Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yjsG3UsNYeWOOJbG5mUzVihbdo0.roa
File: yjsG3UsNYeWOOJbG5mUzVihbdo0.roa (raw, json)
Hash identifier: UiYKkxmNJmv76I6YUHT4pLVYweVFof3O1RFHGSGsO5Q=
Subject key identifier: CA:3B:06:DD:4B:0D:61:E5:8E:38:96:C6:E6:65:33:56:28:5B:76:8D
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 01857371822642DB43AF5219833FFF03A90D
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yjsG3UsNYeWOOJbG5mUzVihbdo0.roa
Signing time: Mon 02 Jan 2023 17:04:56 +0000
ROA not before: Mon 02 Jan 2023 17:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20943
IP address blocks: 194.58.206.0/24 maxlen: 24
2a01:3f7:6::/48 maxlen: 48
2001:67c:2558::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:82:26:42:db:43:af:52:19:83:3f:ff:03:a9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 2 17:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca3b06dd4b0d61e58e3896c6e6653356285b768d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ee:40:37:a0:4c:31:cd:89:81:c5:1e:9a:3a:
8c:49:79:18:35:9f:9c:de:a6:06:1d:13:46:52:cf:
5f:18:7a:90:1a:15:52:f7:43:b0:d2:86:b2:80:06:
7c:5d:d3:f0:61:c0:31:1c:13:8f:b7:a9:b4:25:b0:
31:4d:a2:5a:1f:a8:b4:de:91:80:73:34:bf:c0:fb:
a9:fe:89:7b:9b:89:18:d1:44:87:49:46:bc:d9:16:
15:28:8f:37:4a:3a:03:17:ad:11:88:07:f6:6d:ef:
66:fd:56:6e:a1:b7:44:63:d3:c5:f2:0f:b0:4c:9a:
4e:08:1e:6a:f7:d6:9c:6d:52:c5:a4:a0:18:b1:58:
c5:e9:b6:8e:fc:68:af:39:ae:e5:f9:f5:f1:a5:fc:
4f:47:91:86:ba:50:ad:ef:4b:c9:f3:d4:50:3f:c2:
d4:62:11:f4:03:a8:d2:f3:02:d5:29:53:5c:3a:c0:
ba:6c:d5:a9:51:d9:3f:a4:36:b6:6b:a0:f4:e8:65:
3d:7d:04:86:0a:b2:1c:bf:ef:d8:93:12:a7:aa:52:
88:b1:1b:45:25:2d:c7:9d:50:b6:3e:d9:fe:7a:99:
af:df:55:91:d1:78:03:77:40:66:f8:0c:5d:27:4d:
e9:2b:55:11:1f:b7:1b:55:bb:f1:25:86:54:76:7b:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:3B:06:DD:4B:0D:61:E5:8E:38:96:C6:E6:65:33:56:28:5B:76:8D
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/yjsG3UsNYeWOOJbG5mUzVihbdo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.206.0/24
IPv6:
2001:67c:2558::/48
2a01:3f7:6::/48
Signature Algorithm: sha256WithRSAEncryption
7a:22:1f:cb:4c:70:ae:df:ae:c2:34:05:a3:fc:2c:b7:ce:cd:
5a:a0:d9:c7:93:cc:f5:68:ea:2c:38:3c:24:61:b7:86:7f:a5:
52:5f:c8:11:41:3c:cf:e0:e6:bc:94:c8:97:7b:da:f0:2f:ec:
7c:a8:1a:ce:fe:71:05:aa:a7:e3:ed:ea:7c:00:47:92:8c:95:
f5:5a:41:78:18:9e:d3:4f:7c:6e:6b:a8:1b:32:7c:d1:01:45:
ea:46:87:35:3a:24:00:e8:8b:36:65:0c:02:7a:38:14:38:25:
d0:fe:a3:fb:05:23:69:78:ba:f7:ed:65:f0:f2:a0:4b:f1:cd:
9d:0e:21:ed:21:72:ae:fa:ee:c5:22:c3:ad:2f:45:ca:29:e3:
9d:0a:77:2b:65:d3:50:65:f8:fc:a6:88:bc:a6:3a:4f:4c:20:
ec:4b:8a:4f:e0:2a:ec:f7:a8:5b:05:78:47:b3:0d:2e:f8:c5:
c0:3e:4d:c3:15:0f:0a:bc:14:05:ae:34:e3:b3:6f:ed:dc:2a:
61:7d:6f:ff:1b:69:a5:d5:55:66:5b:a0:56:cb:44:ea:9e:94:
3d:49:84:15:e7:a4:00:ec:ec:e9:d0:db:11:d3:d5:ac:1b:38:
a7:8a:46:f4:62:ae:e0:c1:0c:9e:c8:6e:e4:e5:d6:9f:b2:81:
f1:7f:e3:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzcYImQttDr1IZgz//A6kNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTNiMDZkZDRiMGQ2MWU1OGUzODk2YzZlNjY1MzM1NjI4NWI3NjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO5AN6BMMc2JgcUemjqMSXkYNZ+c
3qYGHRNGUs9fGHqQGhVS90Ow0oaygAZ8XdPwYcAxHBOPt6m0JbAxTaJaH6i03pGA
czS/wPup/ol7m4kY0USHSUa82RYVKI83SjoDF60RiAf2be9m/VZuobdEY9PF8g+w
TJpOCB5q99acbVLFpKAYsVjF6baO/GivOa7l+fXxpfxPR5GGulCt70vJ89RQP8LU
YhH0A6jS8wLVKVNcOsC6bNWpUdk/pDa2a6D06GU9fQSGCrIcv+/YkxKnqlKIsRtF
JS3HnVC2Ptn+epmv31WR0XgDd0Bm+AxdJ03pK1URH7cbVbvxJYZUdntcCwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMo7Bt1LDWHljjiWxuZlM1YoW3aNMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEveWpzRzNVc05ZZVdPT0piRzVtVXpWaWhiZG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwjrOMBgE
AgACMBIDBwAgAQZ8JVgDBwAqAQP3AAYwDQYJKoZIhvcNAQELBQADggEBAHoiH8tM
cK7frsI0BaP8LLfOzVqg2ceTzPVo6iw4PCRht4Z/pVJfyBFBPM/g5ryUyJd72vAv
7HyoGs7+cQWqp+Pt6nwAR5KMlfVaQXgYntNPfG5rqBsyfNEBRepGhzU6JADoizZl
DAJ6OBQ4JdD+o/sFI2l4uvftZfDyoEvxzZ0OIe0hcq767sUiw60vRcop450Kdytl
01Bl+PymiLymOk9MIOxLik/gKuz3qFsFeEezDS74xcA+TcMVDwq8FAWuNOOzb+3c
KmF9b/8baaXVVWZboFbLROqelD1JhBXnpADs7OnQ2xHT1awbOKeKRvRiruDBDJ7I
buTl1p+ygfF/44s=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:31 2024 by rpki-client on console-ams.rpki-client.org