Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b06942-afc8-4336-97ee-aee696f83903/1/YbVgJIBeaTSYbVBz-BtuRGq85OI.roa
File: YbVgJIBeaTSYbVBz-BtuRGq85OI.roa (raw, json)
Hash identifier: nWOYFdxo6Ouo1cDK2nHLHsG6GvLMABfjTVYuqx4/o3Y=
Subject key identifier: 61:B5:60:24:80:5E:69:34:98:6D:50:73:F8:1B:6E:44:6A:BC:E4:E2
Certificate issuer: /CN=39805a05b8d9f0dfc43834c664d624715439f0d5
Certificate serial: 018571278981B8F863C2D3A53E63D7DA6379
Authority key identifier: 39:80:5A:05:B8:D9:F0:DF:C4:38:34:C6:64:D6:24:71:54:39:F0:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OYBaBbjZ8N_EODTGZNYkcVQ58NU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b06942-afc8-4336-97ee-aee696f83903/1/YbVgJIBeaTSYbVBz-BtuRGq85OI.roa
Signing time: Mon 02 Jan 2023 06:24:54 +0000
ROA not before: Mon 02 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49220
IP address blocks: 188.92.128.0/21 maxlen: 21
185.37.136.0/22 maxlen: 22
2001:16f0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:89:81:b8:f8:63:c2:d3:a5:3e:63:d7:da:63:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39805a05b8d9f0dfc43834c664d624715439f0d5
Validity
Not Before: Jan 2 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61b56024805e6934986d5073f81b6e446abce4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:bc:87:aa:78:84:f1:96:0b:ad:a5:49:ef:
38:ba:e8:e4:a5:b7:00:57:43:a6:f8:a2:77:d7:e9:
98:2b:73:4c:14:7b:ac:17:8f:75:3e:4c:72:95:28:
18:a7:3a:0f:ca:39:4d:1b:9d:a6:db:60:b6:d5:a8:
d3:78:92:0f:a6:67:1e:ad:3a:19:36:79:0b:1e:fe:
a4:95:ed:51:e5:6d:46:3b:e7:57:02:9c:f2:0d:a2:
80:df:3a:5a:db:58:d4:4a:8b:39:b6:2b:4c:60:ac:
5b:36:e7:60:37:4c:27:b3:14:7d:b3:f4:16:55:14:
85:03:ea:a6:c9:c2:5b:01:e5:b6:6b:d3:34:e1:ed:
20:81:95:7b:12:1d:3e:c1:85:0a:99:43:de:5e:55:
0b:34:a1:a8:cd:9d:44:02:70:61:ad:bd:7f:0e:68:
20:5f:5c:63:11:f8:32:bf:02:79:d8:a9:0c:d9:e6:
48:6e:f3:2a:dc:b9:25:7d:a8:57:8f:3a:2f:ef:ec:
22:51:66:59:9d:89:4f:11:80:b7:9c:b3:3a:5f:db:
32:f3:fb:77:60:e8:91:19:b1:36:00:e3:00:71:93:
fb:97:9e:b1:cd:fc:82:b7:6f:90:63:fa:89:b3:da:
79:94:cf:2d:7b:ea:d3:a0:a9:77:8b:8e:2a:b3:fa:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B5:60:24:80:5E:69:34:98:6D:50:73:F8:1B:6E:44:6A:BC:E4:E2
X509v3 Authority Key Identifier:
keyid:39:80:5A:05:B8:D9:F0:DF:C4:38:34:C6:64:D6:24:71:54:39:F0:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYBaBbjZ8N_EODTGZNYkcVQ58NU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b06942-afc8-4336-97ee-aee696f83903/1/YbVgJIBeaTSYbVBz-BtuRGq85OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b06942-afc8-4336-97ee-aee696f83903/1/OYBaBbjZ8N_EODTGZNYkcVQ58NU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.136.0/22
188.92.128.0/21
IPv6:
2001:16f0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:e2:46:12:5b:c1:c2:03:84:0d:d8:0f:e1:7e:99:10:b0:de:
a0:e1:75:1e:30:83:43:0b:8d:38:46:60:5b:b5:c9:cc:ef:87:
36:97:f0:17:9a:fd:09:a9:18:ad:c8:c9:26:51:ef:a4:14:cf:
28:ea:43:60:f0:12:bf:2c:23:74:d8:f9:4c:b3:d0:28:2f:5a:
4d:5c:2d:ae:d5:5d:56:45:35:6a:a9:6e:f3:cb:6b:85:b8:2f:
32:eb:6b:53:39:99:2a:b8:58:81:31:46:37:f0:10:e4:f1:21:
fc:5f:87:a4:49:75:00:e8:94:c4:5e:54:2a:d3:c9:5a:f3:ff:
c8:13:f2:3a:50:b3:e5:36:e6:9e:6b:f4:46:08:b8:69:92:9a:
26:58:ba:3d:7d:ac:04:3b:74:bb:95:d4:84:ad:61:10:d0:e4:
4e:cd:a2:7d:c9:88:e3:bd:82:2f:c3:ee:e3:7b:98:88:4f:e3:
71:82:8e:67:1f:4d:07:4c:e8:db:06:ae:e2:20:cc:d1:0f:77:
3c:cc:64:88:08:e7:fa:16:32:f7:c9:13:96:3f:ce:ec:fe:e3:
1c:8a:45:0f:b7:9f:72:fe:ae:bc:3a:47:ec:98:68:73:4c:22:
16:e5:7f:3f:60:4a:95:25:3a:94:79:55:a0:49:3e:82:dc:df:
b6:29:d8:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxJ4mBuPhjwtOlPmPX2mN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODA1YTA1YjhkOWYwZGZjNDM4MzRjNjY0ZDYyNDcxNTQz
OWYwZDUwHhcNMjMwMTAyMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI1NjAyNDgwNWU2OTM0OTg2ZDUwNzNmODFiNmU0NDZhYmNlNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsly8h6p4hPGWC62lSe84uujkpbcA
V0Om+KJ31+mYK3NMFHusF491PkxylSgYpzoPyjlNG52m22C21ajTeJIPpmcerToZ
NnkLHv6kle1R5W1GO+dXApzyDaKA3zpa21jUSos5titMYKxbNudgN0wnsxR9s/QW
VRSFA+qmycJbAeW2a9M04e0ggZV7Eh0+wYUKmUPeXlULNKGozZ1EAnBhrb1/Dmgg
X1xjEfgyvwJ52KkM2eZIbvMq3LklfahXjzov7+wiUWZZnYlPEYC3nLM6X9sy8/t3
YOiRGbE2AOMAcZP7l56xzfyCt2+QY/qJs9p5lM8te+rToKl3i44qs/pTKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGG1YCSAXmk0mG1Qc/gbbkRqvOTiMB8GA1UdIwQY
MBaAFDmAWgW42fDfxDg0xmTWJHFUOfDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lCYUJialo4Tl9FT0RUR1pOWWtjVlE1OE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMDY5NDItYWZjOC00MzM2LTk3ZWUt
YWVlNjk2ZjgzOTAzLzEvWWJWZ0pJQmVhVFNZYlZCei1CdHVSR3E4NU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMDY5NDItYWZjOC00MzM2LTk3ZWUtYWVlNjk2ZjgzOTAz
LzEvT1lCYUJialo4Tl9FT0RUR1pOWWtjVlE1OE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSWIAwQD
vFyAMA0EAgACMAcDBQAgARbwMA0GCSqGSIb3DQEBCwUAA4IBAQCf4kYSW8HCA4QN
2A/hfpkQsN6g4XUeMINDC404RmBbtcnM74c2l/AXmv0JqRityMkmUe+kFM8o6kNg
8BK/LCN02PlMs9AoL1pNXC2u1V1WRTVqqW7zy2uFuC8y62tTOZkquFiBMUY38BDk
8SH8X4ekSXUA6JTEXlQq08la8//IE/I6ULPlNuaea/RGCLhpkpomWLo9fawEO3S7
ldSErWEQ0OROzaJ9yYjjvYIvw+7je5iIT+Nxgo5nH00HTOjbBq7iIMzRD3c8zGSI
COf6FjL3yROWP87s/uMcikUPt59y/q68OkfsmGhzTCIW5X8/YEqVJTqUeVWgST6C
3N+2Kdis
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:27 2024 by rpki-client on console-ams.rpki-client.org