Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YHB46jL-Jh-Zj5kVzKzYP2JJv3I.roa
File: YHB46jL-Jh-Zj5kVzKzYP2JJv3I.roa (raw, json)
Hash identifier: nuLQH64qpYAzALCBhkN2nKAtMqBVSPEcu4lhqUYFaVE=
Subject key identifier: 60:70:78:EA:32:FE:26:1F:99:8F:99:15:CC:AC:D8:3F:62:49:BF:72
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709565B8E57122B3088F863F9E937140
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YHB46jL-Jh-Zj5kVzKzYP2JJv3I.roa
Signing time: Mon 02 Jan 2023 03:45:17 +0000
ROA not before: Mon 02 Jan 2023 03:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59734
IP address blocks: 95.47.240.0/23 maxlen: 23
92.38.86.0/23 maxlen: 24
95.46.120.0/23 maxlen: 23
93.171.32.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:65:b8:e5:71:22:b3:08:8f:86:3f:9e:93:71:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=607078ea32fe261f998f9915ccacd83f6249bf72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f2:13:ed:e0:ae:22:b1:52:7f:9f:c0:a9:0e:
2a:3f:e8:05:04:d2:a5:92:13:56:80:c8:77:c8:6b:
a0:b0:14:de:06:1c:5c:e4:f2:98:4b:c5:ce:49:a2:
73:7f:93:dd:d7:b2:6a:02:a4:24:49:b8:b7:37:34:
4f:9a:5c:75:87:ed:b1:7b:c6:0a:2f:7f:70:01:c1:
74:2b:23:ea:40:91:6e:a5:cb:cf:41:f1:51:a4:4e:
af:c5:9a:0d:aa:2a:ac:65:ce:e1:91:68:60:33:55:
7a:b6:a1:f6:3b:55:83:09:51:c7:30:af:e3:3a:93:
ed:36:e9:f3:e9:d1:1b:77:14:eb:e3:e1:97:a8:b7:
ac:e7:22:b4:28:a9:4b:dc:95:4b:35:cd:bc:a4:9f:
4f:1a:2d:77:c2:9b:1e:14:b3:17:80:0b:4f:a7:93:
02:e2:6b:cf:78:16:56:82:4e:d7:43:a9:86:a7:ff:
0f:dc:7a:07:41:a6:5e:99:47:7b:31:42:f9:d4:96:
74:f3:28:cc:0a:7b:90:fe:46:c2:44:0d:ff:0d:dc:
8c:ff:d9:84:9b:d2:ea:01:c4:01:dd:e5:91:ab:be:
32:34:98:bb:c3:e4:4e:5d:04:88:83:76:c2:1e:b3:
4d:2d:0c:e4:0c:e1:53:e4:ba:f9:11:14:12:33:11:
fb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:70:78:EA:32:FE:26:1F:99:8F:99:15:CC:AC:D8:3F:62:49:BF:72
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YHB46jL-Jh-Zj5kVzKzYP2JJv3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.86.0/23
93.171.32.0/23
95.46.120.0/23
95.47.240.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:1d:94:2a:c3:c4:00:60:b3:9a:ee:8c:26:aa:79:2b:d5:fb:
8f:e9:e1:23:8b:77:a2:4c:18:af:0b:96:2f:99:1f:0b:8f:2c:
61:4c:0b:91:a2:7d:a0:bd:32:e8:a6:00:c6:93:f9:ca:45:62:
65:ab:0f:e7:a5:2c:6f:c1:e5:2f:87:34:bc:76:ed:72:c3:9f:
84:71:0e:d5:81:a5:cb:1f:ee:f7:35:6f:4a:08:f7:37:b0:df:
b8:9d:e1:d8:54:a3:d0:4c:d3:20:dd:b1:72:76:2e:11:72:1d:
f5:ef:67:b6:d8:75:30:1f:a4:b5:82:6b:db:fc:e0:f8:d7:df:
cc:7a:2a:77:0b:29:b6:30:6a:46:a9:09:c4:fc:f3:3f:8c:ec:
bb:00:48:e9:cf:40:91:90:7f:dc:f5:04:a3:12:18:ab:3e:12:
31:09:19:e4:58:87:3f:ee:bb:58:e0:86:31:f8:b2:f2:a0:08:
0d:2a:dd:c3:2a:d7:f4:e8:a7:aa:85:62:1a:5a:89:f7:59:c8:
d1:a0:87:c2:50:84:5d:53:e9:01:62:f0:4b:e3:a6:ad:63:d3:
c6:9d:c9:7a:2b:e5:99:1c:7b:e1:6b:28:b2:4d:f2:42:ed:c3:
9d:bb:70:17:76:3e:a4:44:6a:1d:ba:d7:f9:32:88:9b:ec:bf:
c2:92:93:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwlWW45XEiswiPhj+ek3FAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcwNzhlYTMyZmUyNjFmOTk4Zjk5MTVjY2FjZDgzZjYyNDliZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfIT7eCuIrFSf5/AqQ4qP+gFBNKl
khNWgMh3yGugsBTeBhxc5PKYS8XOSaJzf5Pd17JqAqQkSbi3NzRPmlx1h+2xe8YK
L39wAcF0KyPqQJFupcvPQfFRpE6vxZoNqiqsZc7hkWhgM1V6tqH2O1WDCVHHMK/j
OpPtNunz6dEbdxTr4+GXqLes5yK0KKlL3JVLNc28pJ9PGi13wpseFLMXgAtPp5MC
4mvPeBZWgk7XQ6mGp/8P3HoHQaZemUd7MUL51JZ08yjMCnuQ/kbCRA3/DdyM/9mE
m9LqAcQB3eWRq74yNJi7w+ROXQSIg3bCHrNNLQzkDOFT5Lr5ERQSMxH7nwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGBweOoy/iYfmY+ZFcys2D9iSb9yMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvWUhCNDZqTC1KaC1aajVrVnpLellQMkpKdjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBXCZWAwQB
XasgAwQBXy54AwQBXy/wMA0GCSqGSIb3DQEBCwUAA4IBAQCzHZQqw8QAYLOa7owm
qnkr1fuP6eEji3eiTBivC5YvmR8LjyxhTAuRon2gvTLopgDGk/nKRWJlqw/npSxv
weUvhzS8du1yw5+EcQ7VgaXLH+73NW9KCPc3sN+4neHYVKPQTNMg3bFydi4Rch31
72e22HUwH6S1gmvb/OD419/Meip3Cym2MGpGqQnE/PM/jOy7AEjpz0CRkH/c9QSj
EhirPhIxCRnkWIc/7rtY4IYx+LLyoAgNKt3DKtf06KeqhWIaWon3WcjRoIfCUIRd
U+kBYvBL46atY9PGncl6K+WZHHvhayiyTfJC7cOdu3AXdj6kRGodutf5Moib7L/C
kpMT
-----END CERTIFICATE-----
Generated at Tue Aug 8 14:55:23 2023 by rpki-client on console-fra.rpki-client.org