Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yAA5TEez943D8Y7GHliwI-knhNs.roa
File: yAA5TEez943D8Y7GHliwI-knhNs.roa (raw, json)
Hash identifier: Oan0aTYdXK2Cetpush449ik/M12jQdulsc7SrepNcKU=
Subject key identifier: C8:00:39:4C:47:B3:F7:8D:C3:F1:8E:C6:1E:58:B0:23:E9:27:84:DB
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01856D5CF27E6D0365E819D709C7373324E7
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yAA5TEez943D8Y7GHliwI-knhNs.roa
Signing time: Sun 01 Jan 2023 12:44:45 +0000
ROA not before: Sun 01 Jan 2023 12:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48635
IP address blocks: 185.69.232.0/22 maxlen: 22
185.84.72.0/22 maxlen: 22
185.105.204.0/22 maxlen: 22
185.105.216.0/22 maxlen: 22
2a05:a280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f2:7e:6d:03:65:e8:19:d7:09:c7:37:33:24:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 12:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c800394c47b3f78dc3f18ec61e58b023e92784db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:8b:29:be:c1:e2:e9:a1:3c:59:92:81:ff:
2a:fe:81:cc:9f:be:05:d9:11:fc:05:9d:1b:f1:d6:
f9:69:42:93:7c:9f:81:5d:e7:09:d1:69:7e:4a:9c:
e4:51:84:f4:ac:03:66:e4:06:a7:30:9d:34:39:aa:
75:bb:07:fa:bf:15:be:1f:3e:23:1f:10:67:cc:ae:
a6:8a:e1:18:d3:f6:cb:ab:b7:e6:9b:45:39:0a:44:
bd:52:4e:fe:9a:19:a7:97:49:81:ea:7a:e0:15:16:
eb:e3:82:18:74:68:ea:e7:d8:c3:96:84:2f:77:08:
c2:61:56:1e:2e:f5:81:ef:19:56:1c:5e:a7:ef:70:
48:24:df:5d:36:7a:e3:1a:2a:9d:64:12:c7:c6:91:
0d:ca:8e:8d:c2:18:ea:02:ec:cf:ef:bd:20:54:1d:
fe:64:98:9b:48:1f:df:f8:6a:59:3e:ec:1d:9a:f1:
f2:7b:5f:72:2c:f5:3a:ed:b5:a2:c8:22:3d:fc:27:
11:1d:c6:b6:ec:14:d3:e8:53:49:05:51:17:26:92:
96:60:67:a5:c8:30:fe:95:04:b2:ba:76:9e:50:5a:
49:71:8a:66:24:31:f8:cc:47:22:64:35:75:5e:41:
49:9f:0c:4f:b1:57:87:72:ad:f7:07:59:7d:fc:06:
ac:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:00:39:4C:47:B3:F7:8D:C3:F1:8E:C6:1E:58:B0:23:E9:27:84:DB
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yAA5TEez943D8Y7GHliwI-knhNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
IPv6:
2a05:a280::/29
Signature Algorithm: sha256WithRSAEncryption
9e:48:a0:1d:66:ee:fc:88:a9:47:db:a1:af:7b:67:1d:bf:d5:
58:0c:a0:6e:43:1b:32:38:51:b6:77:fa:84:8a:da:e7:f4:6c:
d6:46:57:58:f6:37:62:fe:a4:c4:bd:78:13:c6:8a:96:c1:76:
0a:72:98:da:b1:09:3b:4f:c3:61:d7:67:be:77:93:44:20:63:
f2:61:56:bb:a2:08:d6:33:32:25:6a:07:fb:b6:47:cd:24:3d:
8d:31:6f:eb:d1:48:e8:09:51:b1:03:2f:af:27:88:4e:79:6d:
9d:55:8d:ee:7c:d4:4a:64:71:9e:1c:04:d0:b6:9e:51:91:2f:
8e:5c:8d:72:0f:78:a6:97:39:db:6e:e9:47:9f:bd:2a:29:6e:
f9:5b:e4:71:9b:91:5b:17:34:10:8f:0a:e7:3b:88:99:b2:ca:
ae:0e:3d:a0:fa:e7:15:f4:80:90:eb:c8:4f:61:31:c4:49:b1:
b5:71:9e:9b:a0:d8:f4:27:5e:12:4a:2c:46:ed:fc:53:23:00:
38:e6:b0:17:05:63:89:66:b1:5f:db:f7:66:31:66:16:37:3a:
75:b1:a8:31:0a:58:4e:be:ed:d8:ed:11:5b:cb:4c:3a:2b:49:
aa:ba:7a:14:21:13:37:76:61:9a:e0:1b:e6:c7:da:bf:96:0c:
35:49:d3:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtXPJ+bQNl6BnXCcc3MyTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwMTAxMTI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODAwMzk0YzQ3YjNmNzhkYzNmMThlYzYxZTU4YjAyM2U5Mjc4NGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktaLKb7B4umhPFmSgf8q/oHMn74F
2RH8BZ0b8db5aUKTfJ+BXecJ0Wl+SpzkUYT0rANm5AanMJ00Oap1uwf6vxW+Hz4j
HxBnzK6miuEY0/bLq7fmm0U5CkS9Uk7+mhmnl0mB6nrgFRbr44IYdGjq59jDloQv
dwjCYVYeLvWB7xlWHF6n73BIJN9dNnrjGiqdZBLHxpENyo6NwhjqAuzP770gVB3+
ZJibSB/f+GpZPuwdmvHye19yLPU67bWiyCI9/CcRHca27BTT6FNJBVEXJpKWYGel
yDD+lQSyunaeUFpJcYpmJDH4zEciZDV1XkFJnwxPsVeHcq33B1l9/AastQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMgAOUxHs/eNw/GOxh5YsCPpJ4TbMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEveUFBNVRFZXo5NDNEOFk3R0hsaXdJLWtuaE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuUXoAwQC
uVRIAwQCuWnMAwQCuWnYMA0EAgACMAcDBQMqBaKAMA0GCSqGSIb3DQEBCwUAA4IB
AQCeSKAdZu78iKlH26Gve2cdv9VYDKBuQxsyOFG2d/qEitrn9GzWRldY9jdi/qTE
vXgTxoqWwXYKcpjasQk7T8Nh12e+d5NEIGPyYVa7ogjWMzIlagf7tkfNJD2NMW/r
0UjoCVGxAy+vJ4hOeW2dVY3ufNRKZHGeHATQtp5RkS+OXI1yD3imlznbbulHn70q
KW75W+Rxm5FbFzQQjwrnO4iZssquDj2g+ucV9ICQ68hPYTHESbG1cZ6boNj0J14S
SixG7fxTIwA45rAXBWOJZrFf2/dmMWYWNzp1sagxClhOvu3Y7RFby0w6K0mqunoU
IRM3dmGa4Bvmx9q/lgw1SdPd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org