Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/yLk5HeRofY94obMw3aumFS4RvJw.roa
File: yLk5HeRofY94obMw3aumFS4RvJw.roa (raw, json)
Hash identifier: 2Op6t/gJwsastLJncixixYnZiop8V/01mdFhfmjHDYQ=
Subject key identifier: C8:B9:39:1D:E4:68:7D:8F:78:A1:B3:30:DD:AB:A6:15:2E:11:BC:9C
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0190CBB78014E3AB97B8370E21726C9DF37B
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/yLk5HeRofY94obMw3aumFS4RvJw.roa
Signing time: Fri 19 Jul 2024 15:58:38 +0000
ROA not before: Fri 19 Jul 2024 15:58:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 19 Jul 2024 19:27:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:b7:80:14:e3:ab:97:b8:37:0e:21:72:6c:9d:f3:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 19 15:58:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b9391de4687d8f78a1b330ddaba6152e11bc9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:dc:a0:43:b8:86:c5:51:7b:7d:59:66:da:b7:
f7:03:a4:e4:7f:39:4f:c7:01:ad:62:b9:0d:e3:70:
e9:62:de:33:dd:76:bf:17:d8:71:44:2b:b7:73:f5:
5e:33:f7:00:9a:a8:aa:ae:bf:f0:e9:f4:9c:aa:3d:
4c:be:27:8b:95:b8:de:fd:7a:64:40:52:7c:51:02:
d5:a3:28:c4:9b:93:db:4b:e4:05:fc:4a:65:9a:67:
ab:74:45:17:e6:96:83:96:fd:70:f8:a5:a8:85:de:
23:41:fc:a3:75:49:bb:07:4b:8c:ad:80:e5:0b:36:
53:73:ce:ac:f7:89:87:d2:bc:04:c5:a4:28:fa:33:
84:b7:d4:dc:bc:c9:38:65:6b:f2:9e:4b:43:3b:e8:
a7:3d:c7:be:0d:22:fd:78:ad:c8:11:f7:66:88:fc:
a9:76:90:d9:69:96:91:22:b8:51:70:9b:59:cd:e0:
96:7d:fc:0f:f6:49:38:98:1d:d8:9b:ed:67:71:59:
0c:37:4d:8e:d0:58:b1:3e:81:8f:ae:20:0e:cf:6a:
90:c5:90:05:ed:81:19:fb:f2:b3:71:3b:1f:f9:be:
07:56:f7:5b:85:ae:2e:7c:89:0d:43:07:e7:c0:e9:
69:c2:de:9c:36:8f:d5:e1:37:30:68:83:b1:42:1a:
8a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B9:39:1D:E4:68:7D:8F:78:A1:B3:30:DD:AB:A6:15:2E:11:BC:9C
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/yLk5HeRofY94obMw3aumFS4RvJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.213.0-185.147.214.255
IPv6:
2a03:efc0:500::/40
2a03:efc0:900::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
Signature Algorithm: sha256WithRSAEncryption
5d:31:47:76:40:10:6b:5e:c4:c0:ba:bc:66:58:40:f9:35:5a:
52:9a:bb:8e:9d:b8:1f:18:fb:76:91:e5:0e:80:ea:e0:53:22:
7d:d3:91:c3:b8:d7:2a:a8:34:f2:39:81:26:fd:2f:9f:1e:d8:
cb:39:2c:30:01:e9:6c:f7:cf:aa:80:f1:b0:1c:f9:2a:4b:ab:
31:2e:7d:57:37:cd:e1:59:db:2e:b6:68:f5:fe:15:7f:2c:f4:
82:15:4d:48:f6:b9:b6:fa:fb:e2:f7:e0:40:c0:2d:54:da:dd:
6c:87:b9:c9:fd:08:14:75:53:d4:05:92:74:3e:ce:c3:2b:8d:
3d:17:5b:8a:19:b9:a8:25:05:8b:ed:a5:c7:8c:ef:f4:ee:83:
d0:36:ed:16:4c:86:8a:eb:f8:2f:58:a0:05:78:dd:33:16:29:
87:45:0a:be:63:26:97:2e:64:0d:ab:41:4d:48:a6:bb:97:f9:
a5:d2:30:1e:1d:09:6e:f3:73:f7:82:2a:d9:d9:16:9f:61:6c:
b0:f8:69:36:e1:f6:78:ca:4c:72:0a:e1:dc:4e:aa:f4:c2:a6:
f1:0e:cf:91:81:2f:1d:e5:2f:32:5a:09:ca:cc:af:f2:ee:0d:
df:2c:a0:3e:1c:7d:a8:45:bc:be:76:1a:17:4e:11:90:f7:03:
7c:28:9a:ac
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZDLt4AU46uXuDcOIXJsnfN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwNzE5MTU1ODM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI5MzkxZGU0Njg3ZDhmNzhhMWIzMzBkZGFiYTYxNTJlMTFiYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdygQ7iGxVF7fVlm2rf3A6TkfzlP
xwGtYrkN43DpYt4z3Xa/F9hxRCu3c/VeM/cAmqiqrr/w6fScqj1MvieLlbje/Xpk
QFJ8UQLVoyjEm5PbS+QF/EplmmerdEUX5paDlv1w+KWohd4jQfyjdUm7B0uMrYDl
CzZTc86s94mH0rwExaQo+jOEt9TcvMk4ZWvynktDO+inPce+DSL9eK3IEfdmiPyp
dpDZaZaRIrhRcJtZzeCWffwP9kk4mB3Ym+1ncVkMN02O0FixPoGPriAOz2qQxZAF
7YEZ+/KzcTsf+b4HVvdbha4ufIkNQwfnwOlpwt6cNo/V4TcwaIOxQhqKGwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMi5OR3kaH2PeKGzMN2rphUuEbycMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEveUxrNUhlUm9mWTk0b2JNdzNhdW1GUzRSdkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjAUBAIAATAOMAwDBAC5
k9UDBAC5k9YwbgQCAAIwaAMGACoD78AFAwYAKgPvwAkDBgAqA+/AFQMGACoD78AX
AwYAKgPvwCMDBgAqA+/AJQMGACoD78AnAwYAKgPvwCkDBgAqA+/AMQMGACoD78Az
AwYAKgPvwDUDBgAqA+/ANwMGACoD78BBMA0GCSqGSIb3DQEBCwUAA4IBAQBdMUd2
QBBrXsTAurxmWED5NVpSmruOnbgfGPt2keUOgOrgUyJ905HDuNcqqDTyOYEm/S+f
HtjLOSwwAels98+qgPGwHPkqS6sxLn1XN83hWdsutmj1/hV/LPSCFU1I9rm2+vvi
9+BAwC1U2t1sh7nJ/QgUdVPUBZJ0Ps7DK409F1uKGbmoJQWL7aXHjO/07oPQNu0W
TIaK6/gvWKAFeN0zFimHRQq+YyaXLmQNq0FNSKa7l/ml0jAeHQlu83P3girZ2Raf
YWyw+Gk24fZ4ykxyCuHcTqr0wqbxDs+RgS8d5S8yWgnKzK/y7g3fLKA+HH2oRby+
dhoXThGQ9wN8KJqs
-----END CERTIFICATE-----
Generated at Fri Jul 19 21:18:48 2024 by rpki-client on console-fra.rpki-client.org