Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/ymHgZ-UVaCbqnaj_vfpKG9VAftY.roa
File: ymHgZ-UVaCbqnaj_vfpKG9VAftY.roa (raw, json)
Hash identifier: JmG0GomVGwSPbHdXxFTAyc4Di2VkruhFzF0nWOr0do0=
Subject key identifier: CA:61:E0:67:E5:15:68:26:EA:9D:A8:FF:BD:FA:4A:1B:D5:40:7E:D6
Certificate issuer: /CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Certificate serial: 0185700B909D6CC6E2DED818CAB5999D6934
Authority key identifier: 80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/ymHgZ-UVaCbqnaj_vfpKG9VAftY.roa
Signing time: Mon 02 Jan 2023 01:14:44 +0000
ROA not before: Mon 02 Jan 2023 01:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50178
IP address blocks: 185.161.192.0/22 maxlen: 22
185.161.192.0/24 maxlen: 24
185.161.194.0/24 maxlen: 24
185.161.195.0/24 maxlen: 24
185.161.193.0/24 maxlen: 24
2a07:c700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:0b:90:9d:6c:c6:e2:de:d8:18:ca:b5:99:9d:69:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Validity
Not Before: Jan 2 01:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca61e067e5156826ea9da8ffbdfa4a1bd5407ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:28:64:d8:6b:97:1c:47:b7:4e:1c:eb:b2:71:
d9:52:5e:ca:e2:d5:17:02:dd:dc:50:e6:4f:1f:6e:
1c:fc:f1:d6:21:9a:2e:59:94:91:f4:5b:6b:7e:1a:
7b:e9:6b:f4:6d:5a:49:4b:98:db:18:58:0e:07:8d:
48:c8:6f:41:83:6e:fb:5d:75:13:2b:1e:59:af:5d:
b2:b2:c3:2d:37:d3:b5:a0:3c:37:dc:28:3e:89:10:
96:2a:bd:71:33:1c:1f:dd:07:33:9b:36:79:6d:fc:
5f:f8:30:d3:e5:80:ce:2e:d1:97:b1:34:43:23:01:
fc:31:f2:ba:df:29:28:d6:2a:66:8e:14:c4:ee:d7:
8a:3f:f4:3e:95:d4:84:c5:80:b1:e5:62:ae:e1:11:
53:e8:47:2a:53:54:01:2e:e0:32:48:2b:ed:36:5a:
97:7a:8f:0f:7a:33:40:af:37:91:60:37:19:3f:0c:
cf:a3:1f:44:6d:45:a4:e5:c8:55:ff:45:5d:74:ae:
ff:6c:64:90:27:9b:17:1c:b1:3c:70:39:92:02:50:
be:10:3e:4b:42:4c:3d:e2:e2:e4:a4:d0:1a:a6:f4:
8d:ca:c3:f2:46:50:82:c9:84:80:f5:22:60:00:b9:
93:e0:82:51:6b:65:49:33:fd:64:8a:42:07:e5:4f:
a8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:61:E0:67:E5:15:68:26:EA:9D:A8:FF:BD:FA:4A:1B:D5:40:7E:D6
X509v3 Authority Key Identifier:
keyid:80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/ymHgZ-UVaCbqnaj_vfpKG9VAftY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/gJ7XCYERxniJisDwrsl_3Ts7bQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.192.0/22
IPv6:
2a07:c700::/29
Signature Algorithm: sha256WithRSAEncryption
6b:d0:29:cb:c5:63:be:09:18:be:9e:53:3b:2d:e6:35:3b:63:
f6:60:ba:40:94:0b:3b:9d:1d:63:eb:4b:33:a9:34:db:42:df:
5e:5f:9f:18:ba:b5:fb:0a:9b:b0:7d:b8:0d:35:17:1f:1d:d2:
ba:aa:ac:8d:de:92:a8:73:41:16:0b:d2:2b:a1:60:6a:39:98:
95:f7:65:65:4a:51:55:40:26:00:32:dd:31:ae:cc:44:9a:a8:
ef:5a:01:65:d9:8d:f7:2e:45:bc:2c:b5:2d:d1:23:ce:74:21:
4d:c9:40:a1:be:d2:67:1a:b7:f8:92:d7:26:bc:ff:4c:dc:fe:
71:f2:7a:9d:18:4f:fb:80:43:df:6e:18:35:98:4a:88:a9:ba:
e9:29:d0:a7:b1:9c:d2:06:3e:98:e1:91:6f:ac:8e:3d:29:84:
9a:7e:12:2f:2f:89:a1:57:d7:fe:9a:86:e4:5f:b0:92:f2:6f:
92:ad:0b:3c:1f:94:f7:19:73:9d:f4:af:20:aa:31:5f:bf:a5:
50:96:68:91:c4:64:4e:9f:b7:c9:5a:bf:31:15:e6:88:fe:29:
55:c3:6b:b5:0e:e3:12:83:49:44:ea:9d:29:e1:cb:0b:ee:78:
1e:8a:92:73:d6:1d:78:0d:6c:55:16:36:09:d6:5a:0b:1b:7e:
6d:10:4a:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwC5CdbMbi3tgYyrWZnWk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOWVkNzA5ODExMWM2Nzg4OThhYzBmMGFlYzk3ZmRkM2Iz
YjZkMDIwHhcNMjMwMTAyMDExNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYxZTA2N2U1MTU2ODI2ZWE5ZGE4ZmZiZGZhNGExYmQ1NDA3ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Shk2GuXHEe3ThzrsnHZUl7K4tUX
At3cUOZPH24c/PHWIZouWZSR9Ftrfhp76Wv0bVpJS5jbGFgOB41IyG9Bg277XXUT
Kx5Zr12yssMtN9O1oDw33Cg+iRCWKr1xMxwf3QczmzZ5bfxf+DDT5YDOLtGXsTRD
IwH8MfK63yko1ipmjhTE7teKP/Q+ldSExYCx5WKu4RFT6EcqU1QBLuAySCvtNlqX
eo8PejNArzeRYDcZPwzPox9EbUWk5chV/0VddK7/bGSQJ5sXHLE8cDmSAlC+ED5L
Qkw94uLkpNAapvSNysPyRlCCyYSA9SJgALmT4IJRa2VJM/1kikIH5U+oxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMph4GflFWgm6p2o/736ShvVQH7WMB8GA1UdIwQY
MBaAFICe1wmBEcZ4iYrA8K7Jf907O20CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0o3WENZRVJ4bmlKaXNEd3JzbF8zVHM3YlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNGE0NzctMDhhMi00ZThjLThjNGQt
MDEwY2Q5MDc5YWJmLzEveW1IZ1otVVZhQ2JxbmFqX3ZmcEtHOVZBZnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNGE0NzctMDhhMi00ZThjLThjNGQtMDEwY2Q5MDc5YWJm
LzEvZ0o3WENZRVJ4bmlKaXNEd3JzbF8zVHM3YlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaHAMA0E
AgACMAcDBQMqB8cAMA0GCSqGSIb3DQEBCwUAA4IBAQBr0CnLxWO+CRi+nlM7LeY1
O2P2YLpAlAs7nR1j60szqTTbQt9eX58YurX7CpuwfbgNNRcfHdK6qqyN3pKoc0EW
C9IroWBqOZiV92VlSlFVQCYAMt0xrsxEmqjvWgFl2Y33LkW8LLUt0SPOdCFNyUCh
vtJnGrf4ktcmvP9M3P5x8nqdGE/7gEPfbhg1mEqIqbrpKdCnsZzSBj6Y4ZFvrI49
KYSafhIvL4mhV9f+mobkX7CS8m+SrQs8H5T3GXOd9K8gqjFfv6VQlmiRxGROn7fJ
Wr8xFeaI/ilVw2u1DuMSg0lE6p0p4csL7ngeipJz1h14DWxVFjYJ1loLG35tEEro
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:24 2024 by rpki-client on console-ams.rpki-client.org