Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/y2GTeoO89ipdzxW9OMjU83JdJK8.roa
File: y2GTeoO89ipdzxW9OMjU83JdJK8.roa (raw, json)
Hash identifier: GZhMWwuN64SOZWShgKBEaJiHqw5FJBAS0cQqqhPC1Xk=
Subject key identifier: CB:61:93:7A:83:BC:F6:2A:5D:CF:15:BD:38:C8:D4:F3:72:5D:24:AF
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018571C30439AA6B69EF55B170907F259AAA
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/y2GTeoO89ipdzxW9OMjU83JdJK8.roa
Signing time: Mon 02 Jan 2023 09:14:44 +0000
ROA not before: Mon 02 Jan 2023 09:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.251.213.0/24 maxlen: 24
185.251.212.0/24 maxlen: 24
185.251.215.0/24 maxlen: 24
185.171.107.0/24 maxlen: 24
185.171.106.0/24 maxlen: 24
185.251.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:04:39:aa:6b:69:ef:55:b1:70:90:7f:25:9a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 2 09:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb61937a83bcf62a5dcf15bd38c8d4f3725d24af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:21:75:bc:1f:a1:e0:db:bc:b0:2e:48:39:
18:45:1d:5e:a9:3a:4b:b0:d9:04:3b:6d:e5:e9:a6:
86:52:31:de:78:c7:f9:63:fb:96:b1:2e:4c:9a:dd:
7c:88:ff:a4:4a:84:87:8a:68:0e:48:45:35:4f:6b:
e8:54:64:a5:2d:1b:c9:5b:b3:44:15:cd:01:fd:f2:
cd:47:dc:67:33:6c:07:ff:5f:6f:2c:46:cb:d5:4c:
a6:fa:86:5a:ea:24:4f:ab:5f:a3:ce:86:ad:21:4e:
e4:60:27:23:e6:72:b2:a5:dd:ce:65:8b:89:ca:41:
61:6f:a5:8c:5e:4d:81:08:2a:1e:eb:23:20:f8:74:
44:6d:14:bf:42:39:ae:81:34:f6:92:73:49:cc:d6:
25:33:10:8d:c1:ca:cd:7e:1c:4a:27:21:6e:39:13:
6c:b5:6e:3b:9b:b0:a1:c8:42:c6:32:58:28:ae:ae:
09:30:c2:2f:cf:2c:c7:55:d5:34:70:bd:29:03:a4:
b2:ca:ef:74:70:70:18:8b:03:69:5f:99:20:f8:2f:
8c:0f:e9:bf:11:3a:f8:4a:fa:41:e1:0c:ad:df:ed:
be:49:ea:c9:49:1f:95:c4:6a:52:a0:5f:1c:58:2c:
17:74:e4:1d:5c:c4:bd:05:54:a8:15:11:3f:ef:b1:
c2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:61:93:7A:83:BC:F6:2A:5D:CF:15:BD:38:C8:D4:F3:72:5D:24:AF
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/y2GTeoO89ipdzxW9OMjU83JdJK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.106.0/23
185.251.212.0/22
Signature Algorithm: sha256WithRSAEncryption
41:48:9a:b2:e6:47:f7:c6:54:90:a2:05:82:47:41:b7:ab:fe:
77:6a:0f:e6:93:51:54:a9:1e:82:fa:ce:c1:7f:58:fa:ff:01:
18:d4:70:50:54:e6:13:dd:d5:e0:3d:f4:77:1c:7c:f9:56:79:
69:f7:ef:c4:8e:70:d8:df:44:41:a9:8b:ba:25:93:95:f1:62:
c1:f8:2c:00:ae:67:48:c8:83:14:cf:38:e8:a5:98:19:a2:69:
2e:84:26:6e:1a:5e:17:84:cc:f3:cb:97:fa:6d:99:21:0d:8f:
05:62:83:7e:10:e4:2f:dc:bf:20:0e:de:05:d2:d2:5d:77:c5:
36:a4:90:4b:ab:f3:ea:80:ce:33:8a:3b:80:3a:98:47:8b:98:
05:05:0a:ee:54:de:aa:d7:dc:6e:ef:64:02:b2:e5:31:fc:33:
16:32:a0:a4:29:26:3d:c0:c2:89:d7:94:6b:d0:c8:4e:d7:69:
16:a8:10:18:03:3c:35:95:57:a4:f2:6e:aa:b9:15:b7:fa:5e:
ba:82:53:45:be:9b:74:5e:16:54:05:5f:18:e2:2e:9e:83:a3:
f0:9e:22:d1:a3:e5:41:cd:9b:a6:ba:d1:06:d9:10:55:cf:8b:
40:24:f5:77:87:46:3d:99:4f:a4:8e:93:14:d5:29:62:fe:82:
9e:14:dc:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxwwQ5qmtp71WxcJB/JZqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjMwMTAyMDkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjYxOTM3YTgzYmNmNjJhNWRjZjE1YmQzOGM4ZDRmMzcyNWQyNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhushdbwfoeDbvLAuSDkYRR1eqTpL
sNkEO23l6aaGUjHeeMf5Y/uWsS5Mmt18iP+kSoSHimgOSEU1T2voVGSlLRvJW7NE
Fc0B/fLNR9xnM2wH/19vLEbL1Uym+oZa6iRPq1+jzoatIU7kYCcj5nKypd3OZYuJ
ykFhb6WMXk2BCCoe6yMg+HREbRS/QjmugTT2knNJzNYlMxCNwcrNfhxKJyFuORNs
tW47m7ChyELGMlgorq4JMMIvzyzHVdU0cL0pA6Syyu90cHAYiwNpX5kg+C+MD+m/
ETr4SvpB4Qyt3+2+SerJSR+VxGpSoF8cWCwXdOQdXMS9BVSoFRE/77HCfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMthk3qDvPYqXc8VvTjI1PNyXSSvMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEveTJHVGVvTzg5aXBkenhXOU9NalU4M0pkSks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuatqAwQC
ufvUMA0GCSqGSIb3DQEBCwUAA4IBAQBBSJqy5kf3xlSQogWCR0G3q/53ag/mk1FU
qR6C+s7Bf1j6/wEY1HBQVOYT3dXgPfR3HHz5Vnlp9+/EjnDY30RBqYu6JZOV8WLB
+CwArmdIyIMUzzjopZgZomkuhCZuGl4XhMzzy5f6bZkhDY8FYoN+EOQv3L8gDt4F
0tJdd8U2pJBLq/PqgM4zijuAOphHi5gFBQruVN6q19xu72QCsuUx/DMWMqCkKSY9
wMKJ15Rr0MhO12kWqBAYAzw1lVek8m6quRW3+l66glNFvpt0XhZUBV8Y4i6eg6Pw
niLRo+VBzZumutEG2RBVz4tAJPV3h0Y9mU+kjpMU1Sli/oKeFNxE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:10 2023 by rpki-client on console-fra.rpki-client.org