Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jyp9-qsfMoRFLiH-gt5c2g_dQnc.roa
File: jyp9-qsfMoRFLiH-gt5c2g_dQnc.roa (raw, json)
Hash identifier: c+LfH33haESaEOSFe4ydDb93ZbbaFQeCTU6UYs8ru8A=
Subject key identifier: 8F:2A:7D:FA:AB:1F:32:84:45:2E:21:FE:82:DE:5C:DA:0F:DD:42:77
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0188E837E1B0583839E0358559BB79946B3A
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jyp9-qsfMoRFLiH-gt5c2g_dQnc.roa
Signing time: Fri 23 Jun 2023 12:25:56 +0000
ROA not before: Fri 23 Jun 2023 12:25:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59811
IP address blocks: 185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
2a0b:8640::/29 maxlen: 29
2a04:1840::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:37:e1:b0:58:38:39:e0:35:85:59:bb:79:94:6b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jun 23 12:25:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f2a7dfaab1f3284452e21fe82de5cda0fdd4277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:e9:0b:5b:13:86:fb:4f:04:ab:34:9c:7f:
06:c5:83:af:bb:a7:85:27:dd:7b:f5:f6:0f:c9:b4:
8d:e6:0c:7e:97:d6:70:40:3a:34:7c:4e:76:8e:d0:
a4:26:07:3f:d4:98:09:e8:f3:d2:45:b4:96:46:e9:
ac:47:ec:fe:97:84:cb:a0:2d:f0:f1:81:3a:a2:e4:
f6:23:1a:ee:95:82:ab:ad:05:fe:69:f5:5e:33:e7:
78:87:e4:32:54:8b:de:f1:59:01:7c:01:81:c8:5e:
04:7d:92:f3:ae:4d:43:b1:8c:73:5a:77:20:cb:63:
fe:33:2f:04:aa:9e:c6:2f:70:3c:70:95:41:ab:97:
5d:d6:08:57:ff:1b:86:a9:a1:47:79:2e:c8:68:1d:
40:a8:b4:af:0c:a9:62:e7:22:01:94:ce:7e:25:9c:
57:7b:42:3a:b5:4a:6d:de:b2:23:76:ef:f8:c3:95:
f9:ae:18:d1:86:da:1d:15:f5:0f:3a:44:b5:e1:5d:
94:a9:9d:3b:84:b0:77:e0:fe:79:c9:72:06:d4:ee:
20:d3:31:13:e7:f9:4d:84:e4:66:e1:fb:4b:af:0a:
93:e2:a9:87:88:8d:78:46:86:de:a2:70:01:7d:ea:
cb:82:87:9a:c2:35:c7:85:bf:cf:e3:8a:43:d8:d9:
cc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2A:7D:FA:AB:1F:32:84:45:2E:21:FE:82:DE:5C:DA:0F:DD:42:77
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/jyp9-qsfMoRFLiH-gt5c2g_dQnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.206.0/24
185.149.208.0/24
185.149.210.0/23
IPv6:
2a04:1840::/29
2a0b:8640::/29
Signature Algorithm: sha256WithRSAEncryption
63:ee:0a:70:97:05:36:42:2b:93:2c:66:a9:17:c6:43:69:fc:
d0:bc:af:18:b4:cb:ea:15:7f:7b:e3:d7:95:21:d0:21:bd:55:
99:ef:e9:af:d4:23:a3:6c:dd:2d:a1:31:b7:e3:81:d6:ba:5a:
c6:86:ce:de:cd:08:17:c2:16:d3:a4:01:c2:1d:34:c5:e9:b4:
11:d0:ca:d3:94:b7:bb:15:3a:fe:a6:26:1e:dc:b7:1e:12:84:
40:ee:e9:85:ae:55:ce:b4:b9:1b:be:31:44:82:f2:aa:e3:65:
50:4e:99:c2:d5:9a:91:e4:ad:ac:eb:4a:24:df:af:e4:6f:c5:
06:f1:49:9c:c3:d2:b8:f7:5f:8c:c7:d7:36:3b:f4:47:f7:9d:
f0:37:e2:9a:24:16:89:5c:6c:f2:65:43:82:b5:3f:5b:a4:5b:
3f:27:95:72:00:56:ea:4d:24:ed:5f:39:8b:9b:bb:c7:a2:15:
b9:eb:43:9e:a9:65:93:1d:4e:9b:5f:d3:d5:53:da:69:f8:66:
ad:a8:39:c0:3f:41:8b:44:1a:c7:6e:bc:6c:46:e2:eb:68:df:
a5:08:a7:a0:28:2f:18:e4:60:48:a9:10:93:f3:cc:2e:77:97:
81:8f:d2:65:d9:63:61:3b:d4:2a:69:e0:ae:93:3a:1b:01:2e:
6f:e0:4a:d7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYjoN+GwWDg54DWFWbt5lGs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjMwNjIzMTIyNTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJhN2RmYWFiMWYzMjg0NDUyZTIxZmU4MmRlNWNkYTBmZGQ0Mjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm27pC1sThvtPBKs0nH8GxYOvu6eF
J9179fYPybSN5gx+l9ZwQDo0fE52jtCkJgc/1JgJ6PPSRbSWRumsR+z+l4TLoC3w
8YE6ouT2IxrulYKrrQX+afVeM+d4h+QyVIve8VkBfAGByF4EfZLzrk1DsYxzWncg
y2P+My8Eqp7GL3A8cJVBq5dd1ghX/xuGqaFHeS7IaB1AqLSvDKli5yIBlM5+JZxX
e0I6tUpt3rIjdu/4w5X5rhjRhtodFfUPOkS14V2UqZ07hLB34P55yXIG1O4g0zET
5/lNhORm4ftLrwqT4qmHiI14RobeonABferLgoeawjXHhb/P44pD2NnMbwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFI8qffqrHzKERS4h/oLeXNoP3UJ3MB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvanlwOS1xc2ZNb1JGTGlILWd0NWMyZ19kUW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuULOAwQA
uZXQAwQBuZXSMBQEAgACMA4DBQMqBBhAAwUDKguGQDANBgkqhkiG9w0BAQsFAAOC
AQEAY+4KcJcFNkIrkyxmqRfGQ2n80LyvGLTL6hV/e+PXlSHQIb1Vme/pr9Qjo2zd
LaExt+OB1rpaxobO3s0IF8IW06QBwh00xem0EdDK05S3uxU6/qYmHty3HhKEQO7p
ha5VzrS5G74xRILyquNlUE6ZwtWakeStrOtKJN+v5G/FBvFJnMPSuPdfjMfXNjv0
R/ed8DfimiQWiVxs8mVDgrU/W6RbPyeVcgBW6k0k7V85i5u7x6IVuetDnqllkx1O
m1/T1VPaafhmrag5wD9Bi0Qax268bEbi62jfpQinoCgvGORgSKkQk/PMLneXgY/S
ZdljYTvUKmngrpM6GwEub+BK1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:15 2024 by rpki-client on console-fra.rpki-client.org