Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2fb477-a8b7-450e-b533-11e6c0a3a808/1/yk8DWxG4i1c_UwTdpFosZKqYt9o.roa
File: yk8DWxG4i1c_UwTdpFosZKqYt9o.roa (raw, json)
Hash identifier: unasLIIPx1UfD3d/bGWmBkFQoxnh0pQjdEzI+ADUcoU=
Subject key identifier: CA:4F:03:5B:11:B8:8B:57:3F:53:04:DD:A4:5A:2C:64:AA:98:B7:DA
Certificate issuer: /CN=7da31ee9c989a6311a08ff232289978401415e91
Certificate serial: 01856FA708FBBCD245B54AAE789EA693240D
Authority key identifier: 7D:A3:1E:E9:C9:89:A6:31:1A:08:FF:23:22:89:97:84:01:41:5E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faMe6cmJpjEaCP8jIomXhAFBXpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2fb477-a8b7-450e-b533-11e6c0a3a808/1/yk8DWxG4i1c_UwTdpFosZKqYt9o.roa
Signing time: Sun 01 Jan 2023 23:24:55 +0000
ROA not before: Sun 01 Jan 2023 23:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57778
IP address blocks: 185.126.44.0/24 maxlen: 24
185.126.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:08:fb:bc:d2:45:b5:4a:ae:78:9e:a6:93:24:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da31ee9c989a6311a08ff232289978401415e91
Validity
Not Before: Jan 1 23:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4f035b11b88b573f5304dda45a2c64aa98b7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0e:ca:c1:01:c8:77:5f:3e:17:31:97:4b:6d:
32:f0:1d:19:5f:ac:b6:f1:8f:16:3e:48:3c:72:5c:
29:73:2d:b6:ad:0b:70:dd:f9:78:64:5a:10:bd:8e:
e4:f7:28:77:d4:89:0d:a1:6b:bf:69:52:40:8c:95:
87:fe:52:5d:90:e2:1d:c7:38:7e:1e:b6:d8:4d:e6:
f7:d3:8b:6e:14:74:84:6d:da:c6:d3:bc:04:98:71:
d3:27:b4:a8:b9:ea:22:75:80:3e:bc:34:97:51:10:
f9:f5:a1:c4:8c:a6:fb:9d:a3:92:a9:b0:bf:2b:59:
75:59:48:6f:62:f3:73:45:62:4e:7e:56:51:01:ae:
02:c8:f0:f0:8c:9c:87:e9:ef:db:1e:64:3e:0f:0b:
7b:34:b5:b8:a4:21:6a:f6:ee:9c:85:13:aa:73:83:
93:aa:50:65:ad:d7:8a:f7:6a:78:dc:a1:3d:d8:33:
17:d1:bc:8e:fd:d0:6d:93:bd:eb:d7:49:e3:55:d1:
ef:3b:8a:39:a6:7e:c9:a1:0f:01:7e:74:b6:3b:b6:
bc:c9:fc:95:d7:cf:88:c7:6c:c0:ab:9b:ef:97:3d:
70:c1:95:f6:14:98:83:b2:88:5c:50:c9:0d:e5:f6:
4a:5d:6e:7f:71:9a:77:d3:8e:74:58:47:ee:c8:a8:
0f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4F:03:5B:11:B8:8B:57:3F:53:04:DD:A4:5A:2C:64:AA:98:B7:DA
X509v3 Authority Key Identifier:
keyid:7D:A3:1E:E9:C9:89:A6:31:1A:08:FF:23:22:89:97:84:01:41:5E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faMe6cmJpjEaCP8jIomXhAFBXpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2fb477-a8b7-450e-b533-11e6c0a3a808/1/yk8DWxG4i1c_UwTdpFosZKqYt9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2fb477-a8b7-450e-b533-11e6c0a3a808/1/faMe6cmJpjEaCP8jIomXhAFBXpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.44.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:b0:a6:65:dc:bc:bb:8d:25:2b:2a:a5:02:54:56:70:47:85:
ea:19:10:2d:91:4c:e3:8a:19:3c:ef:ee:c1:be:aa:10:78:82:
d4:1c:bb:ee:29:ec:dc:c1:e6:4b:3e:3d:d7:cf:93:e0:5e:fb:
18:6e:95:58:af:88:1a:b5:0f:7a:eb:9e:bd:99:41:c4:86:96:
96:6e:df:c4:45:72:1e:53:19:89:e2:0f:33:61:c4:bf:19:38:
b4:1a:11:ef:cd:83:64:a1:0d:b6:6a:fd:02:db:e7:87:23:cf:
ef:82:a7:ab:ab:c1:a5:ba:3e:37:03:8f:07:2f:94:01:d6:68:
e6:39:14:71:33:a6:6c:50:77:45:7d:d8:98:c4:f2:28:c9:98:
5b:b1:6d:cc:b4:b4:59:b5:0b:00:dc:32:8f:ac:83:af:98:78:
86:e3:1b:ec:85:c5:f3:5c:fb:28:8d:96:6f:9c:27:fa:7b:9e:
a5:2f:f4:9f:f8:59:7f:38:26:92:42:0d:36:e4:97:3d:ac:1e:
b4:3e:ad:1d:16:d3:18:e5:91:92:e1:74:7b:7a:e7:6f:c3:55:
a2:c2:a9:e8:e7:37:b7:57:de:52:76:1e:89:15:54:f6:24:73:
e7:ea:56:93:1a:62:81:b6:1a:46:df:00:57:7d:2c:c8:51:b7:
24:97:e5:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpwj7vNJFtUqueJ6mkyQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTMxZWU5Yzk4OWE2MzExYTA4ZmYyMzIyODk5Nzg0MDE0
MTVlOTEwHhcNMjMwMTAxMjMyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRmMDM1YjExYjg4YjU3M2Y1MzA0ZGRhNDVhMmM2NGFhOThiN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA7KwQHId18+FzGXS20y8B0ZX6y2
8Y8WPkg8clwpcy22rQtw3fl4ZFoQvY7k9yh31IkNoWu/aVJAjJWH/lJdkOIdxzh+
HrbYTeb304tuFHSEbdrG07wEmHHTJ7SoueoidYA+vDSXURD59aHEjKb7naOSqbC/
K1l1WUhvYvNzRWJOflZRAa4CyPDwjJyH6e/bHmQ+Dwt7NLW4pCFq9u6chROqc4OT
qlBlrdeK92p43KE92DMX0byO/dBtk73r10njVdHvO4o5pn7JoQ8BfnS2O7a8yfyV
18+Ix2zAq5vvlz1wwZX2FJiDsohcUMkN5fZKXW5/cZp30450WEfuyKgP5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpPA1sRuItXP1ME3aRaLGSqmLfaMB8GA1UdIwQY
MBaAFH2jHunJiaYxGgj/IyKJl4QBQV6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFNZTZjbUpwakVhQ1A4aklvbVhoQUZCWHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yZmI0NzctYThiNy00NTBlLWI1MzMt
MTFlNmMwYTNhODA4LzEveWs4RFd4RzRpMWNfVXdUZHBGb3NaS3FZdDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yZmI0NzctYThiNy00NTBlLWI1MzMtMTFlNmMwYTNhODA4
LzEvZmFNZTZjbUpwakVhQ1A4aklvbVhoQUZCWHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX4sMA0G
CSqGSIb3DQEBCwUAA4IBAQBrsKZl3Ly7jSUrKqUCVFZwR4XqGRAtkUzjihk87+7B
vqoQeILUHLvuKezcweZLPj3Xz5PgXvsYbpVYr4gatQ966569mUHEhpaWbt/ERXIe
UxmJ4g8zYcS/GTi0GhHvzYNkoQ22av0C2+eHI8/vgqerq8Gluj43A48HL5QB1mjm
ORRxM6ZsUHdFfdiYxPIoyZhbsW3MtLRZtQsA3DKPrIOvmHiG4xvshcXzXPsojZZv
nCf6e56lL/Sf+Fl/OCaSQg025Jc9rB60Pq0dFtMY5ZGS4XR7eudvw1Wiwqno5ze3
V95Sdh6JFVT2JHPn6laTGmKBthpG3wBXfSzIUbckl+UJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:26 2024 by rpki-client on console-ams.rpki-client.org