Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YpqCf1V1GnEiv0lX06Kmjoh_2jQ.roa
File: YpqCf1V1GnEiv0lX06Kmjoh_2jQ.roa (raw, json)
Hash identifier: GLlC4YIVy2Mw8NcK4WTqYcMufXy2vaQnJ1DWSbaUY9M=
Subject key identifier: 62:9A:82:7F:55:75:1A:71:22:BF:49:57:D3:A2:A6:8E:88:7F:DA:34
Certificate issuer: /CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Certificate serial: 01912EC7FF55A2D8D97A7EBC45AC80CA8CDD
Authority key identifier: 8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YpqCf1V1GnEiv0lX06Kmjoh_2jQ.roa
Signing time: Wed 07 Aug 2024 21:39:04 +0000
ROA not before: Wed 07 Aug 2024 21:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205961
IP address blocks: 185.200.20.0/24 maxlen: 24
185.200.21.0/24 maxlen: 24
185.200.22.0/24 maxlen: 24
185.200.23.0/24 maxlen: 24
2a0b:24c1::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2e:c7:ff:55:a2:d8:d9:7a:7e:bc:45:ac:80:ca:8c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7b496ea7cf763d058308371e1bf67e53bc7ba3
Validity
Not Before: Aug 7 21:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=629a827f55751a7122bf4957d3a2a68e887fda34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:db:f9:b6:90:04:ef:10:de:d9:e4:70:ba:2c:
94:06:36:0f:4a:47:4f:8f:20:85:c5:77:54:25:45:
d1:50:25:5a:10:d2:06:9c:a3:76:6d:8f:f0:bf:b1:
57:45:92:ed:25:85:c1:c0:69:15:4c:99:f7:b9:f6:
b3:b5:35:e7:c4:2d:00:7b:89:05:98:50:90:10:0a:
44:69:c9:91:7d:19:c2:99:22:66:39:a8:b4:8e:96:
aa:af:f8:90:68:9a:43:35:13:3b:26:c8:f0:e0:8e:
60:b2:57:80:2c:10:e8:47:f3:e2:45:6c:fd:67:6b:
ff:1c:c0:1d:81:77:b9:53:1e:a3:2e:23:8a:11:ab:
a2:d1:fe:4f:f2:31:ac:1c:c5:dc:28:ac:50:04:ff:
8f:17:bd:47:38:a7:16:58:bb:91:a0:82:6d:41:84:
9a:1d:05:7f:88:66:18:92:50:bf:45:1b:4b:7f:58:
68:70:f0:59:02:85:3d:d4:69:35:28:cf:be:08:10:
b4:c7:65:6d:c8:02:6f:ed:f2:1d:87:24:1b:b5:9c:
74:48:b6:45:44:dd:d4:11:2b:29:e8:7b:b3:98:d1:
16:e5:a1:2b:55:cc:d4:dd:7e:81:c4:90:c2:37:b4:
5e:b1:0b:30:26:a2:f9:0f:93:bd:2a:ef:9a:6e:e9:
77:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9A:82:7F:55:75:1A:71:22:BF:49:57:D3:A2:A6:8E:88:7F:DA:34
X509v3 Authority Key Identifier:
keyid:8F:7B:49:6E:A7:CF:76:3D:05:83:08:37:1E:1B:F6:7E:53:BC:7B:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/YpqCf1V1GnEiv0lX06Kmjoh_2jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9efd94-0516-4e66-98d5-251b019d51a8/1/j3tJbqfPdj0Fgwg3Hhv2flO8e6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.20.0/22
IPv6:
2a0b:24c1::/33
Signature Algorithm: sha256WithRSAEncryption
0f:0e:88:26:03:c2:8d:0b:1e:db:fd:b0:dd:51:4a:ec:eb:7e:
08:08:2e:f1:67:92:ad:42:62:d7:27:ad:66:d3:f3:4d:6e:1a:
f7:36:16:dd:1e:b6:2e:75:af:7c:68:fa:80:b6:91:67:49:4b:
8f:e2:05:da:c0:37:b1:de:6d:23:ed:d6:11:63:01:0b:aa:0b:
a6:8c:8a:36:1e:e5:6e:01:d5:ca:6f:9b:5a:f2:be:24:ef:4e:
43:5b:f0:a7:36:76:03:f5:9e:d6:26:5a:7c:5e:93:b2:9a:7f:
c7:6e:e6:98:12:e1:2b:0c:60:52:52:0a:c1:74:20:94:d3:f6:
59:26:95:5b:e6:ed:32:94:2e:a8:8b:96:53:42:77:46:64:f2:
88:57:eb:15:02:8e:81:a3:32:0b:c7:f8:82:bf:81:c0:73:f3:
14:33:73:91:d2:b2:7b:33:ec:ec:27:e9:e2:3a:c8:05:ed:c8:
df:c6:52:d9:b3:f4:e0:1f:27:ee:9e:8c:2b:aa:4d:9d:6f:6d:
75:3f:09:0d:8e:e3:0c:b4:5b:55:ee:85:55:53:7b:84:02:17:
a4:72:34:25:87:ed:45:ba:85:60:df:d0:b5:0c:bc:e8:24:58:
fc:51:0e:ed:77:c7:e8:3e:71:0e:37:b1:4e:59:e1:69:40:c3:
23:df:7b:9f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZEux/9VotjZen68RayAyozdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2I0OTZlYTdjZjc2M2QwNTgzMDgzNzFlMWJmNjdlNTNi
YzdiYTMwHhcNMjQwODA3MjEzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjlhODI3ZjU1NzUxYTcxMjJiZjQ5NTdkM2EyYTY4ZTg4N2ZkYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNv5tpAE7xDe2eRwuiyUBjYPSkdP
jyCFxXdUJUXRUCVaENIGnKN2bY/wv7FXRZLtJYXBwGkVTJn3ufaztTXnxC0Ae4kF
mFCQEApEacmRfRnCmSJmOai0jpaqr/iQaJpDNRM7Jsjw4I5gsleALBDoR/PiRWz9
Z2v/HMAdgXe5Ux6jLiOKEaui0f5P8jGsHMXcKKxQBP+PF71HOKcWWLuRoIJtQYSa
HQV/iGYYklC/RRtLf1hocPBZAoU91Gk1KM++CBC0x2VtyAJv7fIdhyQbtZx0SLZF
RN3UESsp6HuzmNEW5aErVczU3X6BxJDCN7ResQswJqL5D5O9Ku+abul33QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGKagn9VdRpxIr9JV9Oipo6If9o0MB8GA1UdIwQY
MBaAFI97SW6nz3Y9BYMINx4b9n5TvHujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUt
MjUxYjAxOWQ1MWE4LzEvWXBxQ2YxVjFHbkVpdjBsWDA2S21qb2hfMmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZWZkOTQtMDUxNi00ZTY2LTk4ZDUtMjUxYjAxOWQ1MWE4
LzEvajN0SmJxZlBkajBGZ3dnM0hodjJmbE84ZTZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCucgUMA4E
AgACMAgDBgcqCyTBADANBgkqhkiG9w0BAQsFAAOCAQEADw6IJgPCjQse2/2w3VFK
7Ot+CAgu8WeSrUJi1yetZtPzTW4a9zYW3R62LnWvfGj6gLaRZ0lLj+IF2sA3sd5t
I+3WEWMBC6oLpoyKNh7lbgHVym+bWvK+JO9OQ1vwpzZ2A/We1iZafF6Tspp/x27m
mBLhKwxgUlIKwXQglNP2WSaVW+btMpQuqIuWU0J3RmTyiFfrFQKOgaMyC8f4gr+B
wHPzFDNzkdKyezPs7Cfp4jrIBe3I38ZS2bP04B8n7p6MK6pNnW9tdT8JDY7jDLRb
Ve6FVVN7hAIXpHI0JYftRbqFYN/QtQy86CRY/FEO7XfH6D5xDjexTlnhaUDDI997
nw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:37:41 2025 by rpki-client