Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yIHOjnW1kxxJTOnWBu4b1sEq1GM.roa
File: yIHOjnW1kxxJTOnWBu4b1sEq1GM.roa (raw, json)
Hash identifier: MfamAB8uNFve8QW3ZTUmzuLG+jmfQUlpFi5S4mlbACs=
Subject key identifier: C8:81:CE:8E:75:B5:93:1C:49:4C:E9:D6:06:EE:1B:D6:C1:2A:D4:63
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01856D5CF0DCA801E406DB88B5683CF0D719
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yIHOjnW1kxxJTOnWBu4b1sEq1GM.roa
Signing time: Sun 01 Jan 2023 12:44:45 +0000
ROA not before: Sun 01 Jan 2023 12:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 185.76.236.0/22 maxlen: 24
46.21.224.0/20 maxlen: 24
85.10.156.0/22 maxlen: 24
2a01:7c8:f0::/46 maxlen: 64
Validation: Failed, certificate revoked on Fri 15 Dec 2023 10:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:f0:dc:a8:01:e4:06:db:88:b5:68:3c:f0:d7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 12:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c881ce8e75b5931c494ce9d606ee1bd6c12ad463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7a:3a:1d:fa:8c:0d:61:ce:54:ff:86:f4:87:
fc:43:ae:2a:b7:c7:70:84:1e:38:4e:cd:9c:c7:39:
79:ad:3f:aa:7b:eb:4a:d3:c4:bf:87:89:54:02:be:
58:c6:4f:bd:79:48:8f:d2:35:08:08:fa:79:01:02:
36:22:73:35:a2:4b:e0:4b:eb:ce:07:38:b9:0a:01:
7a:8e:f0:45:6c:68:49:41:6f:e1:37:ec:90:44:c2:
b3:0a:63:43:bf:e6:29:70:a7:dd:e6:55:2d:88:e5:
0d:17:f6:8c:b2:51:d6:ea:03:47:fa:da:f8:0f:e7:
5e:6e:ab:f9:93:34:2c:6a:b3:fb:3a:94:2d:e8:f3:
9c:4e:ba:46:cf:0d:cb:47:ba:9b:7c:56:e5:82:95:
5b:b6:0a:7b:e3:43:ff:e1:e7:5a:93:2c:8c:6b:3e:
d4:69:be:f0:b5:90:07:45:c4:18:c4:83:04:1f:b9:
66:b0:ad:e3:09:8f:1e:6e:d9:80:cc:c5:79:ea:fc:
32:18:c1:72:97:d9:57:6c:70:45:38:ba:0d:7a:69:
0d:33:53:03:5c:c0:84:65:48:bd:8b:17:e5:da:ec:
96:84:98:7f:5b:b6:df:ca:6f:1c:ff:6f:44:35:58:
94:05:1d:5b:10:4f:d0:d0:6a:9b:22:e8:4b:ad:24:
56:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:81:CE:8E:75:B5:93:1C:49:4C:E9:D6:06:EE:1B:D6:C1:2A:D4:63
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/yIHOjnW1kxxJTOnWBu4b1sEq1GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.224.0/20
85.10.156.0/22
185.76.236.0/22
IPv6:
2a01:7c8:f0::/46
Signature Algorithm: sha256WithRSAEncryption
69:bc:99:79:6f:cb:bf:39:64:07:ec:eb:1c:a2:97:76:72:00:
f3:5f:cf:d1:95:11:90:55:d0:b3:2f:6f:56:cf:63:59:a1:3f:
00:5b:51:de:eb:ff:5c:f2:78:10:e5:9e:0e:5c:5c:34:b0:64:
f4:99:e1:75:01:f9:9f:9b:e3:61:05:da:8a:ba:c3:53:64:5a:
26:a1:ae:54:5f:2e:5f:dc:f6:f2:d3:7d:07:eb:7d:a2:4f:96:
92:d0:88:39:72:bb:64:0b:b5:fd:a8:e0:f2:65:2a:bd:bc:20:
7d:7c:e7:a7:3a:09:9a:41:fe:7e:54:78:95:03:bb:36:cf:fe:
a2:4e:0d:53:93:34:2e:b6:2f:dd:15:9b:52:37:ea:6e:84:90:
da:ff:cc:01:e4:27:84:11:cb:43:54:86:22:bc:83:27:eb:3c:
75:2d:0a:5c:99:1b:0d:55:71:25:c0:aa:80:96:6d:9a:c0:e0:
57:f5:b6:3f:50:9d:cf:7a:9c:2c:f7:eb:d2:47:53:45:82:c0:
dc:1d:b7:65:75:f6:44:66:5c:ea:de:53:1c:ae:e8:f2:ab:d6:
1d:4c:68:e6:6c:d7:eb:86:f8:68:df:aa:67:e9:6f:75:93:f3:
51:97:cf:49:38:52:8c:7b:1e:24:3b:5c:21:54:b5:e5:cc:df:
bd:3b:4d:c9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVtXPDcqAHkBtuItWg88NcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMwMTAxMTI0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODgxY2U4ZTc1YjU5MzFjNDk0Y2U5ZDYwNmVlMWJkNmMxMmFkNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXo6HfqMDWHOVP+G9If8Q64qt8dw
hB44Ts2cxzl5rT+qe+tK08S/h4lUAr5Yxk+9eUiP0jUICPp5AQI2InM1okvgS+vO
Bzi5CgF6jvBFbGhJQW/hN+yQRMKzCmNDv+YpcKfd5lUtiOUNF/aMslHW6gNH+tr4
D+debqv5kzQsarP7OpQt6POcTrpGzw3LR7qbfFblgpVbtgp740P/4edakyyMaz7U
ab7wtZAHRcQYxIMEH7lmsK3jCY8ebtmAzMV56vwyGMFyl9lXbHBFOLoNemkNM1MD
XMCEZUi9ixfl2uyWhJh/W7bfym8c/29ENViUBR1bEE/Q0GqbIuhLrSRWowIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMiBzo51tZMcSUzp1gbuG9bBKtRjMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEveUlIT2puVzFreHhKVE9uV0J1NGIxc0VxMUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQELhXgAwQC
VQqcAwQCuUzsMA8EAgACMAkDBwIqAQfIAPAwDQYJKoZIhvcNAQELBQADggEBAGm8
mXlvy785ZAfs6xyil3ZyAPNfz9GVEZBV0LMvb1bPY1mhPwBbUd7r/1zyeBDlng5c
XDSwZPSZ4XUB+Z+b42EF2oq6w1NkWiahrlRfLl/c9vLTfQfrfaJPlpLQiDlyu2QL
tf2o4PJlKr28IH1856c6CZpB/n5UeJUDuzbP/qJODVOTNC62L90Vm1I36m6EkNr/
zAHkJ4QRy0NUhiK8gyfrPHUtClyZGw1VcSXAqoCWbZrA4Ff1tj9Qnc96nCz369JH
U0WCwNwdt2V19kRmXOreUxyu6PKr1h1MaOZs1+uG+Gjfqmfpb3WT81GXz0k4Uox7
HiQ7XCFUteXM3707Tck=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org