Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/yCNzv1pYDSeCP8NK1kOUNuNpr2w.roa
File: yCNzv1pYDSeCP8NK1kOUNuNpr2w.roa (raw, json)
Hash identifier: d0lBgDqCxbEXdVSywuMQ/ggLtCfGMVp4E3Bq0x2ZVv8=
Subject key identifier: C8:23:73:BF:5A:58:0D:27:82:3F:C3:4A:D6:43:94:36:E3:69:AF:6C
Certificate issuer: /CN=3a6c606f20cecfe312cc6c814dec9904b6db7c3c
Certificate serial: 01856E78CFE875D2CF76D7ED3F60D4561CCA
Authority key identifier: 3A:6C:60:6F:20:CE:CF:E3:12:CC:6C:81:4D:EC:99:04:B6:DB:7C:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmxgbyDOz-MSzGyBTeyZBLbbfDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/yCNzv1pYDSeCP8NK1kOUNuNpr2w.roa
Signing time: Sun 01 Jan 2023 17:54:49 +0000
ROA not before: Sun 01 Jan 2023 17:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62129
IP address blocks: 185.55.204.0/22 maxlen: 22
5.134.88.0/21 maxlen: 21
45.11.100.0/22 maxlen: 22
2a04:d5c0::/29 maxlen: 29
2a0e:8d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cf:e8:75:d2:cf:76:d7:ed:3f:60:d4:56:1c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6c606f20cecfe312cc6c814dec9904b6db7c3c
Validity
Not Before: Jan 1 17:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82373bf5a580d27823fc34ad6439436e369af6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:99:f3:b4:9a:50:92:59:30:4b:3c:92:eb:
2b:dc:72:42:08:87:ce:9b:40:8a:5d:a2:f8:73:0c:
a6:5a:60:ec:08:6b:68:29:f5:d4:79:ad:e2:d1:46:
d8:1e:90:a0:7b:c3:24:0d:72:af:47:36:83:d5:3d:
a3:9c:22:52:67:9c:cf:57:c4:a0:23:3d:ba:4c:19:
bf:90:8d:86:7e:29:8b:14:2f:f7:e8:ff:ac:71:88:
4d:f3:03:cd:b8:26:8b:a9:d8:5f:83:fe:30:8a:41:
99:8d:2c:99:3e:ab:01:88:c5:e5:70:f0:d2:15:10:
c4:19:fb:f4:5f:bb:07:6e:0e:5f:82:fa:8f:ef:e0:
d8:43:78:e4:c5:81:11:00:11:86:fa:86:11:ef:e9:
03:5a:fe:3f:a1:fa:bb:37:47:78:5a:64:ed:29:c9:
76:50:fe:0b:9d:84:ab:f5:c9:fc:7c:cf:4b:c5:d6:
1e:67:28:25:86:75:6b:ba:7e:df:d0:e1:dc:3c:6a:
22:c2:fb:42:ee:18:da:b1:9c:32:0c:88:f7:0c:b2:
08:52:a4:69:e3:42:92:41:59:67:80:37:9b:2d:31:
c7:62:f7:a1:e7:2f:56:30:9f:83:53:02:c1:29:05:
88:0c:a4:4b:2b:0b:c2:76:ce:15:01:02:1d:fb:41:
d0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:23:73:BF:5A:58:0D:27:82:3F:C3:4A:D6:43:94:36:E3:69:AF:6C
X509v3 Authority Key Identifier:
keyid:3A:6C:60:6F:20:CE:CF:E3:12:CC:6C:81:4D:EC:99:04:B6:DB:7C:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmxgbyDOz-MSzGyBTeyZBLbbfDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/yCNzv1pYDSeCP8NK1kOUNuNpr2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/OmxgbyDOz-MSzGyBTeyZBLbbfDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.88.0/21
45.11.100.0/22
185.55.204.0/22
IPv6:
2a04:d5c0::/29
2a0e:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:e8:d3:4b:ff:67:57:76:e9:08:cb:98:1a:1e:9c:5d:18:ab:
a9:74:29:ef:48:27:fd:14:b1:fb:3a:bf:3d:84:ef:d4:8f:71:
09:ba:e5:2e:2a:53:4e:7a:32:ca:d1:9f:1d:67:5d:c3:3d:1b:
c9:62:83:2d:12:6f:ea:4c:60:58:75:7e:60:bd:d9:a7:05:41:
7c:5e:55:81:ca:c4:46:d0:38:56:9c:b8:e3:a6:ee:19:33:22:
dd:a0:7f:fd:b3:90:4b:13:89:99:d4:22:f0:d2:00:70:c3:ea:
9f:91:fa:68:fa:f2:6e:ef:e9:22:0f:26:96:15:80:92:55:5d:
a6:26:84:07:f5:38:20:f5:21:c9:96:a9:5f:f6:23:b1:c3:58:
d9:35:03:62:63:13:00:73:a8:df:dd:2f:80:3f:76:8a:9e:b5:
f1:ea:2a:c7:c6:9b:6a:05:c0:a4:7f:75:0a:a6:96:8c:9a:44:
8b:14:c2:81:98:f2:b9:2c:27:af:14:b6:e8:ec:13:db:13:c6:
ae:f7:c7:6d:03:08:9e:f9:7b:7b:c8:3f:76:5c:a5:a5:d0:f9:
6d:73:fd:b4:0a:6d:26:62:74:01:25:b3:99:01:99:a1:ba:79:
b3:a5:e8:5d:0f:a9:2f:3b:36:ae:c5:43:18:a8:e0:4a:2f:89:
19:96:50:32
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVueM/oddLPdtftP2DUVhzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmM2MDZmMjBjZWNmZTMxMmNjNmM4MTRkZWM5OTA0YjZk
YjdjM2MwHhcNMjMwMTAxMTc1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIzNzNiZjVhNTgwZDI3ODIzZmMzNGFkNjQzOTQzNmUzNjlhZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl+Z87SaUJJZMEs8kusr3HJCCIfO
m0CKXaL4cwymWmDsCGtoKfXUea3i0UbYHpCge8MkDXKvRzaD1T2jnCJSZ5zPV8Sg
Iz26TBm/kI2GfimLFC/36P+scYhN8wPNuCaLqdhfg/4wikGZjSyZPqsBiMXlcPDS
FRDEGfv0X7sHbg5fgvqP7+DYQ3jkxYERABGG+oYR7+kDWv4/ofq7N0d4WmTtKcl2
UP4LnYSr9cn8fM9LxdYeZyglhnVrun7f0OHcPGoiwvtC7hjasZwyDIj3DLIIUqRp
40KSQVlngDebLTHHYveh5y9WMJ+DUwLBKQWIDKRLKwvCds4VAQId+0HQsQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMgjc79aWA0ngj/DStZDlDbjaa9sMB8GA1UdIwQY
MBaAFDpsYG8gzs/jEsxsgU3smQS223w8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT214Z2J5RE96LU1Tekd5QlRleVpCTGJiZkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84YzNmNmYtNWFlOS00OTJlLTlkM2Et
NzUwZDYyZTllNTNhLzEveUNOenYxcFlEU2VDUDhOSzFrT1VOdU5wcjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84YzNmNmYtNWFlOS00OTJlLTlkM2EtNzUwZDYyZTllNTNh
LzEvT214Z2J5RE96LU1Tekd5QlRleVpCTGJiZkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDBYZYAwQC
LQtkAwQCuTfMMBQEAgACMA4DBQMqBNXAAwUDKg6NADANBgkqhkiG9w0BAQsFAAOC
AQEAmujTS/9nV3bpCMuYGh6cXRirqXQp70gn/RSx+zq/PYTv1I9xCbrlLipTTnoy
ytGfHWddwz0byWKDLRJv6kxgWHV+YL3ZpwVBfF5VgcrERtA4Vpy446buGTMi3aB/
/bOQSxOJmdQi8NIAcMPqn5H6aPrybu/pIg8mlhWAklVdpiaEB/U4IPUhyZapX/Yj
scNY2TUDYmMTAHOo390vgD92ip618eoqx8abagXApH91CqaWjJpEixTCgZjyuSwn
rxS26OwT2xPGrvfHbQMInvl7e8g/dlylpdD5bXP9tAptJmJ0ASWzmQGZobp5s6Xo
XQ+pLzs2rsVDGKjgSi+JGZZQMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:52 2024 by rpki-client on console-fra.rpki-client.org