Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YiUbEZUjhi4rVjqAWEkwF43qOtM.roa
File: YiUbEZUjhi4rVjqAWEkwF43qOtM.roa (raw, json)
Hash identifier: Ypqpa7NLWtyjt+Vo1p5bTv7matOrtvUz1owUWiE+88s=
Subject key identifier: 62:25:1B:11:95:23:86:2E:2B:56:3A:80:58:49:30:17:8D:EA:3A:D3
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018AC0B450F6E5A468B4CEC0F62F8FE6C31B
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YiUbEZUjhi4rVjqAWEkwF43qOtM.roa
Signing time: Sat 23 Sep 2023 06:22:37 +0000
ROA not before: Sat 23 Sep 2023 06:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
185.81.28.0/23 maxlen: 24
185.81.30.0/23 maxlen: 24
188.64.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 07:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c0:b4:50:f6:e5:a4:68:b4:ce:c0:f6:2f:8f:e6:c3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Sep 23 06:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62251b119523862e2b563a80584930178dea3ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e3:bd:ed:29:ae:78:35:38:66:28:87:87:7c:
85:7a:89:84:98:6a:f4:8f:15:33:26:4a:61:f3:7a:
0c:67:73:5d:de:54:8c:01:48:2c:c3:05:d5:80:d7:
69:e1:d3:7b:8b:e6:a9:25:5f:f4:7b:ff:14:de:16:
e4:95:63:f3:67:21:0c:f4:ef:cb:15:1f:1f:58:04:
39:25:f1:0b:e4:bf:d8:91:ac:db:54:47:65:fc:42:
24:81:82:6d:61:69:6b:73:e4:ed:4c:e5:f4:78:6c:
22:b5:2a:71:8e:52:89:0e:ff:c7:f8:f4:c8:d1:52:
b7:45:04:89:46:36:63:20:dc:5b:50:d0:77:ee:29:
94:f0:d4:e9:eb:fa:6c:84:00:54:47:0f:d2:e7:80:
37:2f:9e:8d:ae:71:88:bb:e4:3a:28:bb:65:44:e8:
4f:83:5d:81:5f:30:5f:4f:a9:38:56:81:8b:f3:e6:
68:95:28:ee:28:1c:92:cb:a3:72:fe:2a:69:1a:11:
b3:c9:b6:8b:d4:be:ae:63:7c:12:91:25:6a:77:cd:
3f:99:84:eb:04:d9:1d:1c:c4:eb:5f:45:89:65:18:
96:d8:6a:8d:b9:72:bc:42:9c:65:a9:5d:27:d9:65:
92:3e:e7:8f:5a:3a:16:d8:de:20:df:37:65:d3:1d:
b3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:25:1B:11:95:23:86:2E:2B:56:3A:80:58:49:30:17:8D:EA:3A:D3
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/YiUbEZUjhi4rVjqAWEkwF43qOtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.28.0/22
188.64.108.0/22
Signature Algorithm: sha256WithRSAEncryption
12:e4:96:5b:49:3f:9b:03:78:e4:4b:8d:ac:f6:ad:50:91:42:
25:0c:a8:1f:4b:fb:57:2b:9f:df:81:58:20:21:6f:5d:e7:26:
a0:78:b0:cb:7d:da:db:cf:b0:ac:85:f6:36:a3:5d:1a:d6:ce:
11:17:a5:8d:3a:02:62:24:f8:55:27:ad:27:48:74:07:48:50:
e6:d4:d6:c7:86:4e:48:83:cd:6c:91:e5:81:88:5d:da:96:1e:
82:7a:39:c6:24:be:ee:fe:e7:2e:8a:58:0a:74:a0:20:7d:16:
19:1d:d8:78:8c:e1:0c:5c:96:c9:fa:2d:4a:ec:a6:42:66:54:
0e:2c:52:23:4e:69:8a:97:18:6e:75:dc:75:6f:16:16:18:7e:
81:49:37:66:eb:4e:72:14:f0:15:27:f6:e2:81:43:36:bd:5d:
6e:a4:68:d9:39:c2:c1:b6:52:8e:83:3c:81:40:b7:86:a3:19:
c3:60:8f:e5:54:dd:b4:4d:02:cc:ef:83:3b:8a:36:d2:89:dc:
71:c3:0d:80:61:23:96:b6:2c:dd:e5:30:b6:82:17:9e:01:ad:
9a:f6:e8:cc:3d:7d:ac:3d:b6:01:e7:c0:4c:e7:14:15:fb:c9:
07:13:df:b4:be:c6:61:44:bd:21:3b:f3:f5:59:02:db:68:38:
f0:a0:f7:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrAtFD25aRotM7A9i+P5sMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwOTIzMDYyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjI1MWIxMTk1MjM4NjJlMmI1NjNhODA1ODQ5MzAxNzhkZWEzYWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+O97SmueDU4ZiiHh3yFeomEmGr0
jxUzJkph83oMZ3Nd3lSMAUgswwXVgNdp4dN7i+apJV/0e/8U3hbklWPzZyEM9O/L
FR8fWAQ5JfEL5L/YkazbVEdl/EIkgYJtYWlrc+TtTOX0eGwitSpxjlKJDv/H+PTI
0VK3RQSJRjZjINxbUNB37imU8NTp6/pshABURw/S54A3L56NrnGIu+Q6KLtlROhP
g12BXzBfT6k4VoGL8+ZolSjuKBySy6Ny/ippGhGzybaL1L6uY3wSkSVqd80/mYTr
BNkdHMTrX0WJZRiW2GqNuXK8QpxlqV0n2WWSPuePWjoW2N4g3zdl0x2zDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGIlGxGVI4YuK1Y6gFhJMBeN6jrTMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvWWlVYkVaVWpoaTRyVmpxQVdFa3dGNDNxT3RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVEcAwQC
vEBsMA0GCSqGSIb3DQEBCwUAA4IBAQAS5JZbST+bA3jkS42s9q1QkUIlDKgfS/tX
K5/fgVggIW9d5yageLDLfdrbz7CshfY2o10a1s4RF6WNOgJiJPhVJ60nSHQHSFDm
1NbHhk5Ig81skeWBiF3alh6CejnGJL7u/ucuilgKdKAgfRYZHdh4jOEMXJbJ+i1K
7KZCZlQOLFIjTmmKlxhuddx1bxYWGH6BSTdm605yFPAVJ/bigUM2vV1upGjZOcLB
tlKOgzyBQLeGoxnDYI/lVN20TQLM74M7ijbSidxxww2AYSOWtizd5TC2gheeAa2a
9ujMPX2sPbYB58BM5xQV+8kHE9+0vsZhRL0hO/P1WQLbaDjwoPcU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org