Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/yvggild5SnoKc4F6r_5TrDvNCgw.roa
File: yvggild5SnoKc4F6r_5TrDvNCgw.roa (raw, json)
Hash identifier: FLVeruIjW0eBhDNZ9AYphFEcH9z7tpu2LYy7YwF1pRo=
Subject key identifier: CA:F8:20:8A:57:79:4A:7A:0A:73:81:7A:AF:FE:53:AC:3B:CD:0A:0C
Certificate issuer: /CN=570a181aa090cb970605a25a7a57d653547f2324
Certificate serial: 01857183047ADD6FF4E03885ECDD902533EF
Authority key identifier: 57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/yvggild5SnoKc4F6r_5TrDvNCgw.roa
Signing time: Mon 02 Jan 2023 08:04:49 +0000
ROA not before: Mon 02 Jan 2023 08:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42976
IP address blocks: 91.220.9.0/24 maxlen: 24
91.194.4.0/23 maxlen: 23
194.165.42.0/24 maxlen: 24
91.216.31.0/24 maxlen: 24
194.5.56.0/22 maxlen: 22
193.104.44.0/24 maxlen: 24
2a0c:c340::/29 maxlen: 29
2a0c:c340::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:04:7a:dd:6f:f4:e0:38:85:ec:dd:90:25:33:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570a181aa090cb970605a25a7a57d653547f2324
Validity
Not Before: Jan 2 08:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf8208a57794a7a0a73817aaffe53ac3bcd0a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ab:cf:e2:e6:4e:ca:c1:30:cc:96:da:50:5a:
77:0b:ad:e8:d1:ba:02:1a:b1:5f:e4:78:c2:67:96:
4f:1c:66:67:f8:45:05:d4:9e:8b:95:11:7e:4a:0a:
63:b5:de:2b:af:44:53:e8:3a:44:da:66:23:18:b9:
0f:84:e1:84:9a:ed:15:dd:11:72:a5:fd:58:38:ec:
d5:77:f2:d3:1f:40:29:94:bd:d2:6c:20:25:6f:fd:
32:35:8a:49:cb:9a:00:3f:51:74:21:b9:f2:4f:6d:
80:47:ef:45:49:14:08:c1:1e:30:33:5a:bf:99:10:
eb:b2:b9:a1:61:3d:50:15:7e:7e:c8:22:1f:22:91:
e5:51:91:8b:40:ef:72:dc:a5:cc:a5:83:5f:61:c8:
20:53:b1:b2:7c:e3:de:b8:91:68:1f:18:e3:18:e7:
75:cf:06:cc:3b:85:6a:d0:74:f0:ee:7f:a5:cc:eb:
0e:40:9e:4c:a5:8b:d3:8f:d0:0f:16:13:13:96:ca:
c2:b1:eb:ad:c3:db:93:ec:be:c8:c0:8c:fc:22:8b:
5b:09:98:4a:c2:02:f2:89:06:1f:4e:48:55:e9:92:
55:ea:6a:46:19:ca:7b:7e:4e:42:a0:32:e3:3e:58:
e4:8a:c8:5d:ef:6f:00:e1:e6:10:4b:a3:df:a9:2d:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F8:20:8A:57:79:4A:7A:0A:73:81:7A:AF:FE:53:AC:3B:CD:0A:0C
X509v3 Authority Key Identifier:
keyid:57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/yvggild5SnoKc4F6r_5TrDvNCgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.4.0/23
91.216.31.0/24
91.220.9.0/24
193.104.44.0/24
194.5.56.0/22
194.165.42.0/24
IPv6:
2a0c:c340::/29
Signature Algorithm: sha256WithRSAEncryption
38:f3:5c:d5:91:0c:dc:2d:19:b4:1d:2f:6f:7b:74:c7:d9:db:
35:2f:2c:f3:0e:25:cc:08:34:e4:60:ed:71:3f:3b:c9:22:99:
ce:d3:55:70:68:4a:54:25:81:fd:34:a6:a7:bd:22:be:71:40:
f0:e3:d7:65:ee:75:0f:3e:74:9b:23:4c:6c:ef:bb:c4:7f:cd:
b1:74:cb:f1:24:0e:a8:bb:3f:20:4d:09:f7:d7:e1:26:97:3f:
bc:5a:75:8a:05:b3:fd:a9:2f:80:a9:39:72:f5:49:e1:f5:07:
26:7d:c4:e8:31:f8:57:cf:a9:9d:f8:7f:c2:71:1d:49:99:6d:
d9:36:fe:b8:6f:c6:0c:d3:c2:a1:7c:24:ef:e8:9a:46:0f:69:
1f:1b:9a:cc:09:39:2d:f7:24:74:00:b5:da:8c:a4:c5:d9:d3:
13:b6:a0:3d:e0:6f:20:78:51:4d:bc:55:40:fd:44:6f:9c:03:
2a:eb:6b:2f:bd:b0:61:9c:4f:c3:97:21:7c:24:50:2b:d7:3d:
17:ca:43:7a:67:88:0c:eb:c7:67:0f:c2:ab:67:8e:b2:6e:9e:
ab:fa:93:9a:81:9e:ae:82:bf:2b:49:48:7a:a1:aa:d7:5a:92:
4d:b3:6e:76:1a:be:13:38:2f:56:e8:5f:6a:b0:ad:47:bf:6a:
4a:49:f3:02
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxgwR63W/04DiF7N2QJTPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGExODFhYTA5MGNiOTcwNjA1YTI1YTdhNTdkNjUzNTQ3
ZjIzMjQwHhcNMjMwMTAyMDgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY4MjA4YTU3Nzk0YTdhMGE3MzgxN2FhZmZlNTNhYzNiY2QwYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6vP4uZOysEwzJbaUFp3C63o0boC
GrFf5HjCZ5ZPHGZn+EUF1J6LlRF+Sgpjtd4rr0RT6DpE2mYjGLkPhOGEmu0V3RFy
pf1YOOzVd/LTH0AplL3SbCAlb/0yNYpJy5oAP1F0IbnyT22AR+9FSRQIwR4wM1q/
mRDrsrmhYT1QFX5+yCIfIpHlUZGLQO9y3KXMpYNfYcggU7GyfOPeuJFoHxjjGOd1
zwbMO4Vq0HTw7n+lzOsOQJ5MpYvTj9APFhMTlsrCseutw9uT7L7IwIz8IotbCZhK
wgLyiQYfTkhV6ZJV6mpGGcp7fk5CoDLjPljkishd728A4eYQS6PfqS2kvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMr4IIpXeUp6CnOBeq/+U6w7zQoMMB8GA1UdIwQY
MBaAFFcKGBqgkMuXBgWiWnpX1lNUfyMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzIt
YTYzNzY1MGM3NGFlLzEveXZnZ2lsZDVTbm9LYzRGNnJfNVRyRHZOQ2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wYzhiMGYtNTM4NC00NTgwLTg5YzItYTYzNzY1MGM3NGFl
LzEvVndvWUdxQ1F5NWNHQmFKYWVsZldVMVJfSXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBW8IEAwQA
W9gfAwQAW9wJAwQAwWgsAwQCwgU4AwQAwqUqMA0EAgACMAcDBQMqDMNAMA0GCSqG
SIb3DQEBCwUAA4IBAQA481zVkQzcLRm0HS9ve3TH2ds1LyzzDiXMCDTkYO1xPzvJ
IpnO01VwaEpUJYH9NKanvSK+cUDw49dl7nUPPnSbI0xs77vEf82xdMvxJA6ouz8g
TQn31+Emlz+8WnWKBbP9qS+AqTly9Unh9QcmfcToMfhXz6md+H/CcR1JmW3ZNv64
b8YM08KhfCTv6JpGD2kfG5rMCTkt9yR0ALXajKTF2dMTtqA94G8geFFNvFVA/URv
nAMq62svvbBhnE/DlyF8JFAr1z0XykN6Z4gM68dnD8KrZ46ybp6r+pOagZ6ugr8r
SUh6oarXWpJNs252Gr4TOC9W6F9qsK1Hv2pKSfMC
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:06 2024 by rpki-client on console-fra.rpki-client.org