Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/8YPey6qouMgXb-R5TOqRZpB2ABw.roa
File: 8YPey6qouMgXb-R5TOqRZpB2ABw.roa (raw, json)
Hash identifier: OScUOFFV1nHTGp6eBM7UmjlpGeTyPYwK6cK+0SBZeQY=
Subject key identifier: F1:83:DE:CB:AA:A8:B8:C8:17:6F:E4:79:4C:EA:91:66:90:76:00:1C
Certificate issuer: /CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Certificate serial: 01856CE5E69E6C2A21AD18ADBBCD911A25D2
Authority key identifier: 41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/8YPey6qouMgXb-R5TOqRZpB2ABw.roa
Signing time: Sun 01 Jan 2023 10:34:44 +0000
ROA not before: Sun 01 Jan 2023 10:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44460
IP address blocks: 92.43.200.0/21 maxlen: 21
185.68.72.0/24 maxlen: 24
185.68.72.0/22 maxlen: 22
185.68.75.0/24 maxlen: 24
185.68.73.0/24 maxlen: 24
185.68.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:e6:9e:6c:2a:21:ad:18:ad:bb:cd:91:1a:25:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Validity
Not Before: Jan 1 10:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f183decbaaa8b8c8176fe4794cea91669076001c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:74:11:17:3f:4c:37:f2:ee:e5:67:b4:29:3e:
c4:5e:09:93:e8:df:54:42:12:64:d0:55:44:92:4c:
23:9a:68:bd:7d:aa:77:27:a3:7d:e6:1d:b8:63:e1:
fa:c8:73:a9:56:34:ee:10:0c:46:f6:6c:36:66:2c:
a3:d7:84:a9:e9:8b:d1:c7:ae:8d:98:8b:d5:7a:c4:
3e:76:8f:90:4f:ae:41:61:2a:2b:56:6f:10:0c:43:
e3:76:d9:88:e7:37:00:02:64:e8:30:8e:ff:63:4e:
0d:52:79:bc:41:a9:bb:1c:2b:9d:4e:73:76:38:71:
23:4a:c9:c9:33:cb:5d:e8:e1:ab:0f:b6:42:35:b4:
c0:08:50:f6:af:17:31:4a:f3:82:e1:e1:87:38:76:
d0:c6:d9:9c:10:26:8a:5d:10:ea:09:88:04:aa:b2:
7b:eb:05:75:e3:bc:22:95:ca:70:d3:e8:ac:f3:14:
96:af:bb:08:21:14:63:86:47:01:da:b3:66:23:ab:
5c:02:db:c6:87:5d:39:06:a0:9b:6b:c0:40:81:b7:
af:f0:7a:2a:81:2c:85:c8:11:bc:e8:42:5b:15:ee:
a1:97:57:cc:5a:97:dd:a0:58:66:5b:e6:45:78:29:
e1:96:eb:17:de:a6:65:b0:b8:9f:c4:42:1f:a0:27:
50:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:83:DE:CB:AA:A8:B8:C8:17:6F:E4:79:4C:EA:91:66:90:76:00:1C
X509v3 Authority Key Identifier:
keyid:41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/8YPey6qouMgXb-R5TOqRZpB2ABw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.200.0/21
185.68.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:7c:24:5e:c1:0f:f1:5a:e0:1e:77:4a:41:1b:da:33:a6:b1:
a0:d8:ef:29:84:f2:72:1d:2c:1b:19:af:11:09:d4:64:9f:96:
26:0b:82:59:3d:d3:61:b1:d0:fb:f8:19:94:cd:d4:b2:c9:fb:
a3:47:64:59:38:f1:f7:f4:e6:33:3e:a8:10:b6:58:35:c0:54:
a5:30:6a:05:82:29:9d:2f:8b:88:77:11:ce:3b:a3:a5:7c:5e:
89:84:ed:a1:d9:2e:ee:3a:b5:76:bb:fe:27:d8:62:01:4e:9e:
8f:d7:c2:ab:46:90:ce:28:1a:29:a5:3d:30:7c:f9:47:ce:10:
47:5f:3b:f4:92:0c:90:13:0a:48:6c:9f:9a:98:c4:39:ba:39:
f2:a0:d1:00:b8:0b:e7:a4:e6:ec:83:23:76:be:d9:5e:75:9b:
f0:f2:01:d2:ef:91:95:11:64:06:bb:0b:fd:64:79:33:fd:a1:
91:99:97:dd:9c:81:68:86:e2:93:41:c1:d4:9c:d9:b6:7c:96:
f4:c6:fe:de:57:cd:41:56:02:32:ff:db:3d:b3:3d:f0:a5:24:
f4:18:15:ca:4e:63:19:e1:85:35:37:52:33:6b:bd:99:71:1c:
1b:c4:97:83:2d:86:3e:33:e0:61:01:10:1d:08:8d:ee:9b:00:
3f:0b:a1:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5eaebCohrRitu82RGiXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODFjMjJlYjdiMzJkOTAxZDEyNTcwMGUxNDBlYjYwMDlk
Y2M2ZGEwHhcNMjMwMTAxMTAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgzZGVjYmFhYThiOGM4MTc2ZmU0Nzk0Y2VhOTE2NjkwNzYwMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3QRFz9MN/Lu5We0KT7EXgmT6N9U
QhJk0FVEkkwjmmi9fap3J6N95h24Y+H6yHOpVjTuEAxG9mw2Ziyj14Sp6YvRx66N
mIvVesQ+do+QT65BYSorVm8QDEPjdtmI5zcAAmToMI7/Y04NUnm8Qam7HCudTnN2
OHEjSsnJM8td6OGrD7ZCNbTACFD2rxcxSvOC4eGHOHbQxtmcECaKXRDqCYgEqrJ7
6wV147wilcpw0+is8xSWr7sIIRRjhkcB2rNmI6tcAtvGh105BqCba8BAgbev8Hoq
gSyFyBG86EJbFe6hl1fMWpfdoFhmW+ZFeCnhlusX3qZlsLifxEIfoCdQaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPGD3suqqLjIF2/keUzqkWaQdgAcMB8GA1UdIwQY
MBaAFEGBwi63sy2QHRJXAOFA62AJ3MbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMt
YzIxNDA5NDQyZmFjLzEvOFlQZXk2cW91TWdYYi1SNVRPcVJacEIyQUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMtYzIxNDA5NDQyZmFj
LzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXCvIAwQC
uURIMA0GCSqGSIb3DQEBCwUAA4IBAQAPfCRewQ/xWuAed0pBG9ozprGg2O8phPJy
HSwbGa8RCdRkn5YmC4JZPdNhsdD7+BmUzdSyyfujR2RZOPH39OYzPqgQtlg1wFSl
MGoFgimdL4uIdxHOO6OlfF6JhO2h2S7uOrV2u/4n2GIBTp6P18KrRpDOKBoppT0w
fPlHzhBHXzv0kgyQEwpIbJ+amMQ5ujnyoNEAuAvnpObsgyN2vtledZvw8gHS75GV
EWQGuwv9ZHkz/aGRmZfdnIFohuKTQcHUnNm2fJb0xv7eV81BVgIy/9s9sz3wpST0
GBXKTmMZ4YU1N1Iza72ZcRwbxJeDLYY+M+BhARAdCI3umwA/C6HU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:58 2024 by rpki-client on console-fra.rpki-client.org