Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/yLrkUiV9B0VoIftR-JRqwKtoP3c.roa
File: yLrkUiV9B0VoIftR-JRqwKtoP3c.roa (raw, json)
Hash identifier: bGvn0zWq1+Hk56tEoUjHgKXeqOfn1DUI2NBTQDDyqn8=
Subject key identifier: C8:BA:E4:52:25:7D:07:45:68:21:FB:51:F8:94:6A:C0:AB:68:3F:77
Certificate issuer: /CN=acfb02432688674260c6d012a597d70bcd5149c4
Certificate serial: 01857316003AA57073672F2B927FE6F4A6B2
Authority key identifier: AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/yLrkUiV9B0VoIftR-JRqwKtoP3c.roa
Signing time: Mon 02 Jan 2023 15:24:59 +0000
ROA not before: Mon 02 Jan 2023 15:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48638
IP address blocks: 185.43.152.0/22 maxlen: 24
91.194.86.0/23 maxlen: 24
185.59.168.0/22 maxlen: 24
94.143.184.0/21 maxlen: 24
2a02:4a00::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:00:3a:a5:70:73:67:2f:2b:92:7f:e6:f4:a6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfb02432688674260c6d012a597d70bcd5149c4
Validity
Not Before: Jan 2 15:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8bae452257d07456821fb51f8946ac0ab683f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:31:c6:b5:61:1f:2f:fe:18:37:de:c6:29:3f:
8e:55:d1:46:15:be:0a:5b:69:f6:f0:4d:3d:b8:17:
72:83:88:17:dd:0d:b3:2c:66:bb:c2:8c:83:cd:f1:
11:43:be:c3:c0:63:3b:2c:08:42:cc:43:a3:6b:0f:
58:77:b8:50:71:ba:48:13:c2:40:7e:b3:d2:e6:cb:
b6:1e:20:78:63:01:43:0c:c0:87:b7:3f:68:ef:79:
82:64:87:d4:b6:52:91:be:0f:45:e1:27:1f:8f:60:
b8:ea:41:95:04:c8:c1:db:90:e5:86:dc:30:45:6c:
72:01:48:ad:08:19:a3:51:93:b1:ef:b7:56:cf:e2:
e2:7f:d7:f7:31:9c:75:c7:b2:69:1e:d3:39:fa:db:
2f:e1:d9:ae:39:f5:36:58:cc:4f:2b:75:0d:1a:19:
fc:8b:48:0a:cb:fd:06:67:f4:45:d5:af:07:a7:8f:
0e:43:ea:99:11:cd:e3:8a:c4:4f:93:7c:af:f5:8e:
54:e1:f9:92:88:c8:6f:63:6c:f4:d7:fb:8c:9b:02:
ec:34:80:b3:3b:6e:c2:93:a3:58:e5:5f:ec:d0:4a:
80:c9:90:2d:3c:27:60:30:38:68:3e:83:76:7c:99:
46:b4:fe:72:5c:13:e6:87:9a:fa:02:04:bf:8a:41:
0b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BA:E4:52:25:7D:07:45:68:21:FB:51:F8:94:6A:C0:AB:68:3F:77
X509v3 Authority Key Identifier:
keyid:AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/yLrkUiV9B0VoIftR-JRqwKtoP3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.86.0/23
94.143.184.0/21
185.43.152.0/22
185.59.168.0/22
IPv6:
2a02:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:f2:19:74:4c:5d:70:2a:6c:e2:58:de:61:55:44:e2:61:6e:
e2:b6:00:40:1f:8f:e5:c5:3c:08:42:5c:07:88:ba:f1:f9:12:
c5:f1:57:a4:4a:c8:26:b7:4b:58:6b:00:19:39:59:38:12:76:
66:89:13:79:09:6d:c8:a3:1e:72:55:fc:e6:ad:c8:88:75:32:
3d:e1:09:97:8e:18:6a:07:7e:cf:3b:99:52:41:27:d4:3a:46:
92:ff:12:96:18:66:a2:fc:0f:c0:2d:6f:20:c8:07:38:76:de:
ad:3f:d2:71:b4:0a:73:d1:05:5b:d0:45:3f:dd:48:d0:ad:fb:
9a:07:2b:0b:e3:4c:d9:3d:e1:0e:a5:43:37:9e:7c:6c:fb:78:
be:ad:58:7b:12:9e:d6:ee:66:6e:fd:40:b4:1a:03:08:96:82:
34:b7:e4:dc:6a:59:c0:9b:31:b5:bf:f8:f8:ce:b1:43:ad:19:
99:e3:64:ec:42:ba:c4:26:59:99:fb:80:9d:5f:58:5a:d4:7d:
9c:c6:20:96:c0:b3:20:f3:2a:84:72:c0:54:18:cc:77:32:bf:
3f:a9:c1:17:d6:2d:be:53:71:44:3d:2e:71:1c:89:ce:eb:91:
bb:ed:92:78:0d:19:a9:9d:63:63:6a:9f:b1:8b:44:28:08:d6:
11:8b:4b:61
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzFgA6pXBzZy8rkn/m9KayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmIwMjQzMjY4ODY3NDI2MGM2ZDAxMmE1OTdkNzBiY2Q1
MTQ5YzQwHhcNMjMwMTAyMTUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJhZTQ1MjI1N2QwNzQ1NjgyMWZiNTFmODk0NmFjMGFiNjgzZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjHGtWEfL/4YN97GKT+OVdFGFb4K
W2n28E09uBdyg4gX3Q2zLGa7woyDzfERQ77DwGM7LAhCzEOjaw9Yd7hQcbpIE8JA
frPS5su2HiB4YwFDDMCHtz9o73mCZIfUtlKRvg9F4Scfj2C46kGVBMjB25Dlhtww
RWxyAUitCBmjUZOx77dWz+Lif9f3MZx1x7JpHtM5+tsv4dmuOfU2WMxPK3UNGhn8
i0gKy/0GZ/RF1a8Hp48OQ+qZEc3jisRPk3yv9Y5U4fmSiMhvY2z01/uMmwLsNICz
O27Ck6NY5V/s0EqAyZAtPCdgMDhoPoN2fJlGtP5yXBPmh5r6AgS/ikELIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMi65FIlfQdFaCH7UfiUasCraD93MB8GA1UdIwQY
MBaAFKz7AkMmiGdCYMbQEqWX1wvNUUnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQt
MzFkNzAxMGE3MjU2LzEveUxya1VpVjlCMFZvSWZ0Ui1KUnF3S3RvUDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNDE3OTQtZDYxOS00Yzc0LTgyNGQtMzFkNzAxMGE3MjU2
LzEvclBzQ1F5YUlaMEpneHRBU3BaZlhDODFSU2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8JWAwQD
Xo+4AwQCuSuYAwQCuTuoMA0EAgACMAcDBQAqAkoAMA0GCSqGSIb3DQEBCwUAA4IB
AQAb8hl0TF1wKmziWN5hVUTiYW7itgBAH4/lxTwIQlwHiLrx+RLF8VekSsgmt0tY
awAZOVk4EnZmiRN5CW3Iox5yVfzmrciIdTI94QmXjhhqB37PO5lSQSfUOkaS/xKW
GGai/A/ALW8gyAc4dt6tP9JxtApz0QVb0EU/3UjQrfuaBysL40zZPeEOpUM3nnxs
+3i+rVh7Ep7W7mZu/UC0GgMIloI0t+TcalnAmzG1v/j4zrFDrRmZ42TsQrrEJlmZ
+4CdX1ha1H2cxiCWwLMg8yqEcsBUGMx3Mr8/qcEX1i2+U3FEPS5xHInO65G77ZJ4
DRmpnWNjap+xi0QoCNYRi0th
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:11 2024 by rpki-client on console-ams.rpki-client.org