Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/lYgC-tvUXtTpbqIeFFWBhBBH4Tc.roa
File: lYgC-tvUXtTpbqIeFFWBhBBH4Tc.roa (raw, json)
Hash identifier: OPTcNzSAEt4B/O/Mj5WgEjJvHum7pBIdd7xw9HHo/Xw=
Subject key identifier: 95:88:02:FA:DB:D4:5E:D4:E9:6E:A2:1E:14:55:81:84:10:47:E1:37
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 01877967DA733AB14750DDF30724F0BA92D7
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/lYgC-tvUXtTpbqIeFFWBhBBH4Tc.roa
Signing time: Thu 13 Apr 2023 06:57:41 +0000
ROA not before: Thu 13 Apr 2023 06:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.212.204.0/23 maxlen: 24
185.212.206.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:67:da:73:3a:b1:47:50:dd:f3:07:24:f0:ba:92:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Apr 13 06:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958802fadbd45ed4e96ea21e145581841047e137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3d:87:ca:dd:a4:38:ea:8a:0d:39:13:2a:18:
bc:a8:99:77:9b:ae:9a:ba:2a:d4:cd:0d:ef:1b:e6:
13:ac:79:49:2d:0e:1a:fe:5f:f7:7c:fe:9f:9b:0d:
0e:26:22:2d:c2:72:74:84:9b:1e:f5:2a:00:8c:c2:
b1:f4:1e:05:7f:1d:e3:9e:af:f5:89:65:c6:4e:eb:
15:ff:85:5a:28:bd:8a:36:35:65:79:3e:b7:f7:a1:
e0:6b:fa:14:d6:0d:d4:d8:8b:d0:03:92:cc:24:fd:
7e:09:bb:a1:85:ef:a9:2f:4a:28:91:65:50:8a:63:
47:a5:d4:56:0e:46:20:17:07:50:9c:df:57:2f:9e:
8e:20:7b:e6:2c:a6:1e:78:5a:2c:14:7c:8d:90:7e:
38:cd:39:10:5e:b0:5f:12:c5:23:37:9a:15:72:d1:
9b:88:d0:57:54:64:92:36:1e:9c:ef:1c:f4:b2:6e:
de:9e:25:1e:5a:63:4c:39:cb:aa:6a:c8:1d:a1:90:
59:67:75:02:b3:0e:53:e1:3a:0f:5a:7e:1b:38:e3:
df:a3:df:ef:8e:c2:d9:54:27:1a:04:c1:8c:5f:fa:
da:12:66:83:6f:50:36:5a:47:96:54:1f:6c:cc:c3:
74:75:b6:96:84:32:36:de:e1:8c:ea:8e:35:53:cd:
c4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:88:02:FA:DB:D4:5E:D4:E9:6E:A2:1E:14:55:81:84:10:47:E1:37
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/lYgC-tvUXtTpbqIeFFWBhBBH4Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.204.0/22
Signature Algorithm: sha256WithRSAEncryption
45:7c:bf:a8:98:4d:02:cf:91:f1:00:b1:c9:55:c8:1a:79:f4:
28:28:97:6d:c8:eb:6f:94:05:d0:79:31:69:ab:4c:50:c2:8c:
ce:41:90:4b:ba:03:6d:e0:86:e8:be:30:8a:d7:18:47:31:9c:
26:83:d5:a6:33:1f:43:bd:c9:89:51:e0:4d:74:89:0c:eb:7b:
5d:5e:93:18:2d:6b:14:64:1c:a4:6c:88:f7:0a:bb:d3:4d:0f:
92:c0:6f:2f:c0:9e:67:84:78:46:f1:ab:ef:d6:d9:ed:fe:c2:
85:91:0b:df:cb:01:42:ff:9c:81:85:00:5a:b0:fb:66:1e:22:
cd:45:a8:2e:7a:95:54:bf:db:38:b6:ff:eb:a8:f5:8c:be:93:
c6:b4:bb:40:3e:c9:4d:7c:ab:dc:be:f3:0d:99:9f:82:d2:e5:
23:58:64:eb:b7:83:4e:c9:86:47:be:5f:19:32:85:e2:19:d6:
7b:51:92:b9:ed:df:3b:2e:47:f1:0b:68:a7:c1:31:89:46:a5:
70:30:d9:c8:0d:ed:59:6b:ae:a0:a7:b0:61:bd:c9:42:e9:bf:
c4:69:80:3f:b7:79:55:40:9b:8d:44:d0:f2:0a:f9:d7:e2:04:
6a:8a:1f:6f:02:66:d8:d6:59:a3:41:5a:8e:35:e4:79:81:71:
e6:a7:53:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd5Z9pzOrFHUN3zByTwupLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMwNDEzMDY1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg4MDJmYWRiZDQ1ZWQ0ZTk2ZWEyMWUxNDU1ODE4NDEwNDdlMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j2Hyt2kOOqKDTkTKhi8qJl3m66a
uirUzQ3vG+YTrHlJLQ4a/l/3fP6fmw0OJiItwnJ0hJse9SoAjMKx9B4Ffx3jnq/1
iWXGTusV/4VaKL2KNjVleT6396Hga/oU1g3U2IvQA5LMJP1+Cbuhhe+pL0ookWVQ
imNHpdRWDkYgFwdQnN9XL56OIHvmLKYeeFosFHyNkH44zTkQXrBfEsUjN5oVctGb
iNBXVGSSNh6c7xz0sm7eniUeWmNMOcuqasgdoZBZZ3UCsw5T4ToPWn4bOOPfo9/v
jsLZVCcaBMGMX/raEmaDb1A2WkeWVB9szMN0dbaWhDI23uGM6o41U83EJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWIAvrb1F7U6W6iHhRVgYQQR+E3MB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvbFlnQy10dlVYdFRwYnFJZUZGV0JoQkJINFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudTMMA0G
CSqGSIb3DQEBCwUAA4IBAQBFfL+omE0Cz5HxALHJVcgaefQoKJdtyOtvlAXQeTFp
q0xQwozOQZBLugNt4IbovjCK1xhHMZwmg9WmMx9DvcmJUeBNdIkM63tdXpMYLWsU
ZBykbIj3CrvTTQ+SwG8vwJ5nhHhG8avv1tnt/sKFkQvfywFC/5yBhQBasPtmHiLN
RaguepVUv9s4tv/rqPWMvpPGtLtAPslNfKvcvvMNmZ+C0uUjWGTrt4NOyYZHvl8Z
MoXiGdZ7UZK57d87LkfxC2inwTGJRqVwMNnIDe1Za66gp7BhvclC6b/EaYA/t3lV
QJuNRNDyCvnX4gRqih9vAmbY1lmjQVqONeR5gXHmp1NX
-----END CERTIFICATE-----
Generated at Mon Oct 2 07:03:21 2023 by rpki-client on console-fra.rpki-client.org