Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/yTv5FUlvB6TnPSII5HV3B3BqnMg.roa
File: yTv5FUlvB6TnPSII5HV3B3BqnMg.roa (raw, json)
Hash identifier: /DRH43DSY24MYx1LPdk0pv4fiFW2hXgo01MvkDYQBEY=
Subject key identifier: C9:3B:F9:15:49:6F:07:A4:E7:3D:22:08:E4:75:77:07:70:6A:9C:C8
Certificate issuer: /CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Certificate serial: 018E08E7BC2710A21AD20FC9F73B8B6AF957
Authority key identifier: 5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/yTv5FUlvB6TnPSII5HV3B3BqnMg.roa
Signing time: Mon 04 Mar 2024 09:59:48 +0000
ROA not before: Mon 04 Mar 2024 09:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207467
IP address blocks: 185.65.72.0/23 maxlen: 23
185.65.74.0/24 maxlen: 24
185.65.75.0/24 maxlen: 24
2a03:1a20::/48 maxlen: 48
2a03:1a20:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 10:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:e7:bc:27:10:a2:1a:d2:0f:c9:f7:3b:8b:6a:f9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Validity
Not Before: Mar 4 09:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c93bf915496f07a4e73d2208e4757707706a9cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f9:66:de:12:69:dc:f7:6c:b5:0f:b4:ab:67:
4c:fc:9e:9e:84:27:c4:ef:a3:e3:60:05:ce:dd:2b:
bc:d0:09:2b:7b:f9:44:69:d9:58:38:7a:04:ee:08:
cf:b9:b5:58:b1:7e:de:3e:e3:15:64:5b:c9:34:9a:
8f:03:7e:36:11:29:60:2b:00:bd:19:51:c8:39:c1:
6d:2f:fe:26:c8:64:fb:d5:1f:a9:34:9b:be:6c:4b:
c0:0f:5c:ff:53:59:bd:06:32:fb:be:c3:e1:81:4d:
0f:32:60:89:30:59:64:74:ee:21:c7:fe:ee:5f:8e:
d3:93:6b:ba:81:63:cd:ca:9a:4c:66:db:a2:5e:b6:
be:e6:ed:10:14:b0:97:b3:b6:7a:03:f2:b4:97:bc:
ea:40:67:27:cc:3f:cb:8e:e8:00:78:6f:7f:6e:c9:
a8:99:c4:ba:58:97:7a:9b:8c:4b:49:51:6f:22:5a:
ec:6e:72:c8:0b:d8:d9:59:20:e5:27:0f:2e:24:cb:
ba:5e:ba:02:3c:0f:58:1f:76:3e:e4:b2:f1:08:b4:
1b:83:47:b2:d5:d3:d1:f9:2a:4b:fc:88:67:39:c7:
0a:9f:bb:de:67:f4:c3:4d:e9:e0:12:eb:ae:d9:88:
97:51:c0:9b:8b:9b:29:61:f3:21:71:ad:c5:db:0a:
ff:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3B:F9:15:49:6F:07:A4:E7:3D:22:08:E4:75:77:07:70:6A:9C:C8
X509v3 Authority Key Identifier:
keyid:5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/yTv5FUlvB6TnPSII5HV3B3BqnMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.72.0/22
IPv6:
2a03:1a20::/48
2a03:1a20:10::/48
Signature Algorithm: sha256WithRSAEncryption
78:ee:15:b7:66:df:30:6a:02:64:d8:57:6e:7d:ec:b9:58:f8:
a1:32:4a:ff:84:2b:3b:78:81:2c:fc:cb:cd:06:c6:74:3d:a6:
91:f7:fd:14:ae:08:31:6c:2b:8c:e6:df:75:74:5b:9b:05:09:
ac:92:68:8c:f2:e3:ed:e8:5d:a4:b3:90:a8:7c:6f:f3:5f:c8:
c8:40:9a:f4:ad:2b:0a:98:a2:34:8d:a9:b7:22:67:d1:dc:9b:
68:d2:3b:0a:29:76:64:ec:81:74:13:f6:fb:de:72:96:1e:02:
7b:51:bb:80:64:03:33:09:e5:dc:4f:15:cc:40:8f:b6:30:f6:
4c:52:37:f1:fd:ac:6e:9a:fa:54:bf:15:90:c5:93:dc:8f:96:
57:52:71:5e:ab:04:41:30:d5:fc:6e:4e:79:48:4e:40:5e:e2:
7c:b4:84:24:92:f7:b2:9d:08:87:5c:c5:4c:45:67:b7:fd:74:
56:c0:11:ea:60:53:e3:32:da:3f:c2:66:5e:5a:ca:93:66:da:
b7:f8:c7:37:7b:ae:2c:73:76:8c:cc:b3:30:97:8b:5e:1b:0d:
97:a4:7a:b4:88:58:e3:3c:13:a2:e3:41:41:03:46:d1:6f:72:
11:fb:86:f3:c6:0f:0a:8f:82:71:f5:ab:5f:81:b6:7c:5f:0b:
e2:91:45:17
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4I57wnEKIa0g/J9zuLavlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2JiODQ4OTE2NTFmMjAzOWNkODFiMGI2MDkxMmY3YzBl
NWNmOTYwHhcNMjQwMzA0MDk1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNiZjkxNTQ5NmYwN2E0ZTczZDIyMDhlNDc1NzcwNzcwNmE5Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvlm3hJp3PdstQ+0q2dM/J6ehCfE
76PjYAXO3Su80Akre/lEadlYOHoE7gjPubVYsX7ePuMVZFvJNJqPA342ESlgKwC9
GVHIOcFtL/4myGT71R+pNJu+bEvAD1z/U1m9BjL7vsPhgU0PMmCJMFlkdO4hx/7u
X47Tk2u6gWPNyppMZtuiXra+5u0QFLCXs7Z6A/K0l7zqQGcnzD/LjugAeG9/bsmo
mcS6WJd6m4xLSVFvIlrsbnLIC9jZWSDlJw8uJMu6XroCPA9YH3Y+5LLxCLQbg0ey
1dPR+SpL/IhnOccKn7veZ/TDTengEuuu2YiXUcCbi5spYfMhca3F2wr/VwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMk7+RVJbwek5z0iCOR1dwdwapzIMB8GA1UdIwQY
MBaAFF07uEiRZR8gOc2BsLYJEvfA5c+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4Njkt
NGY4YzYzOGE3MmUxLzEveVR2NUZVbHZCNlRuUFNJSTVIVjNCM0Jxbk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4NjktNGY4YzYzOGE3MmUx
LzEvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuUFIMBgE
AgACMBIDBwAqAxogAAADBwAqAxogABAwDQYJKoZIhvcNAQELBQADggEBAHjuFbdm
3zBqAmTYV2597LlY+KEySv+EKzt4gSz8y80GxnQ9ppH3/RSuCDFsK4zm33V0W5sF
CaySaIzy4+3oXaSzkKh8b/NfyMhAmvStKwqYojSNqbciZ9Hcm2jSOwopdmTsgXQT
9vvecpYeAntRu4BkAzMJ5dxPFcxAj7Yw9kxSN/H9rG6a+lS/FZDFk9yPlldScV6r
BEEw1fxuTnlITkBe4ny0hCSS97KdCIdcxUxFZ7f9dFbAEepgU+My2j/CZl5aypNm
2rf4xzd7rixzdozMszCXi14bDZekerSIWOM8E6LjQUEDRtFvchH7hvPGDwqPgnH1
q1+BtnxfC+KRRRc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:56 2025 by rpki-client