Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YGX2pzblCLNZXeLg7ynRTjXwMn4.roa
File: YGX2pzblCLNZXeLg7ynRTjXwMn4.roa (raw, json)
Hash identifier: oBGGctTc6lLicFS694zAKyR8GFfMxh/Ai4+6X3XORP4=
Subject key identifier: 60:65:F6:A7:36:E5:08:B3:59:5D:E2:E0:EF:29:D1:4E:35:F0:32:7E
Certificate issuer: /CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Certificate serial: 01856D0A9CD224BB028429B5C7F23072F830
Authority key identifier: D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YGX2pzblCLNZXeLg7ynRTjXwMn4.roa
Signing time: Sun 01 Jan 2023 11:14:50 +0000
ROA not before: Sun 01 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8822
IP address blocks: 195.182.224.0/24 maxlen: 24
195.182.225.0/24 maxlen: 24
195.182.224.0/19 maxlen: 19
195.182.226.0/24 maxlen: 24
2a0f:4c00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9c:d2:24:bb:02:84:29:b5:c7:f2:30:72:f8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d78ac174e852b71c31163ec1d8649fff6b07ba79
Validity
Not Before: Jan 1 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6065f6a736e508b3595de2e0ef29d14e35f0327e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:15:4b:fb:37:3d:d9:84:db:b3:8c:ef:1f:59:
70:39:00:6a:9e:3c:11:40:57:db:3b:fd:7f:ca:64:
0d:e2:4a:22:07:6e:b6:47:0d:30:73:8a:83:91:a3:
2c:2e:58:8c:2c:b2:1d:a0:b8:b7:97:31:dd:d6:ab:
ea:1b:7d:1f:50:03:03:78:e2:31:b1:5e:ab:98:d7:
f0:70:dc:e8:0b:d6:54:e6:b1:70:5e:7d:ad:7b:9a:
ef:98:df:35:a0:96:47:ea:0b:52:36:8d:40:07:bf:
67:0c:b3:9e:f1:6d:01:a0:10:70:36:9f:97:ed:e1:
f9:c2:7d:6c:89:bd:59:c3:b5:2a:17:c6:ef:8b:a1:
66:1c:42:a1:a4:06:d3:d2:f0:30:d5:86:e8:28:74:
d0:cf:66:00:20:9d:64:05:11:3e:b2:7f:ab:f0:02:
a7:ce:5e:3d:75:4e:cb:22:4d:da:65:b3:6b:d4:02:
1a:b8:aa:85:f6:56:03:67:32:2b:eb:ab:f0:ee:4c:
05:cf:a1:b8:bc:19:fb:ab:93:d4:1d:fb:4b:c1:c6:
c9:9e:62:40:dc:ad:ba:63:43:2a:3a:d1:dd:d2:04:
61:fe:ae:6c:9c:31:d9:92:fa:af:41:00:05:8f:9a:
14:b3:8b:45:9b:e8:1c:ce:44:70:07:81:ba:43:a6:
d6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:65:F6:A7:36:E5:08:B3:59:5D:E2:E0:EF:29:D1:4E:35:F0:32:7E
X509v3 Authority Key Identifier:
keyid:D7:8A:C1:74:E8:52:B7:1C:31:16:3E:C1:D8:64:9F:FF:6B:07:BA:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14rBdOhStxwxFj7B2GSf_2sHunk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/YGX2pzblCLNZXeLg7ynRTjXwMn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e80231-53b8-4225-8523-947de3868cd5/1/14rBdOhStxwxFj7B2GSf_2sHunk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.224.0/19
IPv6:
2a0f:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
05:56:d0:39:95:83:31:63:8a:f1:4d:0f:39:6a:47:9e:7d:46:
10:f7:a7:60:66:b1:d7:db:32:0e:c3:cd:51:28:87:87:f4:e5:
9b:26:4c:94:06:1c:85:a2:9b:3d:a9:13:3d:18:42:df:c5:f3:
08:ea:3a:02:91:32:a8:ea:04:d9:3e:30:26:f6:bc:6e:e4:bc:
7d:7d:e0:cf:42:1b:ef:a3:70:05:9d:b1:51:3f:10:ee:a5:98:
c0:a3:72:e6:14:5c:f5:da:72:ce:d4:75:2d:a7:52:d1:1d:12:
5a:75:6b:12:63:23:e1:78:7e:4f:9e:19:03:f7:9d:57:3d:93:
c2:a1:1e:e3:d6:01:25:80:51:f8:be:14:05:d2:d0:e0:69:a6:
b4:20:63:54:1a:96:90:49:c2:c2:8f:2b:bc:f9:11:7f:f3:9f:
87:3c:bd:86:fa:c3:33:07:fe:52:54:00:8b:22:b2:27:a7:4b:
c5:cb:d0:b0:ee:70:4c:cd:dd:73:79:45:0c:10:2c:81:76:87:
71:17:39:19:da:cd:a0:71:b5:59:0a:3f:44:b7:33:e6:86:17:
41:5a:e0:d1:60:0c:a6:a7:31:39:bd:9f:10:4b:23:45:5f:57:
bf:d4:aa:75:7e:cd:9a:61:20:7f:93:04:34:e6:f4:9d:bc:6a:
7e:ab:60:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtCpzSJLsChCm1x/IwcvgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OGFjMTc0ZTg1MmI3MWMzMTE2M2VjMWQ4NjQ5ZmZmNmIw
N2JhNzkwHhcNMjMwMTAxMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY1ZjZhNzM2ZTUwOGIzNTk1ZGUyZTBlZjI5ZDE0ZTM1ZjAzMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBVL+zc92YTbs4zvH1lwOQBqnjwR
QFfbO/1/ymQN4koiB262Rw0wc4qDkaMsLliMLLIdoLi3lzHd1qvqG30fUAMDeOIx
sV6rmNfwcNzoC9ZU5rFwXn2te5rvmN81oJZH6gtSNo1AB79nDLOe8W0BoBBwNp+X
7eH5wn1sib1Zw7UqF8bvi6FmHEKhpAbT0vAw1YboKHTQz2YAIJ1kBRE+sn+r8AKn
zl49dU7LIk3aZbNr1AIauKqF9lYDZzIr66vw7kwFz6G4vBn7q5PUHftLwcbJnmJA
3K26Y0MqOtHd0gRh/q5snDHZkvqvQQAFj5oUs4tFm+gczkRwB4G6Q6bWCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGBl9qc25QizWV3i4O8p0U418DJ+MB8GA1UdIwQY
MBaAFNeKwXToUrccMRY+wdhkn/9rB7p5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMt
OTQ3ZGUzODY4Y2Q1LzEvWUdYMnB6YmxDTE5aWGVMZzd5blJUalh3TW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lODAyMzEtNTNiOC00MjI1LTg1MjMtOTQ3ZGUzODY4Y2Q1
LzEvMTRyQmRPaFN0eHd4Rmo3QjJHU2ZfMnNIdW5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFw7bgMA0E
AgACMAcDBQMqD0wAMA0GCSqGSIb3DQEBCwUAA4IBAQAFVtA5lYMxY4rxTQ85akee
fUYQ96dgZrHX2zIOw81RKIeH9OWbJkyUBhyFops9qRM9GELfxfMI6joCkTKo6gTZ
PjAm9rxu5Lx9feDPQhvvo3AFnbFRPxDupZjAo3LmFFz12nLO1HUtp1LRHRJadWsS
YyPheH5PnhkD951XPZPCoR7j1gElgFH4vhQF0tDgaaa0IGNUGpaQScLCjyu8+RF/
85+HPL2G+sMzB/5SVACLIrInp0vFy9Cw7nBMzd1zeUUMECyBdodxFzkZ2s2gcbVZ
Cj9EtzPmhhdBWuDRYAympzE5vZ8QSyNFX1e/1Kp1fs2aYSB/kwQ05vSdvGp+q2Ct
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:06 2024 by rpki-client on console-fra.rpki-client.org