Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/yOtY06mUsY5qEEeO3TNyHf6qevk.roa
File: yOtY06mUsY5qEEeO3TNyHf6qevk.roa (raw, json)
Hash identifier: Z1ecDP40UnCWBMoyaf/7tp64KphPNSspDRObgM/F5KA=
Subject key identifier: C8:EB:58:D3:A9:94:B1:8E:6A:10:47:8E:DD:33:72:1D:FE:AA:7A:F9
Certificate issuer: /CN=097b6035e5717fc93a83e3e3ec817e6607643844
Certificate serial: 01856F4B85380FCA3BAA6F9B5550EB5A3CDA
Authority key identifier: 09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/yOtY06mUsY5qEEeO3TNyHf6qevk.roa
Signing time: Sun 01 Jan 2023 21:44:58 +0000
ROA not before: Sun 01 Jan 2023 21:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24904
IP address blocks: 185.238.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:85:38:0f:ca:3b:aa:6f:9b:55:50:eb:5a:3c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097b6035e5717fc93a83e3e3ec817e6607643844
Validity
Not Before: Jan 1 21:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8eb58d3a994b18e6a10478edd33721dfeaa7af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f8:7a:d2:fc:ae:b3:60:a0:b7:5b:b8:2d:a6:
7f:98:bf:d4:89:47:70:85:81:92:30:2d:a3:67:54:
78:b8:46:a3:c5:80:7c:58:78:64:c2:57:47:eb:c7:
07:bf:07:45:19:a5:ea:9f:00:49:06:4e:05:00:1d:
b9:bb:aa:64:c9:4c:fa:86:dc:48:dd:85:61:34:0f:
6c:e6:0a:c4:36:d8:e8:2b:1c:e6:46:12:a1:08:55:
19:09:00:71:86:ba:0f:e9:fc:de:95:47:fc:ae:96:
dd:95:05:96:f2:a3:28:ff:c4:32:8c:ae:c7:58:58:
d2:87:0e:f0:68:97:04:d9:dd:7c:07:5c:57:d6:6e:
e7:70:11:ee:b3:77:be:eb:04:6f:9d:00:5e:4c:23:
ee:0b:7d:5e:ff:e2:1d:10:5d:00:89:d5:e8:54:52:
34:77:2f:ab:77:a9:0f:42:c8:87:6a:da:62:9f:54:
68:b1:1a:11:8b:a2:af:da:56:d4:bd:ac:c9:31:92:
e1:df:d1:42:44:d5:4a:7d:ff:7c:26:22:3a:d2:61:
ac:59:93:0c:a6:f9:3e:e7:ee:86:8a:2c:9a:35:de:
7b:7f:40:be:44:32:08:66:4c:f9:dd:40:82:20:a8:
05:78:fd:c1:25:18:af:64:95:6f:28:af:24:f8:89:
a3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:EB:58:D3:A9:94:B1:8E:6A:10:47:8E:DD:33:72:1D:FE:AA:7A:F9
X509v3 Authority Key Identifier:
keyid:09:7B:60:35:E5:71:7F:C9:3A:83:E3:E3:EC:81:7E:66:07:64:38:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/yOtY06mUsY5qEEeO3TNyHf6qevk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/0db829-6ebe-482a-a412-61fd1df95727/1/CXtgNeVxf8k6g-Pj7IF-ZgdkOEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.4.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:95:02:de:30:53:5e:b2:7c:b9:30:73:db:8e:b7:dd:24:76:
d7:0c:89:46:df:27:90:b3:f5:c5:36:ac:c2:f7:2f:34:f2:7d:
24:fb:67:31:52:1c:d4:73:90:ca:da:20:a3:b1:ba:b6:9a:72:
53:79:ed:49:24:ea:10:dc:ed:87:0b:48:98:fe:cc:cb:2b:b4:
0a:8a:2d:fc:83:3c:2c:87:01:e8:34:4e:4e:e4:d6:01:cb:a6:
4a:a5:66:65:7d:f4:27:09:cf:74:d6:04:5b:08:14:b7:7d:37:
b1:2d:3f:d0:96:4d:c0:57:a0:91:3f:30:1c:52:32:80:c2:08:
2c:70:00:b1:a3:a2:e2:41:7a:77:0e:cd:f7:e5:5b:62:17:ec:
f9:ec:2d:10:61:76:2c:b2:25:3a:ad:77:f7:e5:9f:2b:a4:e2:
80:b3:8e:01:40:1e:ad:71:9c:c7:63:80:4c:92:19:9d:71:f1:
b5:46:f3:af:87:67:42:7b:63:56:2f:5d:f8:30:55:b5:e5:55:
8f:b8:0c:d4:15:b5:71:29:bd:20:ea:1a:89:51:44:b6:99:b9:
d3:98:96:28:5a:14:67:9f:5e:08:d0:4c:6d:a6:9b:1b:b7:6b:
30:aa:c9:49:1d:81:0d:f1:2e:39:67:79:9e:a3:84:08:45:d8:
21:55:9f:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4U4D8o7qm+bVVDrWjzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5N2I2MDM1ZTU3MTdmYzkzYTgzZTNlM2VjODE3ZTY2MDc2
NDM4NDQwHhcNMjMwMTAxMjE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGViNThkM2E5OTRiMThlNmExMDQ3OGVkZDMzNzIxZGZlYWE3YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvh60vyus2Cgt1u4LaZ/mL/UiUdw
hYGSMC2jZ1R4uEajxYB8WHhkwldH68cHvwdFGaXqnwBJBk4FAB25u6pkyUz6htxI
3YVhNA9s5grENtjoKxzmRhKhCFUZCQBxhroP6fzelUf8rpbdlQWW8qMo/8QyjK7H
WFjShw7waJcE2d18B1xX1m7ncBHus3e+6wRvnQBeTCPuC31e/+IdEF0AidXoVFI0
dy+rd6kPQsiHatpin1RosRoRi6Kv2lbUvazJMZLh39FCRNVKff98JiI60mGsWZMM
pvk+5+6GiiyaNd57f0C+RDIIZkz53UCCIKgFeP3BJRivZJVvKK8k+Imj5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjrWNOplLGOahBHjt0zch3+qnr5MB8GA1UdIwQY
MBaAFAl7YDXlcX/JOoPj4+yBfmYHZDhEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1h0Z05lVnhmOGs2Zy1QajdJRi1aZ2RrT0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8wZGI4MjktNmViZS00ODJhLWE0MTIt
NjFmZDFkZjk1NzI3LzEveU90WTA2bVVzWTVxRUVlTzNUTnlIZjZxZXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8wZGI4MjktNmViZS00ODJhLWE0MTItNjFmZDFkZjk1NzI3
LzEvQ1h0Z05lVnhmOGs2Zy1QajdJRi1aZ2RrT0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4EMA0G
CSqGSIb3DQEBCwUAA4IBAQBflQLeMFNesny5MHPbjrfdJHbXDIlG3yeQs/XFNqzC
9y808n0k+2cxUhzUc5DK2iCjsbq2mnJTee1JJOoQ3O2HC0iY/szLK7QKii38gzws
hwHoNE5O5NYBy6ZKpWZlffQnCc901gRbCBS3fTexLT/Qlk3AV6CRPzAcUjKAwggs
cACxo6LiQXp3Ds335VtiF+z57C0QYXYssiU6rXf35Z8rpOKAs44BQB6tcZzHY4BM
khmdcfG1RvOvh2dCe2NWL134MFW15VWPuAzUFbVxKb0g6hqJUUS2mbnTmJYoWhRn
n14I0Extppsbt2swqslJHYEN8S45Z3meo4QIRdghVZ/j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:35 2024 by rpki-client on console-fra.rpki-client.org