Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/08d1cc-6373-4840-b48f-0aa08edb9063/1/YfUdBPSQY5QDpTezHp95HwQnyqo.roa
File: YfUdBPSQY5QDpTezHp95HwQnyqo.roa (raw, json)
Hash identifier: wSr6AOM35Iea5lwOILIiZyEoy2YlsMrZe1j2UuXntXc=
Subject key identifier: 61:F5:1D:04:F4:90:63:94:03:A5:37:B3:1E:9F:79:1F:04:27:CA:AA
Certificate issuer: /CN=59d76af9091da1581bba5ec13e5dbdb7362d9d0f
Certificate serial: 01856E01EACC44A9015202AD877F5B29BDAD
Authority key identifier: 59:D7:6A:F9:09:1D:A1:58:1B:BA:5E:C1:3E:5D:BD:B7:36:2D:9D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wddq-QkdoVgbul7BPl29tzYtnQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/08d1cc-6373-4840-b48f-0aa08edb9063/1/YfUdBPSQY5QDpTezHp95HwQnyqo.roa
Signing time: Sun 01 Jan 2023 15:44:57 +0000
ROA not before: Sun 01 Jan 2023 15:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213150
IP address blocks: 185.216.11.0/24 maxlen: 24
2a07:e940::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:ea:cc:44:a9:01:52:02:ad:87:7f:5b:29:bd:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59d76af9091da1581bba5ec13e5dbdb7362d9d0f
Validity
Not Before: Jan 1 15:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61f51d04f490639403a537b31e9f791f0427caaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:b6:13:3d:0a:0a:38:2f:68:46:86:e5:95:
7e:8a:1f:a0:b2:ff:e7:a3:53:83:4d:1a:2e:a3:e8:
88:34:f3:09:37:c6:0b:f5:41:99:d1:4d:2c:72:16:
ec:57:be:cf:61:5b:6f:cc:da:e6:6c:47:14:de:5f:
d2:27:0a:0a:15:35:14:53:a2:8a:0b:41:dc:2a:71:
fe:63:61:a9:12:5d:5e:dd:9e:67:7d:7c:ed:2c:d0:
58:e6:04:dc:fb:15:dd:4c:f4:54:18:d2:22:d7:39:
c2:c8:09:0b:d2:75:04:1e:58:4c:4c:07:97:9b:89:
77:d1:0e:46:17:14:ef:af:78:2c:2c:dd:10:98:cc:
df:e4:f0:e0:36:51:f3:9b:b5:56:b3:ef:17:ac:96:
4d:f0:ed:22:1e:26:2c:01:7f:5f:d7:6b:ae:c1:c4:
d2:e6:d6:67:06:d6:71:c1:05:f5:64:12:56:3f:a0:
b3:3b:cf:aa:86:d0:fa:ea:b2:c3:37:c4:07:bb:67:
c3:c5:cc:8e:a1:66:85:f8:f4:40:e4:0c:3a:ef:cb:
5c:a9:71:ee:69:10:3c:80:9b:46:de:fb:33:75:67:
87:30:98:cd:77:23:19:00:cd:c8:58:64:06:e4:31:
6f:6f:ac:8b:28:c9:3a:81:a6:af:11:82:b4:55:78:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F5:1D:04:F4:90:63:94:03:A5:37:B3:1E:9F:79:1F:04:27:CA:AA
X509v3 Authority Key Identifier:
keyid:59:D7:6A:F9:09:1D:A1:58:1B:BA:5E:C1:3E:5D:BD:B7:36:2D:9D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wddq-QkdoVgbul7BPl29tzYtnQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/08d1cc-6373-4840-b48f-0aa08edb9063/1/YfUdBPSQY5QDpTezHp95HwQnyqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/08d1cc-6373-4840-b48f-0aa08edb9063/1/Wddq-QkdoVgbul7BPl29tzYtnQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.11.0/24
IPv6:
2a07:e940::/29
Signature Algorithm: sha256WithRSAEncryption
4a:f3:5f:12:76:7a:25:78:37:6a:74:cd:c7:85:7f:05:57:01:
36:62:f2:8a:55:39:2c:83:89:b1:3a:cd:11:c0:94:15:df:33:
4f:94:25:16:07:c8:a3:4f:fc:40:04:54:fc:3d:a4:fc:ad:02:
18:47:9e:b7:f2:c5:2e:db:ec:11:c0:3b:ac:db:f7:6d:45:b4:
2a:62:c5:74:db:bb:6c:d3:fb:80:f8:4c:54:0a:7a:6b:89:ab:
f3:4a:81:83:21:85:45:40:7a:77:e6:22:93:20:3a:d9:ef:ed:
d7:47:65:40:dd:df:10:75:92:d0:50:63:28:71:ff:91:f0:50:
9b:84:f3:2a:3d:8a:4f:e5:8e:aa:11:c6:92:90:2d:3e:ac:7e:
0e:e3:64:5c:ea:74:78:61:30:24:ef:77:29:a4:a0:7e:9d:61:
5a:92:bb:8e:7b:f9:d1:6b:14:fb:d5:47:a2:d9:95:78:75:74:
5f:77:05:d1:39:35:43:9a:48:ac:bb:9c:d0:e3:95:f7:b7:90:
06:64:c7:c6:28:34:90:98:39:84:d2:da:0e:d2:a7:34:ed:14:
56:1f:fa:09:9f:70:39:31:08:cd:55:54:b1:8d:7c:47:a8:77:
65:a0:cf:b2:ef:92:83:8e:cb:c0:ff:ea:c4:57:b5:28:11:2b:
33:dd:3c:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAerMRKkBUgKth39bKb2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZDc2YWY5MDkxZGExNTgxYmJhNWVjMTNlNWRiZGI3MzYy
ZDlkMGYwHhcNMjMwMTAxMTU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY1MWQwNGY0OTA2Mzk0MDNhNTM3YjMxZTlmNzkxZjA0MjdjYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv62Ez0KCjgvaEaG5ZV+ih+gsv/n
o1ODTRouo+iINPMJN8YL9UGZ0U0schbsV77PYVtvzNrmbEcU3l/SJwoKFTUUU6KK
C0HcKnH+Y2GpEl1e3Z5nfXztLNBY5gTc+xXdTPRUGNIi1znCyAkL0nUEHlhMTAeX
m4l30Q5GFxTvr3gsLN0QmMzf5PDgNlHzm7VWs+8XrJZN8O0iHiYsAX9f12uuwcTS
5tZnBtZxwQX1ZBJWP6CzO8+qhtD66rLDN8QHu2fDxcyOoWaF+PRA5Aw678tcqXHu
aRA8gJtG3vszdWeHMJjNdyMZAM3IWGQG5DFvb6yLKMk6gaavEYK0VXhuSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGH1HQT0kGOUA6U3sx6feR8EJ8qqMB8GA1UdIwQY
MBaAFFnXavkJHaFYG7pewT5dvbc2LZ0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2RkcS1Ra2RvVmdidWw3QlBsMjl0ell0blE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wOGQxY2MtNjM3My00ODQwLWI0OGYt
MGFhMDhlZGI5MDYzLzEvWWZVZEJQU1FZNVFEcFRlekhwOTVId1FueXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wOGQxY2MtNjM3My00ODQwLWI0OGYtMGFhMDhlZGI5MDYz
LzEvV2RkcS1Ra2RvVmdidWw3QlBsMjl0ell0blE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudgLMA0E
AgACMAcDBQMqB+lAMA0GCSqGSIb3DQEBCwUAA4IBAQBK818SdnoleDdqdM3HhX8F
VwE2YvKKVTksg4mxOs0RwJQV3zNPlCUWB8ijT/xABFT8PaT8rQIYR5638sUu2+wR
wDus2/dtRbQqYsV027ts0/uA+ExUCnpriavzSoGDIYVFQHp35iKTIDrZ7+3XR2VA
3d8QdZLQUGMocf+R8FCbhPMqPYpP5Y6qEcaSkC0+rH4O42Rc6nR4YTAk73cppKB+
nWFakruOe/nRaxT71Uei2ZV4dXRfdwXROTVDmkisu5zQ45X3t5AGZMfGKDSQmDmE
0toO0qc07RRWH/oJn3A5MQjNVVSxjXxHqHdloM+y75KDjsvA/+rEV7UoESsz3TxW
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:03 2024 by rpki-client on console-ams.rpki-client.org