Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/YECX_mBOUmUL6anpTt2JwEpyzzc.roa
File: YECX_mBOUmUL6anpTt2JwEpyzzc.roa (raw, json)
Hash identifier: k18hJyo3xsyCSYUjIvjDww1b+ZCfZlWT2YTWngT8DcI=
Subject key identifier: 60:40:97:FE:60:4E:52:65:0B:E9:A9:E9:4E:DD:89:C0:4A:72:CF:37
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018CC86F7FCDF9FCCCA1D4B7EEBB6F4AF440
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/YECX_mBOUmUL6anpTt2JwEpyzzc.roa
Signing time: Tue 02 Jan 2024 04:29:59 +0000
ROA not before: Tue 02 Jan 2024 04:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209990
IP address blocks: 185.23.202.0/23 maxlen: 23
2a0d:f9c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 14 Mar 2024 19:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:7f:cd:f9:fc:cc:a1:d4:b7:ee:bb:6f:4a:f4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 04:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=604097fe604e52650be9a9e94edd89c04a72cf37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:09:be:83:d2:dd:47:34:03:ba:66:28:91:
c6:cf:e1:f5:04:3e:7a:cb:2a:ca:67:c3:e3:29:c7:
29:4c:24:e0:72:34:de:7b:c3:80:74:34:3c:1d:1a:
2c:d6:23:2a:4c:7f:5b:88:63:ea:99:31:b3:4a:04:
9d:90:6d:7b:9e:88:c7:7e:d8:04:89:47:82:6b:a8:
ca:45:6e:c5:06:9a:a5:9a:f6:2a:63:23:cb:52:d7:
e9:61:44:49:81:f5:38:93:82:9d:ab:b8:71:7b:a3:
ea:4f:18:66:fe:65:17:0e:9e:b1:3c:1f:e8:4d:a2:
5b:f5:83:13:a4:05:e5:8f:de:c3:4c:8b:05:22:5f:
2a:f5:31:73:4a:36:6e:d3:6a:32:d3:cd:05:2e:85:
e6:10:3d:59:cb:c6:37:38:f1:04:21:e4:86:e3:45:
3c:a4:7f:5d:26:b5:42:0c:83:58:a2:9b:dc:ac:88:
9f:62:01:92:a4:1f:98:18:28:1f:48:bc:57:3c:92:
0e:fc:a3:84:92:99:ba:db:88:e2:24:6d:51:c1:5d:
8c:a3:70:d7:46:f3:a9:ef:a0:1f:32:e4:9a:15:28:
d2:d0:d7:81:c3:c3:11:44:29:86:4e:0e:43:af:69:
03:73:0d:3c:e4:54:a3:9f:6f:4c:f7:5e:ca:6c:19:
14:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:40:97:FE:60:4E:52:65:0B:E9:A9:E9:4E:DD:89:C0:4A:72:CF:37
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/YECX_mBOUmUL6anpTt2JwEpyzzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.202.0/23
IPv6:
2a0d:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:1e:40:42:a9:ba:bc:72:82:9a:17:ec:1f:29:c5:4b:8d:33:
09:33:4b:c9:25:84:9a:99:ab:10:24:92:fe:5a:c0:ea:66:7d:
ad:65:8f:d9:cb:ef:b2:75:cd:d4:4d:25:7b:30:62:09:d8:27:
8c:bb:43:b5:4a:06:b8:b0:43:8d:f2:52:73:67:8c:39:c7:d5:
f4:da:93:ba:fe:bc:84:58:cd:dd:04:da:07:6b:67:97:a6:4e:
f7:8e:07:10:35:4f:95:91:25:93:9f:78:16:a4:31:08:0d:23:
b0:2f:e2:3b:02:00:7f:d3:d6:67:2b:c5:4e:73:9e:ca:d1:34:
a1:86:f1:1d:9d:ad:eb:10:24:3b:bd:cd:24:f1:ae:39:5a:38:
37:d7:03:f2:81:24:fa:9f:9f:2c:37:6c:96:1b:0d:ea:65:03:
59:6d:66:7b:35:64:e0:45:7f:db:e1:be:e7:a2:59:eb:de:30:
58:aa:05:80:c7:c6:2d:10:ea:a8:91:33:88:d5:d7:e6:ea:fb:
fa:78:f0:0c:de:e4:78:fe:f0:93:01:3a:40:13:4f:21:30:40:
8b:da:c4:82:2e:87:4f:34:e8:23:af:39:36:71:69:b7:dd:8a:
90:64:4b:96:d7:f9:e9:14:45:11:e7:15:76:77:57:73:f1:b3:
21:84:4c:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb3/N+fzModS37rtvSvRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjQwMTAyMDQyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQwOTdmZTYwNGU1MjY1MGJlOWE5ZTk0ZWRkODljMDRhNzJjZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj4JvoPS3Uc0A7pmKJHGz+H1BD56
yyrKZ8PjKccpTCTgcjTee8OAdDQ8HRos1iMqTH9biGPqmTGzSgSdkG17nojHftgE
iUeCa6jKRW7FBpqlmvYqYyPLUtfpYURJgfU4k4Kdq7hxe6PqTxhm/mUXDp6xPB/o
TaJb9YMTpAXlj97DTIsFIl8q9TFzSjZu02oy080FLoXmED1Zy8Y3OPEEIeSG40U8
pH9dJrVCDINYopvcrIifYgGSpB+YGCgfSLxXPJIO/KOEkpm624jiJG1RwV2Mo3DX
RvOp76AfMuSaFSjS0NeBw8MRRCmGTg5Dr2kDcw085FSjn29M917KbBkUjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGBAl/5gTlJlC+mp6U7dicBKcs83MB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvWUVDWF9tQk9VbVVMNmFucFR0Mkp3RXB5enpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRfKMA0E
AgACMAcDBQMqDfnAMA0GCSqGSIb3DQEBCwUAA4IBAQAHHkBCqbq8coKaF+wfKcVL
jTMJM0vJJYSamasQJJL+WsDqZn2tZY/Zy++ydc3UTSV7MGIJ2CeMu0O1Sga4sEON
8lJzZ4w5x9X02pO6/ryEWM3dBNoHa2eXpk73jgcQNU+VkSWTn3gWpDEIDSOwL+I7
AgB/09ZnK8VOc57K0TShhvEdna3rECQ7vc0k8a45Wjg31wPygST6n58sN2yWGw3q
ZQNZbWZ7NWTgRX/b4b7nolnr3jBYqgWAx8YtEOqokTOI1dfm6vv6ePAM3uR4/vCT
ATpAE08hMECL2sSCLodPNOgjrzk2cWm33YqQZEuW1/npFEUR5xV2d1dz8bMhhEw7
-----END CERTIFICATE-----
Generated at Thu Mar 14 21:21:08 2024 by rpki-client on console-ams.rpki-client.org