Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yxNInykN9deS6B8OwO6ahYgUyqk.roa
File: yxNInykN9deS6B8OwO6ahYgUyqk.roa (raw, json)
Hash identifier: UVIvEypNOcQj1UNfeiszT2LtWCSx9HFHBLQnnOLqm/g=
Subject key identifier: CB:13:48:9F:29:0D:F5:D7:92:E8:1F:0E:C0:EE:9A:85:88:14:CA:A9
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A45F9375FC08128CBB2ED3F889F51
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yxNInykN9deS6B8OwO6ahYgUyqk.roa
Signing time: Sun 01 Jan 2023 03:05:07 +0000
ROA not before: Sun 01 Jan 2023 03:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208295
IP address blocks: 188.72.100.0/24 maxlen: 24
188.72.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:45:f9:37:5f:c0:81:28:cb:b2:ed:3f:88:9f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb13489f290df5d792e81f0ec0ee9a858814caa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:e4:76:d4:6f:08:a8:b9:79:eb:15:a7:18:
2b:23:d3:d0:64:9e:33:04:87:4c:f0:f3:42:40:45:
8c:e2:e3:ec:9d:dc:14:89:2a:f0:5b:a6:62:bf:31:
a6:20:83:28:d6:d1:98:d4:0a:75:b0:65:ba:31:eb:
27:62:81:cf:0b:6c:7e:be:4f:a1:13:b9:f2:77:c9:
91:2c:34:2d:d6:7b:eb:87:ea:8c:4b:aa:6a:92:ec:
03:8d:40:d0:8c:f4:4b:b9:eb:0f:9f:96:36:3e:fb:
ea:e4:67:6b:ea:b8:79:89:08:01:3a:f0:cb:6a:f5:
3c:5b:45:77:29:10:2c:22:12:37:8f:d8:83:0f:eb:
53:00:f0:1b:b6:ad:53:61:a3:8c:8d:38:d5:65:ea:
42:4c:40:6a:5f:44:11:a8:22:27:da:a4:40:4e:fb:
eb:94:19:36:96:d7:aa:e1:19:a7:99:a5:06:66:58:
65:0a:ce:90:06:c3:79:0f:98:67:1d:c4:46:9c:b7:
bc:95:19:fe:11:e8:32:92:24:bb:e7:ee:0f:26:64:
5c:6b:97:7c:ce:11:5d:c1:16:b2:d6:41:8c:59:9f:
f4:d2:ba:cd:be:23:be:5b:ac:d2:72:7b:42:14:51:
e4:70:a3:ef:4d:99:a2:91:3a:9d:c5:ab:cf:14:2c:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:13:48:9F:29:0D:F5:D7:92:E8:1F:0E:C0:EE:9A:85:88:14:CA:A9
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/yxNInykN9deS6B8OwO6ahYgUyqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.99.0-188.72.100.255
Signature Algorithm: sha256WithRSAEncryption
3a:42:ad:8f:de:ba:3b:36:62:52:77:79:03:fb:dd:d8:ca:e2:
f4:44:81:98:04:f0:a5:c6:17:f8:56:1d:a1:0c:77:9a:a8:69:
29:01:f5:70:cc:5b:dc:a4:85:8a:ce:4c:89:fa:ea:36:0b:1d:
0a:ed:be:73:cc:1f:f2:38:0d:c0:2f:73:ba:57:63:10:62:02:
3e:59:e4:d8:dc:3d:8e:98:1f:a1:24:46:f2:39:e9:e7:04:d7:
81:9b:60:8d:82:6e:ae:dd:da:20:e7:6f:dc:ee:c1:27:4c:c1:
c8:39:55:29:0b:c1:d8:f7:e1:83:08:7f:50:1f:1f:87:1d:8e:
ad:c5:39:81:80:1e:88:cf:e9:4c:19:db:a0:8a:9c:37:69:b7:
52:68:06:6d:eb:1e:71:d5:e9:33:4c:3a:eb:45:18:33:24:40:
0a:5e:d3:20:2d:e6:46:a4:fb:e2:4c:cc:bb:67:b0:b0:ee:2e:
72:b9:0f:6f:6c:41:1c:13:c8:cd:71:94:5b:4b:01:65:5d:81:
8c:92:3a:b1:63:8a:ad:2e:02:98:90:bf:d8:8b:ab:dc:b7:6d:
72:6b:60:71:5d:e0:a7:5a:2d:fe:c4:fb:73:28:28:da:f7:24:
38:5f:8d:c1:7c:a7:9e:33:44:86:73:91:d4:85:1c:f3:d7:c6:
99:1a:53:0c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVrSkX5N1/AgSjLsu0/iJ9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjEzNDg5ZjI5MGRmNWQ3OTJlODFmMGVjMGVlOWE4NTg4MTRjYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXPkdtRvCKi5eesVpxgrI9PQZJ4z
BIdM8PNCQEWM4uPsndwUiSrwW6ZivzGmIIMo1tGY1Ap1sGW6MesnYoHPC2x+vk+h
E7nyd8mRLDQt1nvrh+qMS6pqkuwDjUDQjPRLuesPn5Y2Pvvq5Gdr6rh5iQgBOvDL
avU8W0V3KRAsIhI3j9iDD+tTAPAbtq1TYaOMjTjVZepCTEBqX0QRqCIn2qRATvvr
lBk2lteq4RmnmaUGZlhlCs6QBsN5D5hnHcRGnLe8lRn+EegykiS75+4PJmRca5d8
zhFdwRay1kGMWZ/00rrNviO+W6zScntCFFHkcKPvTZmikTqdxavPFCw2VQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMsTSJ8pDfXXkugfDsDumoWIFMqpMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEveXhOSW55a045ZGVTNkI4T3dPNmFoWWdVeXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC8SGMD
BAC8SGQwDQYJKoZIhvcNAQELBQADggEBADpCrY/eujs2YlJ3eQP73djK4vREgZgE
8KXGF/hWHaEMd5qoaSkB9XDMW9ykhYrOTIn66jYLHQrtvnPMH/I4DcAvc7pXYxBi
Aj5Z5NjcPY6YH6EkRvI56ecE14GbYI2Cbq7d2iDnb9zuwSdMwcg5VSkLwdj34YMI
f1AfH4cdjq3FOYGAHojP6UwZ26CKnDdpt1JoBm3rHnHV6TNMOutFGDMkQApe0yAt
5kak++JMzLtnsLDuLnK5D29sQRwTyM1xlFtLAWVdgYySOrFjiq0uApiQv9iLq9y3
bXJrYHFd4KdaLf7E+3MoKNr3JDhfjcF8p54zRIZzkdSFHPPXxpkaUww=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org