Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jyH6QlaHXbzgjroMUQ1lsXkBokI.roa
File: jyH6QlaHXbzgjroMUQ1lsXkBokI.roa (raw, json)
Hash identifier: xt9tj8vYnESWrnwqRbM/syJQLFh4XtkPQuswO+EJGcc=
Subject key identifier: 8F:21:FA:42:56:87:5D:BC:E0:8E:BA:0C:51:0D:65:B1:79:01:A2:42
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 01856FF0640B98A7D35505BAA67E65D26340
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jyH6QlaHXbzgjroMUQ1lsXkBokI.roa
Signing time: Mon 02 Jan 2023 00:45:03 +0000
ROA not before: Mon 02 Jan 2023 00:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26114
IP address blocks: 62.67.43.0/24 maxlen: 24
62.140.11.0/24 maxlen: 24
213.244.141.0/24 maxlen: 24
213.244.163.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:64:0b:98:a7:d3:55:05:ba:a6:7e:65:d2:63:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 00:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f21fa4256875dbce08eba0c510d65b17901a242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:e5:59:8f:9d:bb:ee:0e:51:1e:8f:8e:ee:
a2:19:09:08:25:77:a7:ef:71:5c:99:0b:89:c5:3c:
cf:fb:43:da:a2:7d:e2:6f:5a:97:86:59:3b:22:06:
47:0c:48:e5:ae:b2:31:c3:61:97:10:3c:5e:88:54:
50:55:49:17:14:42:a4:16:31:72:eb:d4:76:ac:61:
c8:e3:89:fc:70:be:60:36:96:e9:ca:08:9a:9a:a3:
41:fa:90:93:fe:d7:95:bb:19:d3:f7:c4:d4:19:ff:
da:95:46:30:7e:0c:fa:71:94:26:ee:3a:9a:99:f8:
4a:3e:23:d9:17:f3:1f:aa:59:dc:e4:c1:0f:bc:6c:
6e:1a:e4:c7:77:39:67:9e:fe:17:3c:7a:3e:dd:b5:
6f:e1:9c:57:3c:19:f7:71:21:c1:01:81:53:79:91:
d2:b7:ea:d1:bd:2a:a3:c2:f0:03:f1:13:7f:c1:3d:
c7:42:2b:8c:95:b4:fc:c2:09:00:91:f3:37:bd:01:
39:c8:cd:e5:fd:0a:55:12:1b:8b:17:fb:53:f4:db:
d1:33:87:d1:14:6e:9f:18:60:53:88:5f:32:2f:33:
08:69:6f:e5:ed:c9:3b:d4:2f:a3:b4:66:36:ca:63:
02:16:f0:d7:82:63:35:84:fe:d8:78:ad:17:36:88:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:21:FA:42:56:87:5D:BC:E0:8E:BA:0C:51:0D:65:B1:79:01:A2:42
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/jyH6QlaHXbzgjroMUQ1lsXkBokI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.67.43.0/24
62.140.11.0/24
213.244.141.0/24
213.244.163.0/24
Signature Algorithm: sha256WithRSAEncryption
75:be:1a:62:b7:1e:3c:22:f9:46:0d:d1:2a:40:4d:53:85:c8:
02:ff:27:18:23:1e:1d:d2:b9:f6:08:da:2c:ad:81:da:70:59:
dc:72:1b:b0:ec:80:ba:fc:9d:49:95:cd:46:00:9c:fa:4c:8b:
82:46:01:5c:36:c4:4e:29:d0:a8:e4:ed:af:97:5b:a2:19:d1:
93:df:0f:e3:bd:16:eb:0d:66:6a:44:72:db:78:df:15:81:80:
60:a1:4e:fb:8f:18:1e:a3:57:81:46:6f:58:e8:0f:95:c7:6e:
a6:0e:60:da:19:60:10:79:1f:0f:43:5d:09:7e:9c:e5:35:e7:
fe:77:51:b7:5b:da:b0:b5:70:7a:5c:04:73:d0:39:6d:09:a3:
50:7b:ed:26:ae:ea:64:e3:7c:34:36:f8:d5:1e:05:bf:ff:86:
71:3b:84:66:f3:54:13:67:34:1c:ad:98:1a:8c:b6:ec:bb:b6:
ac:8e:4e:33:69:6a:c9:c2:84:c2:e7:f4:af:5b:7c:b3:5a:93:
de:05:4f:3c:bf:c1:e6:22:5f:8e:77:3e:d9:41:85:61:f7:46:
a1:13:1e:71:76:d6:6a:e7:b7:8e:f4:b1:db:36:c3:3c:a5:6b:
f0:79:47:6c:7a:48:a6:2b:07:48:5f:e5:b4:29:e9:59:4a:8f:
ad:f8:a8:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVv8GQLmKfTVQW6pn5l0mNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjMwMTAyMDA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjIxZmE0MjU2ODc1ZGJjZTA4ZWJhMGM1MTBkNjViMTc5MDFhMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcnlWY+du+4OUR6Pju6iGQkIJXen
73FcmQuJxTzP+0Paon3ib1qXhlk7IgZHDEjlrrIxw2GXEDxeiFRQVUkXFEKkFjFy
69R2rGHI44n8cL5gNpbpygiamqNB+pCT/teVuxnT98TUGf/alUYwfgz6cZQm7jqa
mfhKPiPZF/Mfqlnc5MEPvGxuGuTHdzlnnv4XPHo+3bVv4ZxXPBn3cSHBAYFTeZHS
t+rRvSqjwvAD8RN/wT3HQiuMlbT8wgkAkfM3vQE5yM3l/QpVEhuLF/tT9NvRM4fR
FG6fGGBTiF8yLzMIaW/l7ck71C+jtGY2ymMCFvDXgmM1hP7YeK0XNojI/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI8h+kJWh1284I66DFENZbF5AaJCMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvanlINlFsYUhYYnpnanJvTVVRMWxzWGtCb2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkMrAwQA
PowLAwQA1fSNAwQA1fSjMA0GCSqGSIb3DQEBCwUAA4IBAQB1vhpitx48IvlGDdEq
QE1ThcgC/ycYIx4d0rn2CNosrYHacFncchuw7IC6/J1Jlc1GAJz6TIuCRgFcNsRO
KdCo5O2vl1uiGdGT3w/jvRbrDWZqRHLbeN8VgYBgoU77jxgeo1eBRm9Y6A+Vx26m
DmDaGWAQeR8PQ10JfpzlNef+d1G3W9qwtXB6XARz0DltCaNQe+0mrupk43w0NvjV
HgW//4ZxO4Rm81QTZzQcrZgajLbsu7asjk4zaWrJwoTC5/SvW3yzWpPeBU88v8Hm
Il+Odz7ZQYVh90ahEx5xdtZq57eO9LHbNsM8pWvweUdsekimKwdIX+W0KelZSo+t
+Kgv
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:29 2024 by rpki-client on console-fra.rpki-client.org