Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/yqqccoQSS-Z0C_rivngu4U3XShI.roa
File: yqqccoQSS-Z0C_rivngu4U3XShI.roa (raw, json)
Hash identifier: /V1B/V0JqxXXm1/dunN4e1JnPkCXnCN6s1tTbe4jd2w=
Subject key identifier: CA:AA:9C:72:84:12:4B:E6:74:0B:FA:E2:BE:78:2E:E1:4D:D7:4A:12
Certificate issuer: /CN=922a1a67e2da7112d4559cd8dbd8141f8f3277e8
Certificate serial: 018571D799247DC10D4432589F0E064DDFD2
Authority key identifier: 92:2A:1A:67:E2:DA:71:12:D4:55:9C:D8:DB:D8:14:1F:8F:32:77:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kioaZ-LacRLUVZzY29gUH48yd-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/yqqccoQSS-Z0C_rivngu4U3XShI.roa
Signing time: Mon 02 Jan 2023 09:37:12 +0000
ROA not before: Mon 02 Jan 2023 09:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56457
IP address blocks: 176.119.210.0/24 maxlen: 24
2a06:5780::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Jul 2023 14:21:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:99:24:7d:c1:0d:44:32:58:9f:0e:06:4d:df:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922a1a67e2da7112d4559cd8dbd8141f8f3277e8
Validity
Not Before: Jan 2 09:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caaa9c7284124be6740bfae2be782ee14dd74a12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e2:6b:6e:4f:5f:08:d8:00:0a:e9:99:e0:31:
3b:d6:9d:c9:a8:f0:c6:c6:7b:d0:02:d8:b7:26:66:
b9:ab:21:dd:12:18:92:b3:2b:e5:4e:15:ff:c0:6b:
6f:ee:e8:20:28:52:3f:5f:96:7f:1f:7e:b9:26:22:
bd:77:68:07:f4:16:a3:d2:29:ff:98:58:d7:5d:45:
a6:6b:f1:d8:29:23:70:1e:bb:ad:50:6d:fb:1d:f0:
24:65:c1:56:76:ba:16:29:90:6a:27:7e:5c:68:0f:
af:07:46:86:ab:bd:cb:20:37:a2:ad:9e:cd:79:a6:
bf:a1:7f:7e:1a:02:98:76:f3:ca:bf:11:29:11:c5:
73:1a:85:0f:26:ad:98:c8:ae:96:bd:93:1f:b7:21:
2b:76:a4:a5:a0:e1:b6:1c:97:4a:b9:aa:81:cb:eb:
c6:85:44:fb:fe:e6:70:56:f9:11:b8:da:42:79:d1:
c7:d1:2b:59:08:19:3a:fe:aa:ff:70:94:e4:79:ca:
1f:76:ff:0c:1e:a9:b8:ce:84:21:87:50:54:b2:ff:
8e:01:8d:53:91:30:14:03:cc:8e:2d:bf:cf:3d:f2:
5c:9a:7e:06:be:49:9e:41:ef:2b:55:5d:49:55:ae:
f2:e7:b8:fe:b3:0a:15:6f:fb:89:db:70:cc:7b:04:
0f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AA:9C:72:84:12:4B:E6:74:0B:FA:E2:BE:78:2E:E1:4D:D7:4A:12
X509v3 Authority Key Identifier:
keyid:92:2A:1A:67:E2:DA:71:12:D4:55:9C:D8:DB:D8:14:1F:8F:32:77:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kioaZ-LacRLUVZzY29gUH48yd-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/yqqccoQSS-Z0C_rivngu4U3XShI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5dac30-8570-47b2-b26a-7f3a428171c7/1/kioaZ-LacRLUVZzY29gUH48yd-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.210.0/24
IPv6:
2a06:5780::/29
Signature Algorithm: sha256WithRSAEncryption
4e:88:d8:10:d2:5f:53:da:44:7a:72:9f:74:ee:71:24:f7:03:
28:2d:88:35:21:d9:4d:4b:a1:d5:ac:58:69:c4:94:2f:3e:9e:
66:7b:52:02:a4:f5:a1:17:68:17:4c:61:38:7e:31:74:d3:f0:
27:f6:8c:a2:35:40:25:95:4c:9b:d1:67:73:c7:e3:9f:c5:e7:
52:e4:26:1c:05:9f:f9:59:49:b0:e2:b7:12:5f:43:0b:5a:c5:
60:dc:11:06:6b:5b:b7:2d:f4:cd:e8:9b:ee:44:5c:d0:39:3e:
97:08:59:c8:1a:4f:be:e0:c8:5f:15:63:76:c7:06:e5:5b:03:
4a:28:2e:10:a4:89:b1:5a:a1:6a:bd:17:7b:8b:88:e7:70:39:
a4:df:d5:c8:d8:8c:8b:57:e1:2e:62:10:d2:5e:71:f9:d8:3d:
66:c0:23:bf:a4:a1:39:a1:60:5f:f6:08:93:e7:bf:97:d4:cf:
f4:96:05:41:f5:02:1e:d9:8c:e1:94:19:3b:9a:58:bb:c4:02:
03:5a:61:74:12:14:44:58:5a:68:d0:32:91:4a:0b:83:23:9c:
31:1c:8e:a0:d9:45:d0:6f:8a:5e:0f:c6:3c:9f:da:5a:0c:d8:
96:fc:d4:49:01:3c:6a:32:af:22:51:a5:84:73:91:2b:02:86:
b1:14:41:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx15kkfcENRDJYnw4GTd/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMmExYTY3ZTJkYTcxMTJkNDU1OWNkOGRiZDgxNDFmOGYz
Mjc3ZTgwHhcNMjMwMTAyMDkzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFhOWM3Mjg0MTI0YmU2NzQwYmZhZTJiZTc4MmVlMTRkZDc0YTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOJrbk9fCNgACumZ4DE71p3JqPDG
xnvQAti3Jma5qyHdEhiSsyvlThX/wGtv7uggKFI/X5Z/H365JiK9d2gH9Baj0in/
mFjXXUWma/HYKSNwHrutUG37HfAkZcFWdroWKZBqJ35caA+vB0aGq73LIDeirZ7N
eaa/oX9+GgKYdvPKvxEpEcVzGoUPJq2YyK6WvZMftyErdqSloOG2HJdKuaqBy+vG
hUT7/uZwVvkRuNpCedHH0StZCBk6/qr/cJTkecofdv8MHqm4zoQhh1BUsv+OAY1T
kTAUA8yOLb/PPfJcmn4GvkmeQe8rVV1JVa7y57j+swoVb/uJ23DMewQPfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMqqnHKEEkvmdAv64r54LuFN10oSMB8GA1UdIwQY
MBaAFJIqGmfi2nES1FWc2NvYFB+PMnfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lvYVotTGFjUkxVVlp6WTI5Z1VINDh5ZC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZGFjMzAtODU3MC00N2IyLWIyNmEt
N2YzYTQyODE3MWM3LzEveXFxY2NvUVNTLVowQ19yaXZuZ3U0VTNYU2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZGFjMzAtODU3MC00N2IyLWIyNmEtN2YzYTQyODE3MWM3
LzEva2lvYVotTGFjUkxVVlp6WTI5Z1VINDh5ZC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsHfSMA0E
AgACMAcDBQMqBleAMA0GCSqGSIb3DQEBCwUAA4IBAQBOiNgQ0l9T2kR6cp907nEk
9wMoLYg1IdlNS6HVrFhpxJQvPp5me1ICpPWhF2gXTGE4fjF00/An9oyiNUAllUyb
0Wdzx+OfxedS5CYcBZ/5WUmw4rcSX0MLWsVg3BEGa1u3LfTN6JvuRFzQOT6XCFnI
Gk++4MhfFWN2xwblWwNKKC4QpImxWqFqvRd7i4jncDmk39XI2IyLV+EuYhDSXnH5
2D1mwCO/pKE5oWBf9giT57+X1M/0lgVB9QIe2YzhlBk7mli7xAIDWmF0EhREWFpo
0DKRSguDI5wxHI6g2UXQb4peD8Y8n9paDNiW/NRJATxqMq8iUaWEc5ErAoaxFEEr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org