Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/y3FxZSX5quBUnsicDfccZQTZ7So.roa
File: y3FxZSX5quBUnsicDfccZQTZ7So.roa (raw, json)
Hash identifier: GxYcbsTRvktlMtrwHqAy6LQyYzJK5jg/zmbcxBi7f08=
Subject key identifier: CB:71:71:65:25:F9:AA:E0:54:9E:C8:9C:0D:F7:1C:65:04:D9:ED:2A
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 018CC80176F9EC44000D59706F521E6C7E9F
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/y3FxZSX5quBUnsicDfccZQTZ7So.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.132.186.0/24 maxlen: 24
185.132.187.0/24 maxlen: 24
185.212.206.0/23 maxlen: 24
93.177.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 07:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:76:f9:ec:44:00:0d:59:70:6f:52:1e:6c:7e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb71716525f9aae0549ec89c0df71c6504d9ed2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:f2:52:9c:c1:30:b6:3d:d7:35:27:28:aa:
a4:7d:75:75:43:b8:b3:f9:60:78:1a:63:6f:4a:f2:
d1:71:64:93:44:e9:a1:1d:29:22:dd:0c:91:3c:8c:
4c:b6:79:45:3f:a1:fb:54:3c:00:71:cc:01:f4:65:
d3:19:9b:0d:34:cb:55:32:d3:60:97:4f:d0:ac:9b:
1b:17:ae:aa:aa:54:a6:33:01:f7:5a:57:7b:2e:8d:
52:10:b5:33:13:e2:e2:c6:e0:c6:c1:1d:62:12:46:
3b:83:25:b9:36:d3:e7:10:68:6d:59:36:76:e7:98:
8f:e4:a5:3b:6e:b0:dc:17:00:7c:8a:11:b1:93:27:
c1:c5:c4:fe:09:0c:1c:7c:a0:bc:2d:1f:4c:e7:5f:
c4:db:7b:53:36:a0:a5:91:5a:dc:5a:1c:c1:fa:8c:
48:d4:60:ec:56:00:0c:29:96:1d:86:da:82:05:2b:
dc:0a:f0:a4:e1:f1:05:82:dd:cd:5a:9d:04:2b:3b:
06:61:29:0b:ec:e3:41:57:bc:65:8c:2c:18:70:63:
79:e6:8a:d6:1b:d7:24:1b:2b:f0:bf:15:86:ad:83:
4d:59:ef:d9:8d:bb:69:37:03:a9:92:1a:af:99:72:
5e:a4:d2:ff:c4:7f:db:6b:b4:fa:1c:b0:b3:1d:8e:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:71:71:65:25:F9:AA:E0:54:9E:C8:9C:0D:F7:1C:65:04:D9:ED:2A
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/y3FxZSX5quBUnsicDfccZQTZ7So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.114.0/23
185.132.186.0/23
185.212.206.0/23
Signature Algorithm: sha256WithRSAEncryption
59:25:46:21:49:78:5b:6a:50:e5:0d:03:cd:32:d6:e1:99:1f:
76:66:c4:44:7e:6f:b9:84:25:9b:24:ed:39:39:57:08:63:8a:
ff:b3:ff:a3:51:e4:ac:cb:0a:2c:f5:6a:b7:65:c8:a7:9b:d1:
22:70:92:7c:cd:53:46:f3:c5:8d:16:b6:f2:95:ff:a8:86:51:
93:9b:16:3e:c4:f5:5e:bf:3d:4d:47:96:b8:8e:a0:6f:fb:fd:
3d:90:78:9c:93:68:cc:5c:06:17:0e:1e:81:f6:80:dd:19:87:
d2:ae:e8:91:4c:87:24:b0:74:1a:46:66:ca:e4:f3:46:7b:77:
3a:d2:1e:3a:32:a2:7d:43:ad:8c:f1:86:be:ea:3b:18:41:25:
b9:3b:dc:4f:12:62:98:cc:66:76:44:52:94:78:bc:5b:e3:87:
8d:b8:87:b3:86:36:72:05:de:51:f5:08:51:0e:ed:d6:c6:1e:
1e:00:ed:5a:09:bf:c5:b7:9b:12:aa:0d:0b:9d:cf:60:3b:cb:
91:d2:3a:18:ee:79:ef:3d:ca:57:ae:9d:bf:86:02:33:65:c1:
8e:cb:4b:eb:17:85:79:bb:81:24:ee:02:b8:24:ef:6e:f7:00:
d7:00:dc:6a:8c:fd:25:1c:59:6c:f7:19:af:f4:62:ff:74:57:
ff:48:61:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAXb57EQADVlwb1IebH6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjcxNzE2NTI1ZjlhYWUwNTQ5ZWM4OWMwZGY3MWM2NTA0ZDllZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTvyUpzBMLY91zUnKKqkfXV1Q7iz
+WB4GmNvSvLRcWSTROmhHSki3QyRPIxMtnlFP6H7VDwAccwB9GXTGZsNNMtVMtNg
l0/QrJsbF66qqlSmMwH3Wld7Lo1SELUzE+LixuDGwR1iEkY7gyW5NtPnEGhtWTZ2
55iP5KU7brDcFwB8ihGxkyfBxcT+CQwcfKC8LR9M51/E23tTNqClkVrcWhzB+oxI
1GDsVgAMKZYdhtqCBSvcCvCk4fEFgt3NWp0EKzsGYSkL7ONBV7xljCwYcGN55orW
G9ckGyvwvxWGrYNNWe/ZjbtpNwOpkhqvmXJepNL/xH/ba7T6HLCzHY7OEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMtxcWUl+argVJ7InA33HGUE2e0qMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEveTNGeFpTWDVxdUJVbnNpY0RmY2NaUVRaN1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXbFyAwQB
uYS6AwQBudTOMA0GCSqGSIb3DQEBCwUAA4IBAQBZJUYhSXhbalDlDQPNMtbhmR92
ZsREfm+5hCWbJO05OVcIY4r/s/+jUeSsywos9Wq3Zcinm9EicJJ8zVNG88WNFrby
lf+ohlGTmxY+xPVevz1NR5a4jqBv+/09kHick2jMXAYXDh6B9oDdGYfSruiRTIck
sHQaRmbK5PNGe3c60h46MqJ9Q62M8Ya+6jsYQSW5O9xPEmKYzGZ2RFKUeLxb44eN
uIezhjZyBd5R9QhRDu3Wxh4eAO1aCb/Ft5sSqg0Lnc9gO8uR0joY7nnvPcpXrp2/
hgIzZcGOy0vrF4V5u4Ek7gK4JO9u9wDXANxqjP0lHFls9xmv9GL/dFf/SGEe
-----END CERTIFICATE-----
Generated at Wed Feb 28 11:28:44 2024 by rpki-client on console-ams.rpki-client.org