Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/yuPWziLX-2MpsmNjZjqw8iNhFF4.roa
File: yuPWziLX-2MpsmNjZjqw8iNhFF4.roa (raw, json)
Hash identifier: ivXDUVfOYtppDop7KfdU2+f8d81diYdSR+77GrbRZKc=
Subject key identifier: CA:E3:D6:CE:22:D7:FB:63:29:B2:63:63:66:3A:B0:F2:23:61:14:5E
Certificate issuer: /CN=1ff2cf1a6230cd62cb3ca8a1bc1d4a4bb4337c1d
Certificate serial: 018757A5476DE2C39C548E6042EA2AE851EA
Authority key identifier: 1F:F2:CF:1A:62:30:CD:62:CB:3C:A8:A1:BC:1D:4A:4B:B4:33:7C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_LPGmIwzWLLPKihvB1KS7QzfB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/yuPWziLX-2MpsmNjZjqw8iNhFF4.roa
Signing time: Thu 06 Apr 2023 17:37:42 +0000
ROA not before: Thu 06 Apr 2023 17:37:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49434
IP address blocks: 185.198.20.0/23 maxlen: 23
185.198.20.0/22 maxlen: 22
2a13:bf80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:57:a5:47:6d:e2:c3:9c:54:8e:60:42:ea:2a:e8:51:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ff2cf1a6230cd62cb3ca8a1bc1d4a4bb4337c1d
Validity
Not Before: Apr 6 17:37:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cae3d6ce22d7fb6329b26363663ab0f22361145e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:a2:8d:3c:5f:80:ef:af:9d:c7:d1:d9:36:
81:45:6e:f0:6c:11:79:e3:57:ca:a1:a6:fa:2f:1e:
bf:a2:b3:d3:96:0c:25:ea:3e:97:ea:85:b0:93:e6:
61:78:fb:ce:a7:cf:e5:85:c7:bd:c6:d0:17:93:9e:
cb:fc:f0:f2:e0:8b:89:35:2c:18:81:d6:45:b4:ac:
66:9d:d9:4c:f7:95:c2:2b:f5:aa:65:78:fa:41:7f:
7c:b7:55:79:7a:1d:64:7f:5d:8d:29:d0:8a:16:f5:
c1:b7:f9:12:ae:e9:21:fc:6c:d9:b8:33:70:db:1e:
f7:0b:7a:9b:fc:0d:74:f4:16:59:42:09:63:37:36:
62:89:2e:f7:8e:42:f3:2f:9b:18:74:f3:01:98:38:
91:d3:a4:c6:3e:66:76:7c:37:60:c4:80:ff:bd:56:
5d:26:59:80:9e:11:eb:1e:30:e9:84:91:fc:29:94:
4f:54:b1:29:ad:98:bf:ba:92:07:b8:c7:b3:86:69:
aa:d2:00:b0:7c:ab:90:d1:98:dc:98:29:fa:bd:a4:
92:23:aa:cb:42:45:11:b0:31:5b:03:61:f6:8f:97:
62:89:f6:a6:c0:6d:b1:5c:27:3e:af:10:12:9f:39:
65:e6:50:63:60:1b:82:df:10:d3:40:47:73:8d:53:
d3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E3:D6:CE:22:D7:FB:63:29:B2:63:63:66:3A:B0:F2:23:61:14:5E
X509v3 Authority Key Identifier:
keyid:1F:F2:CF:1A:62:30:CD:62:CB:3C:A8:A1:BC:1D:4A:4B:B4:33:7C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_LPGmIwzWLLPKihvB1KS7QzfB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/yuPWziLX-2MpsmNjZjqw8iNhFF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6a48a7-0c01-4aca-b431-6cedcf234975/1/H_LPGmIwzWLLPKihvB1KS7QzfB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.20.0/22
IPv6:
2a13:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
9f:00:20:d5:b6:2a:28:a8:e2:02:ca:c8:da:bd:ab:60:4a:0a:
1c:0c:04:cd:76:60:46:fa:60:a2:c7:2b:e7:b6:ae:05:30:bc:
fb:a9:b9:af:bd:d5:1e:80:7e:2b:dc:6f:d9:f9:a0:9e:f1:75:
42:e7:74:a2:0d:b8:da:90:da:ee:42:b8:c2:b0:cc:dc:0e:bd:
d7:e8:5e:f1:30:96:c1:93:2b:d6:15:b3:9a:ac:b3:86:c5:9d:
e4:46:ab:ba:ef:40:ec:d7:1f:8c:cd:03:5a:4a:38:19:50:49:
e7:49:f6:58:f0:87:60:7f:1a:8b:57:af:40:a8:1a:54:87:a5:
c0:20:11:e8:90:29:59:b9:37:c3:ad:87:53:a0:6a:cf:f7:87:
1d:26:4c:fa:20:04:8d:8b:aa:3f:f5:b7:47:06:eb:b5:fd:e1:
bb:d2:1d:6b:4c:1f:cf:97:33:da:a6:86:f2:8b:ce:5e:ed:85:
27:28:01:7e:9f:68:7a:1d:e8:fc:94:28:0a:cb:83:6b:0f:68:
89:5d:8f:6f:5f:4a:25:b6:93:ce:d0:19:7d:5a:89:2a:de:1a:
88:ba:96:45:30:23:d9:aa:87:b5:a3:6e:ac:9d:76:8a:9a:ce:
2b:18:7c:5c:62:a5:e2:6e:fd:7c:36:6c:9d:a7:26:7c:e6:fc:
43:16:c9:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdXpUdt4sOcVI5gQuoq6FHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZjJjZjFhNjIzMGNkNjJjYjNjYThhMWJjMWQ0YTRiYjQz
MzdjMWQwHhcNMjMwNDA2MTczNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUzZDZjZTIyZDdmYjYzMjliMjYzNjM2NjNhYjBmMjIzNjExNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmmijTxfgO+vncfR2TaBRW7wbBF5
41fKoab6Lx6/orPTlgwl6j6X6oWwk+ZhePvOp8/lhce9xtAXk57L/PDy4IuJNSwY
gdZFtKxmndlM95XCK/WqZXj6QX98t1V5eh1kf12NKdCKFvXBt/kSrukh/GzZuDNw
2x73C3qb/A109BZZQgljNzZiiS73jkLzL5sYdPMBmDiR06TGPmZ2fDdgxID/vVZd
JlmAnhHrHjDphJH8KZRPVLEprZi/upIHuMezhmmq0gCwfKuQ0ZjcmCn6vaSSI6rL
QkURsDFbA2H2j5diifamwG2xXCc+rxASnzll5lBjYBuC3xDTQEdzjVPT/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMrj1s4i1/tjKbJjY2Y6sPIjYRReMB8GA1UdIwQY
MBaAFB/yzxpiMM1iyzyoobwdSku0M3wdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9MUEdtSXd6V0xMUEtpaHZCMUtTN1F6ZkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82YTQ4YTctMGMwMS00YWNhLWI0MzEt
NmNlZGNmMjM0OTc1LzEveXVQV3ppTFgtMk1wc21OalpqcXc4aU5oRkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82YTQ4YTctMGMwMS00YWNhLWI0MzEtNmNlZGNmMjM0OTc1
LzEvSF9MUEdtSXd6V0xMUEtpaHZCMUtTN1F6ZkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucYUMA0E
AgACMAcDBQMqE7+AMA0GCSqGSIb3DQEBCwUAA4IBAQCfACDVtiooqOICysjavatg
SgocDATNdmBG+mCixyvntq4FMLz7qbmvvdUegH4r3G/Z+aCe8XVC53SiDbjakNru
QrjCsMzcDr3X6F7xMJbBkyvWFbOarLOGxZ3kRqu670Ds1x+MzQNaSjgZUEnnSfZY
8IdgfxqLV69AqBpUh6XAIBHokClZuTfDrYdToGrP94cdJkz6IASNi6o/9bdHBuu1
/eG70h1rTB/PlzPapobyi85e7YUnKAF+n2h6Hej8lCgKy4NrD2iJXY9vX0oltpPO
0Bl9Wokq3hqIupZFMCPZqoe1o26snXaKms4rGHxcYqXibv18NmydpyZ85vxDFskp
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:58 2024 by rpki-client on console-fra.rpki-client.org