Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/YBZfozgTYxH3vQ-gNYSwUCf6pT4.roa
File: YBZfozgTYxH3vQ-gNYSwUCf6pT4.roa (raw, json)
Hash identifier: MdIy64nEBmGri1vBDeqdtyCyE5TxnUVFlMwPYUBdobA=
Subject key identifier: 60:16:5F:A3:38:13:63:11:F7:BD:0F:A0:35:84:B0:50:27:FA:A5:3E
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 01856F14F47FB0448A9C4A33C53E1D1F340C
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/YBZfozgTYxH3vQ-gNYSwUCf6pT4.roa
Signing time: Sun 01 Jan 2023 20:45:22 +0000
ROA not before: Sun 01 Jan 2023 20:45:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204192
IP address blocks: 94.40.7.0/24 maxlen: 24
94.40.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f4:7f:b0:44:8a:9c:4a:33:c5:3e:1d:1f:34:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 20:45:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60165fa338136311f7bd0fa03584b05027faa53e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b9:51:e0:f9:cd:01:91:24:75:83:45:64:7e:
09:38:bf:bf:b1:cc:8b:95:49:14:c7:d2:ad:9a:41:
7d:d2:4c:81:a7:7c:a0:76:38:83:1c:ce:ae:b2:4d:
32:a3:67:5f:fd:8c:42:98:d1:9f:f7:9c:9c:8e:96:
02:d7:69:35:96:6b:2b:a0:8e:ed:9d:89:a3:7d:31:
e3:98:7e:8d:0d:c8:51:ad:f4:ce:a3:8f:f3:33:40:
48:f3:32:8e:1d:f4:00:30:60:64:ad:16:d8:bb:c4:
96:d7:7e:1e:c3:ad:d6:38:e9:10:7b:95:70:01:46:
d1:cc:c5:5c:5a:00:29:57:43:17:0a:74:af:d9:10:
95:73:d4:47:3c:f3:84:1c:9d:48:ef:75:33:65:75:
ad:0b:a7:ca:af:0d:59:14:38:70:ec:33:13:52:c3:
b0:20:8e:ea:8c:c7:ca:84:66:fa:9a:80:ed:05:c3:
7f:87:50:db:9a:25:22:c8:96:01:4f:b9:b8:aa:b1:
eb:87:68:11:11:19:78:a2:1d:ac:e6:fb:72:e0:9c:
af:6c:cf:52:bf:bb:bd:b0:9c:1d:69:38:16:6c:66:
d7:ce:cf:2b:a0:57:07:69:73:68:a1:f4:1d:66:17:
ec:b6:d4:5d:de:74:3e:d6:ee:a5:0f:04:a5:22:fe:
ec:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:16:5F:A3:38:13:63:11:F7:BD:0F:A0:35:84:B0:50:27:FA:A5:3E
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/YBZfozgTYxH3vQ-gNYSwUCf6pT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.40.7.0-94.40.8.255
Signature Algorithm: sha256WithRSAEncryption
00:f2:fb:7d:6f:d9:72:f6:de:64:d4:19:a6:1f:51:a0:e9:b0:
f0:f1:b4:1d:24:6b:c9:7d:9e:ab:1b:93:b7:e2:9d:76:7a:9e:
26:3d:08:cf:b5:b2:fe:3c:82:15:37:00:e0:03:a4:df:35:07:
69:ce:7b:93:33:43:90:7f:57:8e:8f:1b:61:4e:da:c4:c7:53:
97:20:9e:07:1f:a3:fb:31:c4:43:49:4a:69:22:8b:9e:5f:04:
55:21:23:7a:e1:60:08:7a:dc:61:c9:cc:73:ee:ed:c5:79:a7:
a0:50:76:89:e7:21:ab:d1:8f:01:65:55:da:78:bd:d5:6c:34:
83:f5:4b:e2:55:bc:2d:3e:62:46:14:ac:d9:a3:b0:a1:5f:a5:
e9:13:a7:6f:2e:f9:3d:3d:0d:b1:ab:eb:2d:1f:da:32:65:bb:
0c:e0:26:bb:96:8e:92:76:44:1a:7e:9e:5f:16:e7:f4:4a:e6:
4a:86:91:79:8f:86:f5:d4:66:90:44:e1:38:4e:e6:54:ad:81:
62:42:c2:ed:2c:f9:46:b4:df:a1:2d:4a:b7:52:6b:07:63:72:
01:63:d2:aa:01:ea:3f:89:a3:34:1b:04:3d:fe:3c:6c:df:5f:
77:2d:27:22:40:80:33:01:02:77:7f:78:4f:dd:79:18:d8:20:
82:9b:98:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvFPR/sESKnEozxT4dHzQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjMwMTAxMjA0NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE2NWZhMzM4MTM2MzExZjdiZDBmYTAzNTg0YjA1MDI3ZmFhNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLlR4PnNAZEkdYNFZH4JOL+/scyL
lUkUx9KtmkF90kyBp3ygdjiDHM6usk0yo2df/YxCmNGf95ycjpYC12k1lmsroI7t
nYmjfTHjmH6NDchRrfTOo4/zM0BI8zKOHfQAMGBkrRbYu8SW134ew63WOOkQe5Vw
AUbRzMVcWgApV0MXCnSv2RCVc9RHPPOEHJ1I73UzZXWtC6fKrw1ZFDhw7DMTUsOw
II7qjMfKhGb6moDtBcN/h1DbmiUiyJYBT7m4qrHrh2gRERl4oh2s5vty4JyvbM9S
v7u9sJwdaTgWbGbXzs8roFcHaXNoofQdZhfsttRd3nQ+1u6lDwSlIv7sBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGAWX6M4E2MR970PoDWEsFAn+qU+MB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvWUJaZm96Z1RZeEgzdlEtZ05ZU3dVQ2Y2cFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABeKAcD
BABeKAgwDQYJKoZIhvcNAQELBQADggEBAADy+31v2XL23mTUGaYfUaDpsPDxtB0k
a8l9nqsbk7finXZ6niY9CM+1sv48ghU3AOADpN81B2nOe5MzQ5B/V46PG2FO2sTH
U5cgngcfo/sxxENJSmkii55fBFUhI3rhYAh63GHJzHPu7cV5p6BQdonnIavRjwFl
Vdp4vdVsNIP1S+JVvC0+YkYUrNmjsKFfpekTp28u+T09DbGr6y0f2jJluwzgJruW
jpJ2RBp+nl8W5/RK5kqGkXmPhvXUZpBE4ThO5lStgWJCwu0s+Ua036EtSrdSawdj
cgFj0qoB6j+JozQbBD3+PGzfX3ctJyJAgDMBAnd/eE/deRjYIIKbmLk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:58 2024 by rpki-client on console-ams.rpki-client.org