Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa
File: kYytcuO8Pi1wB633SiOSLhC3W6Q.roa (raw, json)
Hash identifier: oRgUyH5ROuf3+z90+xnBgQbo5KFZjlIeFU98HfF66nI=
Subject key identifier: 91:8C:AD:72:E3:BC:3E:2D:70:07:AD:F7:4A:23:92:2E:10:B7:5B:A4
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0186CB9F23A8EA126835E4E29B0F896A10A8
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa
Signing time: Fri 10 Mar 2023 13:04:09 +0000
ROA not before: Fri 10 Mar 2023 13:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43357
IP address blocks: 92.60.40.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.147.51.0/24 maxlen: 32
45.147.50.0/24 maxlen: 32
194.36.25.0/24 maxlen: 24
185.248.85.0/24 maxlen: 24
185.254.75.0/24 maxlen: 24
185.194.52.0/22 maxlen: 24
2a07:fe00:1::/48 maxlen: 48
2a03:d9c0:3000::/48 maxlen: 48
2a09:7:2007::/48 maxlen: 48
2a0c:59c0:18::/48 maxlen: 48
2a0b:89c1:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cb:9f:23:a8:ea:12:68:35:e4:e2:9b:0f:89:6a:10:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 10 13:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=918cad72e3bc3e2d7007adf74a23922e10b75ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:13:65:ad:1f:4e:93:b1:5a:9b:e1:d0:99:
55:12:6e:bc:09:57:1f:60:c6:19:8e:64:d8:76:54:
2b:d6:d6:18:08:26:c9:02:98:41:9e:56:96:19:54:
6a:57:f3:50:79:f7:d4:7f:05:77:3a:4c:68:42:05:
0a:62:8f:e8:31:37:05:df:0d:a5:39:3b:4b:1b:6f:
69:4e:fe:79:9c:0c:40:47:d5:80:a2:0b:86:ff:82:
02:6f:01:37:33:8a:1d:b1:13:cb:b0:41:ac:82:39:
47:c6:7e:a8:16:88:fa:5b:b6:52:08:03:17:64:40:
99:2b:92:1b:bc:8f:c6:ed:83:f6:6d:6c:6e:9e:49:
d0:dc:1a:0a:04:b5:ac:cb:bd:e9:12:cd:f4:bb:d9:
e7:ec:b0:2d:76:dd:98:63:10:3e:67:a7:b2:d3:c9:
2a:5e:b6:36:05:f1:d5:bd:1e:d2:33:f1:85:c6:09:
70:b8:c5:b7:f2:c1:43:3e:0e:34:03:0b:6b:8c:99:
64:8b:a7:89:5f:fd:d4:a9:8b:a6:82:db:68:df:ef:
0c:ef:eb:69:09:26:58:86:b7:d2:88:37:78:dc:35:
af:35:1a:5c:f0:ef:60:83:3b:61:b8:b4:ff:d7:c2:
0b:00:7d:33:9a:a2:1b:36:90:5f:d2:66:22:78:10:
0d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8C:AD:72:E3:BC:3E:2D:70:07:AD:F7:4A:23:92:2E:10:B7:5B:A4
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/kYytcuO8Pi1wB633SiOSLhC3W6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.20.0/22
45.147.50.0/23
92.60.40.0/24
185.194.52.0/22
185.248.85.0/24
185.254.75.0/24
194.36.25.0/24
IPv6:
2a03:d9c0:3000::/48
2a07:fe00:1::/48
2a09:7:2007::/48
2a0b:89c1:3::/48
2a0c:59c0:18::/48
Signature Algorithm: sha256WithRSAEncryption
82:f8:7b:70:c1:45:73:b4:e4:7a:78:d0:cf:01:46:d6:c3:a0:
77:6e:ef:f6:7a:62:38:b1:0b:01:ea:ae:ac:36:ac:1e:5d:cf:
ab:00:00:29:4f:ef:e8:35:06:c0:b4:f1:7a:b0:62:31:ae:ab:
63:04:9c:0d:d0:90:21:c9:1e:2b:38:26:e1:96:9d:ae:8c:d0:
f1:71:8d:38:e7:58:b7:22:86:35:15:49:02:86:33:9c:bf:9e:
3f:88:04:e8:eb:4c:14:6f:0f:a5:71:6b:b7:5b:6d:79:9d:67:
98:fc:53:37:85:9d:55:b8:0e:1f:88:ed:7f:ae:17:a5:a9:fb:
45:ff:cd:41:71:68:fd:68:3b:36:59:be:fc:59:83:4e:4a:ea:
16:a2:a9:cf:aa:d8:14:64:d7:d8:72:87:83:b5:18:6c:48:fd:
fe:38:48:b4:fe:63:f0:77:06:71:9d:b2:ba:d6:34:95:71:37:
fc:25:0b:09:a0:97:c9:cb:ba:2d:0c:03:5d:5f:66:38:1d:57:
1e:ae:91:e6:fd:db:43:4e:a7:8d:4d:75:65:6c:1c:eb:f6:a5:
c4:7d:31:1c:83:50:76:f8:db:9e:e2:d9:ba:aa:ae:0b:79:92:
d1:09:22:98:a6:4b:3e:96:95:5d:14:09:d3:a0:d9:6e:b5:b0:
7c:4d:df:fd
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYbLnyOo6hJoNeTimw+JahCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMzEwMTMwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThjYWQ3MmUzYmMzZTJkNzAwN2FkZjc0YTIzOTIyZTEwYjc1YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r4TZa0fTpOxWpvh0JlVEm68CVcf
YMYZjmTYdlQr1tYYCCbJAphBnlaWGVRqV/NQeffUfwV3OkxoQgUKYo/oMTcF3w2l
OTtLG29pTv55nAxAR9WAoguG/4ICbwE3M4odsRPLsEGsgjlHxn6oFoj6W7ZSCAMX
ZECZK5IbvI/G7YP2bWxunknQ3BoKBLWsy73pEs30u9nn7LAtdt2YYxA+Z6ey08kq
XrY2BfHVvR7SM/GFxglwuMW38sFDPg40AwtrjJlki6eJX/3UqYumgtto3+8M7+tp
CSZYhrfSiDd43DWvNRpc8O9ggzthuLT/18ILAH0zmqIbNpBf0mYieBANmQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFJGMrXLjvD4tcAet90ojki4Qt1ukMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEva1l5dGN1TzhQaTF3QjYzM1NpT1NMaEMzVzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAwBAIAATAqAwQCLYIUAwQB
LZMyAwQAXDwoAwQCucI0AwQAufhVAwQAuf5LAwQAwiQZMDMEAgACMC0DBwAqA9nA
MAADBwAqB/4AAAEDBwAqCQAHIAcDBwAqC4nBAAMDBwAqDFnAABgwDQYJKoZIhvcN
AQELBQADggEBAIL4e3DBRXO05Hp40M8BRtbDoHdu7/Z6YjixCwHqrqw2rB5dz6sA
AClP7+g1BsC08XqwYjGuq2MEnA3QkCHJHis4JuGWna6M0PFxjTjnWLcihjUVSQKG
M5y/nj+IBOjrTBRvD6Vxa7dbbXmdZ5j8UzeFnVW4Dh+I7X+uF6Wp+0X/zUFxaP1o
OzZZvvxZg05K6haiqc+q2BRk19hyh4O1GGxI/f44SLT+Y/B3BnGdsrrWNJVxN/wl
Cwmgl8nLui0MA11fZjgdVx6ukeb920NOp41NdWVsHOv2pcR9MRyDUHb4257i2bqq
rgt5ktEJIpimSz6WlV0UCdOg2W61sHxN3/0=
-----END CERTIFICATE-----
Generated at Wed Nov 1 09:13:55 2023 by rpki-client on console-fra.rpki-client.org