4RnF3+OlLJOSose/G74d96Ai4OOX
j1X3wZ+kbBAUXDJFRqcG+qhf61oO0rjFrFKDk1WkDimS3U05vYR0Bo6UdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMmZMhsl92G6MYjJKL7AzvbJO0dZMB8GA1UdIwQY
MBaAFLmueG7Dptg5PgI9XXW+fj8d+asuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWE1NGJzT20yRGstQWoxZGRiNS1QeDM1cXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8xOWM5NDMtOTNjYy00NTk3LWJlYzct
MzMxOGVlNGE1MGE2LzEveVpreUd5WDNZYm94aU1rb3ZzRE85c2s3UjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8xOWM5NDMtOTNjYy00NTk3LWJlYzctMzMxOGVlNGE1MGE2
LzEvdWE1NGJzT20yRGstQWoxZGRiNS1QeDM1cXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVg4AwQD
vEFgMA0EAgACMAcDBQAqAmDAMA0GCSqGSIb3DQEBCwUAA4IBAQBmvoKaefmqDK/s
BhYwjYnoIx9hI19ExjC2VHv/N/2S57+LtPA573YasQAyZJrCOPgvwZH32vvfoU/z
oln5tN9IG4kw3O5QUqP8kR7lXtROC/qTHKhehg/H4G6zZfsRTd8UdIKMGleACr2q
st/KtuaEXSKXEZDfjrxCIWQk2e/mPOQp4qNX53mUR+f3dIqnFqsvyjRpk+6oYxaq
L+nvZrnzI40ccl+5C1Yb4Yafns/YY4+Ioq37xMlCSp65lVkIqSYTLXlZ0HTpeIfv
p7HEu8Joa60T32mc+OOWwb3dlpNqmR2LdatLyJ+CmHUNC76u01DmkHIG66PFq/K+
quUAOWLa
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:42 2024 by rpki-client on console-ams.rpki-client.org