Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/YQH5-6Q0OWZjnLIqnirPRDfVWlM.roa
File: YQH5-6Q0OWZjnLIqnirPRDfVWlM.roa (raw, json)
Hash identifier: 1n5knU/a3H/o8zv0D77RY2kbb1yarjW7+ZmkiRk15mw=
Subject key identifier: 61:01:F9:FB:A4:34:39:66:63:9C:B2:2A:9E:2A:CF:44:37:D5:5A:53
Certificate issuer: /CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Certificate serial: 018AF932B1D3440AEBAA6C03CE057289CC74
Authority key identifier: 7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/YQH5-6Q0OWZjnLIqnirPRDfVWlM.roa
Signing time: Wed 04 Oct 2023 05:39:23 +0000
ROA not before: Wed 04 Oct 2023 05:39:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35313
IP address blocks: 188.137.255.0/24 maxlen: 24
188.137.200.0/24 maxlen: 24
188.137.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:32:b1:d3:44:0a:eb:aa:6c:03:ce:05:72:89:cc:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df0897eab3eed6e24eddd676e8bf9377fb4480c
Validity
Not Before: Oct 4 05:39:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6101f9fba4343966639cb22a9e2acf4437d55a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:41:c9:65:14:41:be:3b:9e:b8:6d:9d:f3:2b:
36:26:84:8a:9c:02:6d:d2:4f:9f:61:fc:71:8e:38:
62:39:f5:58:d6:24:e8:c6:63:f2:6c:bb:24:af:cf:
b0:6f:9a:e3:d3:19:92:0c:43:55:57:24:08:3a:0e:
b6:2a:19:2d:d0:12:f0:c3:67:af:cc:72:af:89:ef:
7f:39:5a:e0:b2:f4:b0:ed:77:a5:0a:6b:30:a5:64:
c3:92:07:7c:d7:ed:6a:6b:03:d9:ce:69:49:f6:52:
fb:82:54:db:c3:15:26:47:5f:59:01:7b:70:12:40:
54:b1:6c:41:e2:d8:81:6d:8d:58:b4:13:e3:49:45:
59:3c:36:6a:b5:15:e5:52:f9:49:64:35:67:94:3a:
21:8f:ea:ef:99:8d:3d:71:c0:01:c4:fc:be:78:3c:
40:8a:b3:e8:ab:87:94:d7:41:46:a3:a2:92:79:2b:
56:58:11:14:8c:91:0b:44:94:de:6e:35:45:dc:77:
5d:58:9e:0c:4a:d8:b4:78:a0:a3:84:c4:e6:ec:7d:
4e:a8:0e:54:bc:50:00:47:62:95:9e:d2:23:fa:73:
c5:f0:27:e8:c8:6e:83:4d:ab:54:0e:e7:d9:e3:1a:
a4:79:14:94:f3:a6:61:64:08:08:90:06:ae:7b:75:
fc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:01:F9:FB:A4:34:39:66:63:9C:B2:2A:9E:2A:CF:44:37:D5:5A:53
X509v3 Authority Key Identifier:
keyid:7D:F0:89:7E:AB:3E:ED:6E:24:ED:DD:67:6E:8B:F9:37:7F:B4:48:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffCJfqs-7W4k7d1nbov5N3-0SAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/YQH5-6Q0OWZjnLIqnirPRDfVWlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3925e9-65ea-462e-ae28-d2c29dc042e7/1/ffCJfqs-7W4k7d1nbov5N3-0SAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.137.200.0/23
188.137.255.0/24
Signature Algorithm: sha256WithRSAEncryption
13:92:90:35:2d:c8:74:83:c7:25:50:78:29:19:5c:da:fb:3f:
74:7e:f4:32:83:67:89:76:35:be:2a:97:0a:38:4c:b6:40:a5:
e0:29:cf:7b:9d:c4:25:25:60:05:4e:aa:75:51:b2:09:e9:87:
f0:c9:cf:4a:68:d2:21:c8:31:95:23:30:46:e5:56:36:2a:c2:
bc:fa:f9:fa:16:e9:59:1e:b1:c5:f1:17:d3:4f:25:c0:37:16:
61:39:0f:42:f3:58:75:cd:8f:76:71:25:4d:66:53:15:1d:21:
f9:f8:56:46:16:ae:69:cb:40:ac:f5:5b:89:0f:30:77:9e:d8:
4a:f7:98:38:42:48:00:69:a4:bc:69:3b:80:6c:b5:71:19:87:
01:97:21:c2:5d:8d:d4:38:f1:08:da:f2:63:0c:52:e2:48:25:
c0:a0:38:a4:d4:2d:a7:f8:24:67:e0:f4:ae:b3:bf:c6:6d:16:
eb:14:50:9b:53:38:80:e9:63:e1:50:f4:60:3d:ba:fc:85:ae:
d8:e2:66:f3:88:3f:6b:b0:22:7f:18:ae:43:66:56:e7:bf:7d:
cf:19:2f:75:a8:3e:14:fc:53:e9:01:ea:b3:2a:3d:2d:34:5e:
95:b9:91:5c:a4:39:7e:39:83:a3:2c:0e:28:81:b4:a2:f8:cd:
0f:28:b6:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr5MrHTRArrqmwDzgVyicx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjA4OTdlYWIzZWVkNmUyNGVkZGQ2NzZlOGJmOTM3N2Zi
NDQ4MGMwHhcNMjMxMDA0MDUzOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTAxZjlmYmE0MzQzOTY2NjM5Y2IyMmE5ZTJhY2Y0NDM3ZDU1YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUHJZRRBvjueuG2d8ys2JoSKnAJt
0k+fYfxxjjhiOfVY1iToxmPybLskr8+wb5rj0xmSDENVVyQIOg62Khkt0BLww2ev
zHKvie9/OVrgsvSw7XelCmswpWTDkgd81+1qawPZzmlJ9lL7glTbwxUmR19ZAXtw
EkBUsWxB4tiBbY1YtBPjSUVZPDZqtRXlUvlJZDVnlDohj+rvmY09ccABxPy+eDxA
irPoq4eU10FGo6KSeStWWBEUjJELRJTebjVF3HddWJ4MSti0eKCjhMTm7H1OqA5U
vFAAR2KVntIj+nPF8CfoyG6DTatUDufZ4xqkeRSU86ZhZAgIkAaue3X8fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEB+fukNDlmY5yyKp4qz0Q31VpTMB8GA1UdIwQY
MBaAFH3wiX6rPu1uJO3dZ26L+Td/tEgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgt
ZDJjMjlkYzA0MmU3LzEvWVFINS02UTBPV1pqbkxJcW5pclBSRGZWV2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zOTI1ZTktNjVlYS00NjJlLWFlMjgtZDJjMjlkYzA0MmU3
LzEvZmZDSmZxcy03VzRrN2QxbmJvdjVOMy0wU0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvInIAwQA
vIn/MA0GCSqGSIb3DQEBCwUAA4IBAQATkpA1Lch0g8clUHgpGVza+z90fvQyg2eJ
djW+KpcKOEy2QKXgKc97ncQlJWAFTqp1UbIJ6Yfwyc9KaNIhyDGVIzBG5VY2KsK8
+vn6FulZHrHF8RfTTyXANxZhOQ9C81h1zY92cSVNZlMVHSH5+FZGFq5py0Cs9VuJ
DzB3nthK95g4QkgAaaS8aTuAbLVxGYcBlyHCXY3UOPEI2vJjDFLiSCXAoDik1C2n
+CRn4PSus7/GbRbrFFCbUziA6WPhUPRgPbr8ha7Y4mbziD9rsCJ/GK5DZlbnv33P
GS91qD4U/FPpAeqzKj0tNF6VuZFcpDl+OYOjLA4ogbSi+M0PKLak
-----END CERTIFICATE-----
Generated at Wed Oct 4 13:01:19 2023 by rpki-client on console-fra.rpki-client.org