Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/yqk4DY0V-nYJhqMhEanGo9nMz_I.roa
File: yqk4DY0V-nYJhqMhEanGo9nMz_I.roa (raw, json)
Hash identifier: Zd9OU8jbyyUOnihZfWA9vuOSoEhCPNIKkW+CRQeO+88=
Subject key identifier: CA:A9:38:0D:8D:15:FA:76:09:86:A3:21:11:A9:C6:A3:D9:CC:CF:F2
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 01856EB90941C4353832EF51BA85881BE377
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/yqk4DY0V-nYJhqMhEanGo9nMz_I.roa
Signing time: Sun 01 Jan 2023 19:04:58 +0000
ROA not before: Sun 01 Jan 2023 19:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60011
IP address blocks: 185.101.97.0/24 maxlen: 24
185.101.98.0/24 maxlen: 24
185.101.99.0/24 maxlen: 24
2a06:1c80::/32 maxlen: 48
2a06:1c80::/31 maxlen: 32
2a04:ad80:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:09:41:c4:35:38:32:ef:51:ba:85:88:1b:e3:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 1 19:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caa9380d8d15fa760986a32111a9c6a3d9cccff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:03:7d:89:cb:c1:c4:e9:75:c7:1d:96:e1:89:
cd:32:8a:cc:bb:92:e7:45:17:7b:61:ff:00:5a:4f:
d9:97:d1:73:1c:87:2b:7a:24:c4:8b:39:a5:ed:04:
e5:e2:17:77:c4:a5:3e:6e:5a:8b:5f:63:c6:68:e0:
79:e9:69:ca:aa:c7:91:07:09:02:96:f1:da:52:42:
b1:b3:e3:1f:b7:4a:9f:a7:1c:14:30:7e:ec:d4:e0:
d0:b0:c4:ae:45:51:0d:fd:e6:2a:8d:78:b6:8f:34:
13:a0:d7:0d:31:3d:d1:26:12:a8:92:cb:05:e0:c5:
b7:c0:a7:01:28:cf:7d:0a:95:e0:a6:f0:d4:cf:95:
ff:db:54:1d:65:aa:1c:59:c3:3a:48:06:45:32:77:
a1:22:e6:84:b2:43:28:e5:f8:3a:50:ea:a2:e9:f0:
07:bf:0c:81:8d:2b:5d:b1:60:1b:bd:15:ab:7e:5d:
9a:b4:78:1d:31:61:94:61:32:0a:64:cb:27:f5:53:
01:ee:91:a3:f9:97:23:1a:d8:6c:95:80:e3:5e:65:
4f:64:5b:d9:01:18:fb:51:01:46:5c:d5:d0:f9:23:
b9:4a:47:15:45:fe:dd:80:b0:1b:ff:e4:c1:22:86:
d4:1b:ec:6f:c9:6e:c6:f6:f5:d8:6b:49:31:87:35:
c0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A9:38:0D:8D:15:FA:76:09:86:A3:21:11:A9:C6:A3:D9:CC:CF:F2
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/yqk4DY0V-nYJhqMhEanGo9nMz_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.97.0-185.101.99.255
IPv6:
2a04:ad80:2::/48
2a06:1c80::/31
Signature Algorithm: sha256WithRSAEncryption
a5:2e:a2:80:fb:12:70:cc:f8:5f:60:36:db:b3:cc:7c:4a:54:
e9:56:1e:3b:d7:72:10:f6:37:14:e1:42:a2:72:73:33:63:90:
95:86:67:0b:ee:37:7d:ab:e5:64:25:ee:a0:48:5d:3c:52:5e:
13:ed:e4:64:37:7f:40:73:5b:cb:e3:ee:2c:10:05:67:c1:36:
30:7b:90:37:5b:7d:e9:03:8c:ac:e0:a5:7a:5e:b4:1e:bb:70:
fd:d7:a4:a5:24:44:64:7a:15:c7:34:f7:24:61:90:26:ea:07:
56:c4:8e:55:95:45:47:1f:e8:77:84:33:27:b9:9d:7f:35:9b:
a4:51:b6:43:ce:8f:ce:bf:d9:bb:4e:99:d9:a9:43:3a:70:50:
4a:f9:17:d5:ee:4e:9e:bd:4a:ca:fb:5a:6e:e4:bf:89:54:a2:
ef:c9:4b:15:6d:be:1d:f0:63:4c:ef:5e:45:3b:d1:44:d3:60:
bd:2d:25:c0:4d:ba:68:4e:f7:d1:a2:75:06:de:28:b3:02:d5:
f2:92:a8:32:c6:3e:27:e8:a2:e6:33:1c:73:09:09:85:14:c0:
4d:2a:d9:ef:18:ab:9a:4b:f2:f4:21:3b:65:5a:a0:b2:17:e4:
89:44:3e:e6:29:ee:8a:59:24:d0:66:5d:15:d0:2c:73:ab:9c:
38:ec:8f:b0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVuuQlBxDU4Mu9RuoWIG+N3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjMwMTAxMTkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE5MzgwZDhkMTVmYTc2MDk4NmEzMjExMWE5YzZhM2Q5Y2NjZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQN9icvBxOl1xx2W4YnNMorMu5Ln
RRd7Yf8AWk/Zl9FzHIcreiTEizml7QTl4hd3xKU+blqLX2PGaOB56WnKqseRBwkC
lvHaUkKxs+Mft0qfpxwUMH7s1ODQsMSuRVEN/eYqjXi2jzQToNcNMT3RJhKokssF
4MW3wKcBKM99CpXgpvDUz5X/21QdZaocWcM6SAZFMnehIuaEskMo5fg6UOqi6fAH
vwyBjStdsWAbvRWrfl2atHgdMWGUYTIKZMsn9VMB7pGj+ZcjGthslYDjXmVPZFvZ
ARj7UQFGXNXQ+SO5SkcVRf7dgLAb/+TBIobUG+xvyW7G9vXYa0kxhzXAPQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMqpOA2NFfp2CYajIRGpxqPZzM/yMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL3lxazREWTBWLW5ZSmhxTWhFYW5HbzluTXpfSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEALll
YQMEArllYDAWBAIAAjAQAwcAKgStgAACAwUBKgYcgDANBgkqhkiG9w0BAQsFAAOC
AQEApS6igPsScMz4X2A227PMfEpU6VYeO9dyEPY3FOFConJzM2OQlYZnC+43favl
ZCXuoEhdPFJeE+3kZDd/QHNby+PuLBAFZ8E2MHuQN1t96QOMrOClel60Hrtw/dek
pSREZHoVxzT3JGGQJuoHVsSOVZVFRx/od4QzJ7mdfzWbpFG2Q86Pzr/Zu06Z2alD
OnBQSvkX1e5Onr1KyvtabuS/iVSi78lLFW2+HfBjTO9eRTvRRNNgvS0lwE26aE73
0aJ1Bt4oswLV8pKoMsY+J+ii5jMccwkJhRTATSrZ7xirmkvy9CE7ZVqgshfkiUQ+
5inuilkk0GZdFdAsc6ucOOyPsA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:46 2024 by rpki-client on console-ams.rpki-client.org