Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YctLFixQrMB7lHsvDSgwyxc8OVY.roa
File: YctLFixQrMB7lHsvDSgwyxc8OVY.roa (raw, json)
Hash identifier: ESSTnCaBI3yCOv2CJuOrsmWH6z+56MbFt8ZUvrQlwnI=
Subject key identifier: 61:CB:4B:16:2C:50:AC:C0:7B:94:7B:2F:0D:28:30:CB:17:3C:39:56
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018871963F401CAAEFB9678548E712AEC166
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YctLFixQrMB7lHsvDSgwyxc8OVY.roa
Signing time: Wed 31 May 2023 11:34:11 +0000
ROA not before: Wed 31 May 2023 11:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
148.222.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 06:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:96:3f:40:1c:aa:ef:b9:67:85:48:e7:12:ae:c1:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: May 31 11:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61cb4b162c50acc07b947b2f0d2830cb173c3956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:19:08:dd:25:80:93:9a:ce:26:bc:b5:5c:6b:
24:4c:72:79:36:b2:35:72:e5:57:b3:0d:7f:30:9a:
5a:33:5a:be:b6:92:be:ee:34:c4:45:34:26:ae:f5:
38:3d:1c:e5:40:c5:ff:99:1a:10:05:e3:40:9c:82:
73:e9:96:f5:38:ea:7d:3f:0a:0d:95:cf:eb:35:29:
39:44:59:c0:4c:c9:e5:34:cd:85:6d:c7:a3:d3:f8:
eb:60:4b:c9:74:46:08:b6:c9:cd:82:f2:e1:4e:e4:
09:40:76:bb:16:da:d9:5b:78:07:57:7b:f0:c7:ca:
3d:cc:28:fa:4d:2c:8c:85:22:5f:4a:04:17:fa:45:
17:9e:e0:e9:cf:b3:71:64:79:b4:04:e1:58:f0:81:
24:c2:9a:ec:92:90:6c:d4:1b:62:ad:e6:31:ff:81:
25:12:a0:81:8e:8b:73:4a:ab:93:53:2e:17:1c:cc:
f7:40:19:77:13:f6:ab:98:5c:96:16:94:ff:16:b4:
bc:80:04:14:b9:3d:c4:ab:e3:79:fd:36:42:71:4c:
7f:4e:8a:5d:ea:07:a1:85:b9:04:e3:50:c2:21:7e:
92:12:6e:54:a7:a6:e5:70:f3:0e:0a:22:58:db:dd:
8b:79:3a:71:41:07:a6:fc:47:50:83:6d:9d:f2:2a:
57:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CB:4B:16:2C:50:AC:C0:7B:94:7B:2F:0D:28:30:CB:17:3C:39:56
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YctLFixQrMB7lHsvDSgwyxc8OVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.222.240.0/22
185.81.28.0/22
Signature Algorithm: sha256WithRSAEncryption
28:09:0b:0f:60:c0:f4:31:97:6d:4d:05:ec:f6:d1:f6:3f:89:
e2:bc:28:07:68:46:48:c9:41:d2:e9:ab:f3:99:88:e7:ac:40:
cf:42:f3:9a:1a:3d:d1:a1:7e:c6:81:3a:a1:90:34:66:03:b8:
a5:f0:db:90:51:c6:02:55:a9:bd:50:d0:5d:93:7b:40:34:45:
61:9f:2e:b3:44:09:5c:30:70:45:95:26:d0:02:88:e2:08:46:
83:d4:dd:da:b9:0d:91:f4:2c:dc:97:59:58:95:d1:a3:78:bd:
10:67:5e:98:b6:31:18:1e:13:cb:ee:ac:8d:27:3a:a6:56:f3:
ce:7a:44:9b:eb:df:05:c9:b4:10:80:37:42:43:a8:51:70:ea:
a3:74:63:f5:55:7c:58:6e:b3:8d:2a:88:fa:ff:d6:f1:e5:18:
35:53:aa:4e:06:bb:b9:0f:4b:c5:0a:df:11:a2:40:51:e3:00:
30:a5:e1:bc:ba:4a:05:33:fc:45:80:bc:3b:31:c1:d6:d7:d4:
28:22:1b:aa:b0:57:bf:84:89:54:35:b5:1f:76:d1:17:b4:6c:
6c:a1:f4:89:68:f1:3b:7e:01:42:85:8d:6f:a6:45:8c:43:cf:
87:5c:11:7a:15:91:c5:88:17:9d:a1:77:42:12:7d:24:86:6b:
bc:af:e0:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhxlj9AHKrvuWeFSOcSrsFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNTMxMTEzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWNiNGIxNjJjNTBhY2MwN2I5NDdiMmYwZDI4MzBjYjE3M2MzOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxkI3SWAk5rOJry1XGskTHJ5NrI1
cuVXsw1/MJpaM1q+tpK+7jTERTQmrvU4PRzlQMX/mRoQBeNAnIJz6Zb1OOp9PwoN
lc/rNSk5RFnATMnlNM2Fbcej0/jrYEvJdEYItsnNgvLhTuQJQHa7FtrZW3gHV3vw
x8o9zCj6TSyMhSJfSgQX+kUXnuDpz7NxZHm0BOFY8IEkwprskpBs1BtireYx/4El
EqCBjotzSquTUy4XHMz3QBl3E/armFyWFpT/FrS8gAQUuT3Eq+N5/TZCcUx/Topd
6gehhbkE41DCIX6SEm5Up6blcPMOCiJY292LeTpxQQem/EdQg22d8ipXhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGHLSxYsUKzAe5R7Lw0oMMsXPDlWMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvWWN0TEZpeFFyTUI3bEhzdkRTZ3d5eGM4T1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQClN7wAwQC
uVEcMA0GCSqGSIb3DQEBCwUAA4IBAQAoCQsPYMD0MZdtTQXs9tH2P4nivCgHaEZI
yUHS6avzmYjnrEDPQvOaGj3RoX7GgTqhkDRmA7il8NuQUcYCVam9UNBdk3tANEVh
ny6zRAlcMHBFlSbQAojiCEaD1N3auQ2R9Czcl1lYldGjeL0QZ16YtjEYHhPL7qyN
JzqmVvPOekSb698FybQQgDdCQ6hRcOqjdGP1VXxYbrONKoj6/9bx5Rg1U6pOBru5
D0vFCt8RokBR4wAwpeG8ukoFM/xFgLw7McHW19QoIhuqsFe/hIlUNbUfdtEXtGxs
ofSJaPE7fgFChY1vpkWMQ8+HXBF6FZHFiBedoXdCEn0khmu8r+Ad
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org