Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yLHDeE14--hX-4ccvpfUZ2csENY.roa
File: yLHDeE14--hX-4ccvpfUZ2csENY.roa (raw, json)
Hash identifier: DTItWLaoWiGTJ8I/vh/q+mYdYaVG53zazSchc64HQSI=
Subject key identifier: C8:B1:C3:78:4D:78:FB:E8:57:FB:87:1C:BE:97:D4:67:67:2C:10:D6
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A1F89AB509AC7BEF7D28DD0DE88BA
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yLHDeE14--hX-4ccvpfUZ2csENY.roa
Signing time: Sun 01 Jan 2023 03:04:57 +0000
ROA not before: Sun 01 Jan 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3223
IP address blocks: 188.72.82.0/24 maxlen: 24
188.72.98.0/24 maxlen: 24
37.230.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:1f:89:ab:50:9a:c7:be:f7:d2:8d:d0:de:88:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8b1c3784d78fbe857fb871cbe97d467672c10d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:50:20:6e:d0:e5:99:61:3a:cc:9a:ec:e6:
73:0e:43:79:16:05:3d:20:e2:04:82:41:25:d3:14:
91:a2:e1:27:5d:d0:42:3d:7d:6f:3a:31:94:73:eb:
c8:5d:3e:67:ec:49:a2:8d:c6:26:ec:24:42:76:d6:
dd:45:c7:89:be:a5:18:c0:90:c3:61:a9:b1:e4:45:
28:c4:61:bd:35:40:e9:ac:03:5d:7f:58:01:5c:d4:
de:3c:25:71:02:af:6c:84:90:44:97:15:e1:f2:d7:
58:97:70:ae:68:b2:6f:27:55:47:3b:64:a7:3d:b1:
98:d8:84:0e:c1:a4:53:61:05:0d:ec:c6:c8:b8:68:
0b:3a:1c:ea:5c:ce:88:35:c3:aa:ab:cf:4f:ed:06:
1c:e7:52:4f:b2:c2:82:7e:92:d6:d6:7c:65:3a:1b:
64:a3:33:5f:de:42:27:11:c6:f5:f7:33:ea:a3:f2:
1c:d6:a4:c2:67:4e:82:fc:6a:31:53:ab:3e:7f:0e:
e6:d5:c2:99:f4:fa:cf:cb:20:00:c9:89:d1:2f:06:
8e:34:90:89:f8:a8:e2:6d:65:5a:59:9a:93:75:43:
b6:ad:30:db:fb:99:d8:db:c6:1b:15:df:a6:89:cb:
66:5a:49:91:fa:c3:3a:6e:3c:c4:60:e7:fe:db:e6:
63:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B1:C3:78:4D:78:FB:E8:57:FB:87:1C:BE:97:D4:67:67:2C:10:D6
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yLHDeE14--hX-4ccvpfUZ2csENY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.130.0/24
188.72.82.0/24
188.72.98.0/24
Signature Algorithm: sha256WithRSAEncryption
94:9d:70:03:5b:f8:be:1a:64:dd:7e:f0:f2:7d:66:f9:55:e9:
3d:ec:27:01:fb:e7:3c:73:82:44:5f:a1:f1:87:bd:d4:7b:c6:
a7:b7:af:9d:9f:47:fa:ca:34:b1:50:72:1d:4c:db:e4:17:00:
11:ae:7f:8a:5c:dd:79:bd:cf:36:c5:ad:32:63:b0:14:8f:22:
4c:d2:56:7e:7e:c3:aa:bc:3d:d1:0b:db:5f:1d:49:95:b1:bc:
06:f8:7b:3e:ee:44:76:f9:f6:c3:d1:71:d8:94:b3:36:5c:f4:
7d:da:a9:02:b0:8d:ac:8b:8a:a9:33:23:65:a0:f9:85:4f:20:
0a:ca:c1:55:52:f1:26:38:fc:2d:8d:1c:10:9a:94:84:ad:9e:
27:d3:36:df:1f:64:ea:5c:5e:b4:57:bb:99:91:ce:b7:e5:5a:
f3:ab:a9:eb:cd:cd:85:a8:2a:b2:27:d2:f0:57:9a:33:25:61:
c4:5c:1c:ef:a9:95:ec:c8:9d:35:b9:2e:f7:dc:15:59:41:1f:
b6:b7:92:1f:31:62:36:10:6d:28:f5:85:c7:c0:5d:61:00:f9:
d6:5b:e0:b0:8b:99:c0:8a:7c:1a:d5:4a:09:57:28:06:9e:05:
3a:4f:0e:57:d8:f4:a3:3b:1e:3e:e8:7a:ea:96:bb:2c:e4:34:
14:42:f1:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrSh+Jq1Cax7730o3Q3oi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIxYzM3ODRkNzhmYmU4NTdmYjg3MWNiZTk3ZDQ2NzY3MmMxMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq9QIG7Q5ZlhOsya7OZzDkN5FgU9
IOIEgkEl0xSRouEnXdBCPX1vOjGUc+vIXT5n7EmijcYm7CRCdtbdRceJvqUYwJDD
Yamx5EUoxGG9NUDprANdf1gBXNTePCVxAq9shJBElxXh8tdYl3CuaLJvJ1VHO2Sn
PbGY2IQOwaRTYQUN7MbIuGgLOhzqXM6INcOqq89P7QYc51JPssKCfpLW1nxlOhtk
ozNf3kInEcb19zPqo/Ic1qTCZ06C/GoxU6s+fw7m1cKZ9PrPyyAAyYnRLwaONJCJ
+KjibWVaWZqTdUO2rTDb+5nY28YbFd+mictmWkmR+sM6bjzEYOf+2+ZjVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMixw3hNePvoV/uHHL6X1GdnLBDWMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEveUxIRGVFMTQtLWhYLTRjY3ZwZlVaMmNzRU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJeaCAwQA
vEhSAwQAvEhiMA0GCSqGSIb3DQEBCwUAA4IBAQCUnXADW/i+GmTdfvDyfWb5Vek9
7CcB++c8c4JEX6Hxh73Ue8ant6+dn0f6yjSxUHIdTNvkFwARrn+KXN15vc82xa0y
Y7AUjyJM0lZ+fsOqvD3RC9tfHUmVsbwG+Hs+7kR2+fbD0XHYlLM2XPR92qkCsI2s
i4qpMyNloPmFTyAKysFVUvEmOPwtjRwQmpSErZ4n0zbfH2TqXF60V7uZkc635Vrz
q6nrzc2FqCqyJ9LwV5ozJWHEXBzvqZXsyJ01uS733BVZQR+2t5IfMWI2EG0o9YXH
wF1hAPnWW+Cwi5nAinwa1UoJVygGngU6Tw5X2PSjOx4+6Hrqlrss5DQUQvEU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org