Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/yUuW766XCEAq_nG_mdXaKsPa0xY.roa
File: yUuW766XCEAq_nG_mdXaKsPa0xY.roa (raw, json)
Hash identifier: 9v6YruxRgmGRnq4scTNj1Iv6wrlctvKSp32CZBDEejY=
Subject key identifier: C9:4B:96:EF:AE:97:08:40:2A:FE:71:BF:99:D5:DA:2A:C3:DA:D3:16
Certificate issuer: /CN=09f93d62beb75bb4232dcd052d270276d36f8573
Certificate serial: 01856BDC77AF30C1E811FBF368C4EA3C3E30
Authority key identifier: 09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/yUuW766XCEAq_nG_mdXaKsPa0xY.roa
Signing time: Sun 01 Jan 2023 05:44:48 +0000
ROA not before: Sun 01 Jan 2023 05:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20860
IP address blocks: 185.141.192.0/24 maxlen: 24
185.141.195.0/24 maxlen: 24
2a04:ac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 Mar 2023 04:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:77:af:30:c1:e8:11:fb:f3:68:c4:ea:3c:3e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f93d62beb75bb4232dcd052d270276d36f8573
Validity
Not Before: Jan 1 05:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c94b96efae9708402afe71bf99d5da2ac3dad316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:5f:1c:e4:35:88:9c:e2:9b:81:0b:d6:04:
d5:1b:5a:1a:32:97:24:d0:75:cc:41:55:f5:5b:09:
5f:b2:ab:00:b4:14:a3:b7:2b:e2:c6:c6:25:a4:ce:
bd:a1:15:e0:21:98:a5:e2:25:3e:8a:ff:75:50:ca:
28:72:2e:bf:1f:a3:3d:ff:23:9c:53:e2:fd:0c:a6:
7c:95:58:f5:8e:07:fd:4f:f7:dd:8f:4b:c5:db:c1:
c9:1b:a9:fe:c7:b8:49:02:e7:c6:97:2a:64:2a:e6:
cf:23:19:f1:5f:83:8a:70:67:98:ad:c7:83:a2:06:
79:e8:86:2e:d3:8f:13:0d:c3:4e:be:d8:cf:2c:27:
08:1b:f4:4f:87:a6:35:09:68:e3:af:79:97:9d:1d:
df:f0:5d:96:cc:5e:a5:39:83:f8:34:ca:7c:f2:d7:
6d:7c:08:ab:65:7f:68:48:62:26:34:f9:81:30:a0:
44:36:37:e5:fe:dc:ff:d3:76:ee:84:75:2a:dc:1d:
80:5a:f3:10:bf:50:ff:b9:7b:c4:96:e7:63:44:64:
bc:2c:b4:0e:f5:6f:70:43:6f:e3:91:6a:eb:75:f5:
16:d2:9d:e9:b2:96:6e:f2:43:d9:d9:8f:8e:29:a4:
03:0b:11:d7:64:09:34:3d:dc:06:c0:95:92:c9:ff:
5d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4B:96:EF:AE:97:08:40:2A:FE:71:BF:99:D5:DA:2A:C3:DA:D3:16
X509v3 Authority Key Identifier:
keyid:09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/yUuW766XCEAq_nG_mdXaKsPa0xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/Cfk9Yr63W7QjLc0FLScCdtNvhXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.192.0/24
185.141.195.0/24
IPv6:
2a04:ac0:1::/48
Signature Algorithm: sha256WithRSAEncryption
21:d0:2f:3c:d0:69:76:d1:8a:38:25:9b:49:29:cd:93:c6:12:
1b:8d:b4:71:66:89:57:55:6a:30:3e:2e:db:7a:d8:51:72:99:
a1:a3:60:04:98:79:56:59:8e:15:24:f7:56:67:de:c2:57:2d:
2a:b1:77:ce:c7:16:e1:67:5b:1f:71:29:a3:67:6f:89:08:2d:
fb:f7:05:2d:63:e0:94:02:d4:95:af:3d:6a:2e:ea:3b:25:a6:
c5:0e:6e:6c:a5:74:15:3d:d7:ba:cd:fc:44:71:db:3a:31:d7:
3a:90:88:b9:58:78:2c:7d:34:4d:42:77:64:71:ad:ca:50:13:
75:53:87:b9:80:af:58:d2:1c:83:c1:ef:ee:56:43:50:aa:08:
dd:56:5e:e2:d4:dc:6b:62:da:ce:b1:8a:14:1f:30:33:d6:a7:
66:7e:c1:d5:26:16:ff:7a:91:d5:e9:07:d8:31:b0:f4:cd:96:
60:0a:09:36:33:9d:47:f5:5b:20:e9:41:fd:43:0f:09:88:3f:
fc:2c:54:d8:fb:db:9f:17:2d:80:31:7b:ae:1d:63:a0:32:93:
de:3d:6a:d2:fb:bb:a7:5e:15:40:0a:d5:5c:6c:8b:d4:71:57:
b0:ae:fb:23:d7:cb:61:0f:06:d0:77:00:4f:ac:5f:3a:3c:77:
14:7a:09:71
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVr3HevMMHoEfvzaMTqPD4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjkzZDYyYmViNzViYjQyMzJkY2QwNTJkMjcwMjc2ZDM2
Zjg1NzMwHhcNMjMwMTAxMDU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRiOTZlZmFlOTcwODQwMmFmZTcxYmY5OWQ1ZGEyYWMzZGFkMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZhfHOQ1iJzim4EL1gTVG1oaMpck
0HXMQVX1WwlfsqsAtBSjtyvixsYlpM69oRXgIZil4iU+iv91UMooci6/H6M9/yOc
U+L9DKZ8lVj1jgf9T/fdj0vF28HJG6n+x7hJAufGlypkKubPIxnxX4OKcGeYrceD
ogZ56IYu048TDcNOvtjPLCcIG/RPh6Y1CWjjr3mXnR3f8F2WzF6lOYP4NMp88tdt
fAirZX9oSGImNPmBMKBENjfl/tz/03buhHUq3B2AWvMQv1D/uXvEludjRGS8LLQO
9W9wQ2/jkWrrdfUW0p3pspZu8kPZ2Y+OKaQDCxHXZAk0PdwGwJWSyf9dJwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMlLlu+ulwhAKv5xv5nV2irD2tMWMB8GA1UdIwQY
MBaAFAn5PWK+t1u0Iy3NBS0nAnbTb4VzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgt
YmYzNGQwMWY4YjBhLzEveVV1Vzc2NlhDRUFxX25HX21kWGFLc1BhMHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgtYmYzNGQwMWY4YjBh
LzEvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuY3AAwQA
uY3DMA8EAgACMAkDBwAqBArAAAEwDQYJKoZIhvcNAQELBQADggEBACHQLzzQaXbR
ijglm0kpzZPGEhuNtHFmiVdVajA+Ltt62FFymaGjYASYeVZZjhUk91Zn3sJXLSqx
d87HFuFnWx9xKaNnb4kILfv3BS1j4JQC1JWvPWou6jslpsUObmyldBU917rN/ERx
2zox1zqQiLlYeCx9NE1Cd2RxrcpQE3VTh7mAr1jSHIPB7+5WQ1CqCN1WXuLU3Gti
2s6xihQfMDPWp2Z+wdUmFv96kdXpB9gxsPTNlmAKCTYznUf1WyDpQf1DDwmIP/ws
VNj7258XLYAxe64dY6Ayk949atL7u6deFUAK1Vxsi9RxV7Cu+yPXy2EPBtB3AE+s
Xzo8dxR6CXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org