Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sy8iOiLtMnZkUYFrTamzHlLj9v0.roa
File: sy8iOiLtMnZkUYFrTamzHlLj9v0.roa (raw, json)
Hash identifier: zB7plbUnBdJDzvdbQD9Nk4uFpPkJ6cQXFKaxG3dgTBI=
Subject key identifier: B3:2F:22:3A:22:ED:32:76:64:51:81:6B:4D:A9:B3:1E:52:E3:F6:FD
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018678A187C3F294DD536DB4B6467E58E40D
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sy8iOiLtMnZkUYFrTamzHlLj9v0.roa
Signing time: Wed 22 Feb 2023 10:18:17 +0000
ROA not before: Wed 22 Feb 2023 10:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.96.80.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.96.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 13:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:a1:87:c3:f2:94:dd:53:6d:b4:b6:46:7e:58:e4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 22 10:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b32f223a22ed32766451816b4da9b31e52e3f6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8a:b7:63:6c:87:10:33:72:53:07:53:79:20:
fb:d4:91:db:d5:af:8b:d7:9e:fc:c7:84:ec:1b:74:
06:89:51:f7:c6:bd:b8:2e:43:b4:8a:df:e3:98:80:
15:71:81:9c:41:2a:83:15:7b:ce:01:ef:8e:f8:66:
6f:25:1c:1f:91:6c:5b:5a:fc:88:73:08:72:b0:95:
38:c5:ec:55:45:30:cc:bd:e8:b4:1e:68:78:20:ab:
cc:19:48:cc:84:ee:1c:c3:d8:cb:ff:fa:33:a3:de:
6d:9c:ad:02:7c:6c:2d:06:3f:68:ee:b3:3b:82:ee:
ed:d9:15:99:44:04:5a:9f:48:e5:7a:67:37:e7:7f:
68:57:32:ba:1a:03:b2:88:79:53:35:68:a1:41:17:
c1:c4:61:bc:13:c5:7e:c9:1d:44:8f:f6:55:6c:66:
e5:2f:fe:5b:77:54:cf:0c:4b:92:13:2e:9b:eb:0a:
ca:cb:9d:0c:56:a8:ed:c8:c7:b5:c5:4f:85:b2:07:
fe:b0:bb:7b:55:4f:e0:27:f3:d7:0a:42:81:b9:ef:
a8:b3:d9:74:b9:68:23:2c:45:f4:c7:dd:88:1c:1a:
81:cd:a8:20:c6:cf:a1:bb:c0:1d:e6:19:3a:21:f4:
16:39:c8:1d:a5:36:d0:7e:f7:f6:e9:dd:20:55:ae:
2a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:22:3A:22:ED:32:76:64:51:81:6B:4D:A9:B3:1E:52:E3:F6:FD
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/sy8iOiLtMnZkUYFrTamzHlLj9v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.174.0/23
185.96.38.0/24
185.96.80.0/24
Signature Algorithm: sha256WithRSAEncryption
69:ed:32:e0:5e:c3:b1:2a:4f:90:c5:bc:1a:2d:b9:83:e3:c7:
89:f1:e9:45:41:f4:67:80:89:9d:c5:f3:59:93:b4:a6:86:8d:
c8:54:26:e7:8f:2a:ba:09:fc:db:9e:90:bc:27:58:e2:53:41:
69:30:e5:8e:43:b7:b6:8a:4e:0a:e4:52:bd:20:b7:df:d7:5a:
14:8f:30:19:f8:5c:8c:be:f3:5c:26:24:ee:f2:f9:b8:9f:2d:
dc:62:91:df:26:fe:3d:20:94:ce:5d:cb:88:4b:67:61:ba:b0:
4a:8d:3b:0a:2f:76:8b:f6:b0:d2:99:b1:da:fc:d7:ad:5c:84:
44:a2:83:b6:e6:3e:70:31:51:73:2a:71:22:aa:8b:fa:25:76:
2e:57:26:3f:87:e5:db:29:7b:86:32:8a:08:36:55:08:c8:00:
5f:30:23:d1:d2:33:47:e3:03:d1:57:54:15:bf:ad:0d:b2:4f:
f8:64:04:8c:2f:ea:f1:9c:3b:e5:39:fd:f5:ea:4f:60:2d:86:
9d:5f:58:61:af:cf:33:37:23:61:ed:fe:af:c3:4a:37:ff:6e:
c5:79:77:56:17:0c:22:ee:e1:89:f2:d2:fe:a3:39:4c:7c:1e:
a2:4b:32:d9:21:34:61:56:99:ca:4d:24:91:e7:cc:07:f2:2a:
47:c8:14:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ4oYfD8pTdU220tkZ+WOQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjIyMTAxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJmMjIzYTIyZWQzMjc2NjQ1MTgxNmI0ZGE5YjMxZTUyZTNmNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4q3Y2yHEDNyUwdTeSD71JHb1a+L
1578x4TsG3QGiVH3xr24LkO0it/jmIAVcYGcQSqDFXvOAe+O+GZvJRwfkWxbWvyI
cwhysJU4xexVRTDMvei0Hmh4IKvMGUjMhO4cw9jL//ozo95tnK0CfGwtBj9o7rM7
gu7t2RWZRARan0jlemc3539oVzK6GgOyiHlTNWihQRfBxGG8E8V+yR1Ej/ZVbGbl
L/5bd1TPDEuSEy6b6wrKy50MVqjtyMe1xU+Fsgf+sLt7VU/gJ/PXCkKBue+os9l0
uWgjLEX0x92IHBqBzaggxs+hu8Ad5hk6IfQWOcgdpTbQfvf26d0gVa4qpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMvIjoi7TJ2ZFGBa02psx5S4/b9MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvc3k4aU9pTHRNblprVVlGclRhbXpIbExqOXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuVGuAwQA
uWAmAwQAuWBQMA0GCSqGSIb3DQEBCwUAA4IBAQBp7TLgXsOxKk+QxbwaLbmD48eJ
8elFQfRngImdxfNZk7Smho3IVCbnjyq6CfzbnpC8J1jiU0FpMOWOQ7e2ik4K5FK9
ILff11oUjzAZ+FyMvvNcJiTu8vm4ny3cYpHfJv49IJTOXcuIS2dhurBKjTsKL3aL
9rDSmbHa/NetXIREooO25j5wMVFzKnEiqov6JXYuVyY/h+XbKXuGMooINlUIyABf
MCPR0jNH4wPRV1QVv60Nsk/4ZASML+rxnDvlOf316k9gLYadX1hhr88zNyNh7f6v
w0o3/27FeXdWFwwi7uGJ8tL+ozlMfB6iSzLZITRhVpnKTSSR58wH8ipHyBSf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org