Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/lyqFoYFNlauuQTaYw5ptjhuKVDw.roa
File: lyqFoYFNlauuQTaYw5ptjhuKVDw.roa (raw, json)
Hash identifier: KryzbRUs0tvb/DXgxi94/BTqeQk/TkBSp/VZSIBlOY0=
Subject key identifier: 97:2A:85:A1:81:4D:95:AB:AE:41:36:98:C3:9A:6D:8E:1B:8A:54:3C
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0189AFF1286D9D44D86763B538C0D500D057
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/lyqFoYFNlauuQTaYw5ptjhuKVDw.roa
Signing time: Tue 01 Aug 2023 07:12:44 +0000
ROA not before: Tue 01 Aug 2023 07:12:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59613
IP address blocks: 195.234.112.0/24 maxlen: 24
185.158.208.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
2a02:2278:fffd::/48 maxlen: 48
2a02:2278:ff00::/40 maxlen: 40
2a02:2278:fffe::/48 maxlen: 48
2a02:2278:fffc::/48 maxlen: 48
2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:af:f1:28:6d:9d:44:d8:67:63:b5:38:c0:d5:00:d0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Aug 1 07:12:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972a85a1814d95abae413698c39a6d8e1b8a543c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:50:88:2e:9d:5f:86:fc:82:48:bb:79:47:73:
49:e0:dd:32:a5:f0:44:77:85:f8:1f:2d:ba:e5:7b:
ab:6b:34:e5:09:08:9e:99:04:9e:ed:bb:c1:37:10:
e8:a7:f5:8b:5c:34:b2:d7:fa:d9:dd:ed:97:a1:8f:
0f:0a:97:bf:fe:2c:c7:62:68:f5:64:1c:40:20:5e:
80:f4:02:82:e4:82:00:c2:d7:3d:57:90:88:49:9c:
66:0c:2e:65:67:80:e6:9e:cd:7d:94:2e:a3:4c:13:
f7:68:32:3e:f9:ec:d5:58:fe:d1:1b:1d:d3:71:24:
df:b1:d7:a2:5d:6d:00:a8:a0:35:9f:81:4e:e1:c9:
08:b1:ed:18:98:70:ce:7b:4e:cd:dc:c6:76:1e:09:
61:73:21:4c:a8:88:65:fe:e5:af:fa:96:f9:70:58:
28:60:e5:f6:55:d8:1c:d8:5e:87:6f:ac:c9:cb:ec:
50:03:8c:4b:95:bc:79:dd:fc:77:09:d1:67:bf:31:
5c:73:17:de:5e:cf:ac:d2:e2:8e:00:70:40:15:00:
5e:7b:5a:42:9a:35:97:38:f2:97:fa:0b:b4:40:bc:
5f:12:1b:f2:da:f5:d0:44:8f:5e:61:b9:da:33:92:
4f:88:55:09:33:78:3c:aa:33:6b:00:ef:e0:16:11:
61:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2A:85:A1:81:4D:95:AB:AE:41:36:98:C3:9A:6D:8E:1B:8A:54:3C
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/lyqFoYFNlauuQTaYw5ptjhuKVDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/24
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
72:3e:1a:20:7c:b0:3c:ce:d5:37:ca:2f:5a:58:57:76:4c:3e:
2a:63:9f:90:dd:9b:32:df:00:92:e8:e1:97:93:3b:40:29:eb:
dd:90:c8:bf:53:60:7f:6b:e0:87:98:2d:55:07:eb:b2:e8:57:
97:9c:7e:f5:b6:4c:32:8a:09:fa:44:84:ff:22:89:b1:54:df:
ad:f9:4f:73:b9:12:a5:0c:8a:19:31:a3:74:7c:7c:30:26:7a:
48:81:20:48:f7:0f:ec:32:9e:4f:fc:fa:63:8f:1b:7b:a3:67:
c6:4b:8c:e4:29:fb:61:1b:60:12:ce:5b:1a:a5:23:54:83:bd:
ac:f7:66:2a:06:3f:59:67:e6:e3:e7:36:c0:5c:d2:62:7a:bc:
db:77:e6:9c:a6:74:cc:96:f1:42:49:68:f1:12:16:e6:ac:f6:
d2:e8:f6:9e:64:e9:5a:24:00:af:07:cd:6c:5d:10:35:61:27:
49:74:1c:b3:13:44:47:c7:81:8d:0c:24:55:a5:4c:38:8d:60:
d3:e2:3b:57:2b:4f:4c:52:bd:3c:ec:76:24:ac:8a:19:55:ab:
b2:a5:cd:a7:e4:dd:f0:cb:83:f2:60:c1:89:82:76:4e:00:20:
5f:90:47:20:21:d7:e9:cf:03:82:b0:3c:e7:1c:e8:9e:6b:db:
8d:c2:ab:38
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYmv8ShtnUTYZ2O1OMDVANBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwODAxMDcxMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJhODVhMTgxNGQ5NWFiYWU0MTM2OThjMzlhNmQ4ZTFiOGE1NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFCILp1fhvyCSLt5R3NJ4N0ypfBE
d4X4Hy265XurazTlCQiemQSe7bvBNxDop/WLXDSy1/rZ3e2XoY8PCpe//izHYmj1
ZBxAIF6A9AKC5IIAwtc9V5CISZxmDC5lZ4Dmns19lC6jTBP3aDI++ezVWP7RGx3T
cSTfsdeiXW0AqKA1n4FO4ckIse0YmHDOe07N3MZ2HglhcyFMqIhl/uWv+pb5cFgo
YOX2Vdgc2F6Hb6zJy+xQA4xLlbx53fx3CdFnvzFccxfeXs+s0uKOAHBAFQBee1pC
mjWXOPKX+gu0QLxfEhvy2vXQRI9eYbnaM5JPiFUJM3g8qjNrAO/gFhFhhwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJcqhaGBTZWrrkE2mMOabY4bilQ8MB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvbHlxRm9ZRk5sYXV1UVRhWXc1cHRqaHVLVkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQA
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAcj4aIHywPM7V
N8ovWlhXdkw+KmOfkN2bMt8Akujhl5M7QCnr3ZDIv1Ngf2vgh5gtVQfrsuhXl5x+
9bZMMooJ+kSE/yKJsVTfrflPc7kSpQyKGTGjdHx8MCZ6SIEgSPcP7DKeT/z6Y48b
e6NnxkuM5Cn7YRtgEs5bGqUjVIO9rPdmKgY/WWfm4+c2wFzSYnq823fmnKZ0zJbx
Qklo8RIW5qz20uj2nmTpWiQArwfNbF0QNWEnSXQcsxNER8eBjQwkVaVMOI1g0+I7
VytPTFK9POx2JKyKGVWrsqXNp+Td8MuD8mDBiYJ2TgAgX5BHICHX6c8DgrA85xzo
nmvbjcKrOA==
Generated at Tue Aug 8 07:01:56 2023 by rpki-client on console-ams.rpki-client.org