Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Y1yaPczpWkqFSFln2tRZLqsFWP8.roa
File: Y1yaPczpWkqFSFln2tRZLqsFWP8.roa (raw, json)
Hash identifier: R6GFeX0Mv43bwcFjdDlBcikd8xjpP0wiz8g4lD80gIM=
Subject key identifier: 63:5C:9A:3D:CC:E9:5A:4A:85:48:59:67:DA:D4:59:2E:AB:05:58:FF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A096B5B78B3B6B47B20574A7D34A544E5
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Y1yaPczpWkqFSFln2tRZLqsFWP8.roa
Signing time: Fri 18 Aug 2023 16:12:25 +0000
ROA not before: Fri 18 Aug 2023 16:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 188.241.136.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 10:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:6b:5b:78:b3:b6:b4:7b:20:57:4a:7d:34:a5:44:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 18 16:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635c9a3dcce95a4a85485967dad4592eab0558ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:82:d9:77:55:14:c2:e1:f0:fb:18:8d:ac:d3:
a0:be:a9:44:a7:93:32:97:41:9f:1f:9f:a1:37:50:
b9:86:93:c3:a1:26:4b:4b:d5:b5:72:c0:5c:e0:07:
b5:b9:cf:68:32:29:4f:8b:ad:7e:f9:03:82:a9:25:
33:22:53:d9:ff:a6:8c:0f:c2:c0:0f:b3:f4:75:8e:
42:a3:bf:ed:e6:dc:5e:25:42:25:9b:f2:50:3c:5f:
16:92:7a:a8:13:04:7f:5b:9d:b2:a1:8e:81:f4:e3:
35:7a:ab:81:99:6c:3f:ce:35:cd:4b:f4:02:f7:9a:
ca:c7:bf:10:0a:eb:4d:1d:2b:f0:f1:04:ef:00:dc:
79:14:94:0c:be:09:62:e9:a6:d3:a8:33:70:eb:d7:
35:31:a3:29:29:90:46:19:0c:16:b9:c3:cb:13:8a:
e1:16:82:46:e5:39:62:39:9e:a7:61:b4:33:64:7e:
6d:ef:53:6a:0b:91:d6:91:1c:75:46:56:17:fc:58:
d1:fe:b0:a9:6d:f2:c1:8b:40:80:f1:2f:dc:10:d3:
18:ff:8a:3d:85:8f:fe:4b:38:c7:35:5e:3a:e4:24:
47:3d:90:fc:52:b8:b9:d0:5c:7d:da:4f:06:73:d5:
86:ef:ed:98:02:75:32:db:ae:34:c0:c4:e0:0e:a4:
99:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5C:9A:3D:CC:E9:5A:4A:85:48:59:67:DA:D4:59:2E:AB:05:58:FF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Y1yaPczpWkqFSFln2tRZLqsFWP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.171.0/24
188.208.103.0/24
188.241.136.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f6:36:d5:db:26:d1:bf:ec:63:3c:9c:46:e3:a3:2f:bd:52:
d8:21:23:26:26:6a:75:66:19:60:ef:86:2d:9f:ac:e9:44:8a:
d7:ad:e6:fc:f2:8c:f5:ef:34:2a:81:2e:27:90:d7:3b:f2:59:
80:1f:7a:36:37:43:e0:e4:1a:0d:e5:97:15:81:b3:61:4c:db:
a5:67:c2:f4:cd:c8:7c:94:0a:2b:ca:b6:53:db:11:63:7a:51:
a7:9e:5c:d2:12:3a:f6:76:32:18:2e:25:d9:c7:71:cd:7c:47:
60:17:6f:33:bb:a5:e5:71:8f:8f:93:d3:0a:b6:d6:42:b3:3f:
82:2a:a2:c4:97:0a:d7:b3:03:10:04:5d:84:13:f6:73:f1:8a:
f3:41:65:a4:f7:89:1d:71:b9:53:93:e7:6e:32:25:ce:5a:9f:
a7:fb:41:d8:f9:bc:2d:40:ad:11:0d:9b:15:69:a8:da:9b:fb:
29:96:02:46:9e:8e:13:31:c7:cc:cb:7a:2a:7c:b4:8e:62:a9:
5c:59:f4:96:3d:3d:34:40:07:f2:7b:d2:c6:45:5b:ad:f6:4f:
2f:68:27:7d:90:0e:6f:f6:1e:ea:15:e6:ca:dc:67:6f:5c:24:
26:11:bb:00:54:9b:62:e0:ec:08:7e:d2:6a:64:42:7a:5a:1f:
25:ff:5a:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoJa1t4s7a0eyBXSn00pUTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODE4MTYxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVjOWEzZGNjZTk1YTRhODU0ODU5NjdkYWQ0NTkyZWFiMDU1OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYLZd1UUwuHw+xiNrNOgvqlEp5My
l0GfH5+hN1C5hpPDoSZLS9W1csBc4Ae1uc9oMilPi61++QOCqSUzIlPZ/6aMD8LA
D7P0dY5Co7/t5txeJUIlm/JQPF8WknqoEwR/W52yoY6B9OM1equBmWw/zjXNS/QC
95rKx78QCutNHSvw8QTvANx5FJQMvgli6abTqDNw69c1MaMpKZBGGQwWucPLE4rh
FoJG5TliOZ6nYbQzZH5t71NqC5HWkRx1RlYX/FjR/rCpbfLBi0CA8S/cENMY/4o9
hY/+SzjHNV465CRHPZD8Uri50Fx92k8Gc9WG7+2YAnUy2640wMTgDqSZcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNcmj3M6VpKhUhZZ9rUWS6rBVj/MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWTF5YVBjenBXa3FGU0ZsbjJ0UlpMcXNGV1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXsarAwQA
vNBnAwQAvPGIMA0GCSqGSIb3DQEBCwUAA4IBAQBI9jbV2ybRv+xjPJxG46MvvVLY
ISMmJmp1Zhlg74Ytn6zpRIrXreb88oz17zQqgS4nkNc78lmAH3o2N0Pg5BoN5ZcV
gbNhTNulZ8L0zch8lAoryrZT2xFjelGnnlzSEjr2djIYLiXZx3HNfEdgF28zu6Xl
cY+Pk9MKttZCsz+CKqLElwrXswMQBF2EE/Zz8YrzQWWk94kdcblTk+duMiXOWp+n
+0HY+bwtQK0RDZsVaajam/splgJGno4TMcfMy3oqfLSOYqlcWfSWPT00QAfye9LG
RVut9k8vaCd9kA5v9h7qFebK3GdvXCQmEbsAVJti4OwIftJqZEJ6Wh8l/1rL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org