Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/yDi29LTWIlqmI76KvD9fDqrCPko.roa
File: yDi29LTWIlqmI76KvD9fDqrCPko.roa (raw, json)
Hash identifier: xU/3q824YH8Vors+O+mR+Par6Oy7bJWHxFD2VwvVJXU=
Subject key identifier: C8:38:B6:F4:B4:D6:22:5A:A6:23:BE:8A:BC:3F:5F:0E:AA:C2:3E:4A
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 01856DDD63A57ABD651F785D010539F7174E
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/yDi29LTWIlqmI76KvD9fDqrCPko.roa
Signing time: Sun 01 Jan 2023 15:05:03 +0000
ROA not before: Sun 01 Jan 2023 15:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212578
IP address blocks: 185.251.82.0/24 maxlen: 24
185.251.83.0/24 maxlen: 24
185.251.80.0/24 maxlen: 24
185.251.81.0/24 maxlen: 24
194.4.52.0/24 maxlen: 24
194.4.53.0/24 maxlen: 24
194.4.54.0/24 maxlen: 24
194.4.55.0/24 maxlen: 24
93.177.112.0/24 maxlen: 24
93.177.113.0/24 maxlen: 24
93.177.114.0/24 maxlen: 24
93.177.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:63:a5:7a:bd:65:1f:78:5d:01:05:39:f7:17:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Jan 1 15:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c838b6f4b4d6225aa623be8abc3f5f0eaac23e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2b:e6:47:4e:55:51:11:29:67:0d:14:c1:c0:
ac:b0:fc:8e:b1:a3:b4:ed:b9:da:79:2f:59:b6:5d:
28:c8:25:c6:c1:d9:01:bc:b4:9f:ea:57:28:23:32:
57:8a:db:0b:43:df:d9:83:ee:c7:38:4d:1e:12:c5:
b1:95:f4:59:dc:11:94:5a:b7:df:eb:7f:f9:83:3f:
5e:3b:b3:f1:c7:44:2c:65:1f:6a:3e:31:52:55:49:
4a:9c:2a:eb:c1:16:8c:94:72:d9:a4:c5:d1:2b:e6:
52:95:11:9e:04:6f:f4:83:ce:b9:0d:22:5a:b0:ec:
3d:d9:b3:40:a8:24:6e:0e:13:82:a5:bd:30:61:8d:
fe:0f:eb:39:5b:4e:d2:ac:6c:67:c4:3d:c4:f2:d8:
d7:93:ef:c7:a5:5a:0d:3b:bd:c3:5f:aa:5f:fd:87:
cf:99:3d:da:90:4a:53:ac:7d:bb:23:17:da:50:8a:
0f:ac:a4:60:1b:89:32:fe:c1:80:aa:13:2f:c0:e9:
4f:ef:c1:41:22:86:97:e5:c1:5a:f5:86:99:87:86:
23:66:6f:cd:ea:20:17:dd:cd:62:26:8a:87:78:5a:
1b:a4:3a:94:35:a0:6f:f8:fc:e5:94:6f:92:76:43:
f0:c8:fd:e9:96:b0:69:8a:fd:41:ad:5e:23:ca:e2:
a5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:38:B6:F4:B4:D6:22:5A:A6:23:BE:8A:BC:3F:5F:0E:AA:C2:3E:4A
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/yDi29LTWIlqmI76KvD9fDqrCPko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.112.0/22
185.251.80.0/22
194.4.52.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:3d:ad:ed:98:89:1f:d1:6c:4f:26:b0:6d:81:9b:98:67:35:
55:03:3d:b4:0d:9a:20:4d:cb:73:26:cf:d9:93:bf:5a:35:71:
9b:f4:1b:e2:0a:73:eb:ce:9f:96:59:22:39:91:cd:e8:a1:bc:
24:d8:6a:d4:c6:64:fa:34:42:b8:7c:53:95:97:67:15:ca:e8:
cd:e6:7f:20:97:b8:9b:64:e7:c6:32:38:fc:70:0b:31:24:0c:
30:12:06:af:7c:32:06:73:e7:6a:5c:6a:39:85:ec:8a:ce:6e:
54:03:9b:2f:d3:a2:e7:bd:56:28:07:4a:b4:6f:37:85:14:68:
49:98:b4:cd:48:55:82:5c:86:2e:e3:6d:a8:16:7a:36:f9:70:
21:db:bd:57:c2:58:35:67:64:7e:01:14:45:04:01:3a:c5:a5:
d3:1f:4f:46:38:4b:53:f5:1a:0f:aa:38:35:5c:4b:d1:e3:d0:
a1:df:6d:16:0a:ed:ea:6d:09:77:6c:14:7d:cd:9a:b3:fe:c7:
94:54:51:25:ee:32:2a:7b:1a:76:f1:2d:66:32:50:0f:e1:ab:
c2:93:fe:8d:85:97:8b:47:81:53:9c:26:68:b0:2e:82:b4:3c:
d8:c9:f1:f1:70:6c:b5:16:bd:7a:01:4f:e3:86:bf:9e:ce:31:
98:49:74:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVt3WOler1lH3hdAQU59xdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMwMTAxMTUwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM4YjZmNGI0ZDYyMjVhYTYyM2JlOGFiYzNmNWYwZWFhYzIzZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArivmR05VUREpZw0UwcCssPyOsaO0
7bnaeS9Ztl0oyCXGwdkBvLSf6lcoIzJXitsLQ9/Zg+7HOE0eEsWxlfRZ3BGUWrff
63/5gz9eO7Pxx0QsZR9qPjFSVUlKnCrrwRaMlHLZpMXRK+ZSlRGeBG/0g865DSJa
sOw92bNAqCRuDhOCpb0wYY3+D+s5W07SrGxnxD3E8tjXk+/HpVoNO73DX6pf/YfP
mT3akEpTrH27IxfaUIoPrKRgG4ky/sGAqhMvwOlP78FBIoaX5cFa9YaZh4YjZm/N
6iAX3c1iJoqHeFobpDqUNaBv+PzllG+SdkPwyP3plrBpiv1BrV4jyuKlbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMg4tvS01iJapiO+irw/Xw6qwj5KMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEveURpMjlMVFdJbHFtSTc2S3ZEOWZEcXJDUGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXbFwAwQC
uftQAwQCwgQ0MA0GCSqGSIb3DQEBCwUAA4IBAQCrPa3tmIkf0WxPJrBtgZuYZzVV
Az20DZogTctzJs/Zk79aNXGb9BviCnPrzp+WWSI5kc3oobwk2GrUxmT6NEK4fFOV
l2cVyujN5n8gl7ibZOfGMjj8cAsxJAwwEgavfDIGc+dqXGo5heyKzm5UA5sv06Ln
vVYoB0q0bzeFFGhJmLTNSFWCXIYu422oFno2+XAh271Xwlg1Z2R+ARRFBAE6xaXT
H09GOEtT9RoPqjg1XEvR49Ch320WCu3qbQl3bBR9zZqz/seUVFEl7jIqexp28S1m
MlAP4avCk/6NhZeLR4FTnCZosC6CtDzYyfHxcGy1Fr16AU/jhr+ezjGYSXR7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:39 2023 by rpki-client on console-ams.rpki-client.org