Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/YbjmnJFTYjt11Trylwdg59MCK7I.roa
File: YbjmnJFTYjt11Trylwdg59MCK7I.roa (raw, json)
Hash identifier: DQ+cfEV5182rPBZ1KOhzUwKkc5GGZqZfGmlWl4uPsxg=
Subject key identifier: 61:B8:E6:9C:91:53:62:3B:75:D5:3A:F2:97:07:60:E7:D3:02:2B:B2
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 01856FCB88E4CEBC1C1D8B236BB4AEC28C38
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/YbjmnJFTYjt11Trylwdg59MCK7I.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3262
IP address blocks: 185.226.229.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 07:46:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:88:e4:ce:bc:1c:1d:8b:23:6b:b4:ae:c2:8c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61b8e69c9153623b75d53af2970760e7d3022bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:f9:88:13:07:60:a0:30:fb:21:5c:60:89:
8a:15:6d:5a:42:c8:8d:3b:28:d2:d4:dd:7c:5f:d9:
88:b8:6f:a8:a8:87:29:66:52:8a:f0:7c:f9:76:18:
32:42:93:f1:93:7e:c0:d8:a8:a0:61:66:62:80:bb:
87:ef:c4:00:06:7e:82:8a:8f:47:fa:7d:eb:ae:ad:
d5:75:2b:15:42:25:b1:d2:c7:7e:6f:cb:07:34:94:
48:84:2c:5f:72:cd:6c:d9:7b:c0:bf:d6:fd:6c:96:
33:8c:f6:9f:d7:25:47:c1:2d:ea:6f:a5:cd:e4:01:
cb:3c:73:d2:a5:27:19:f9:6f:18:03:d6:0e:49:3b:
4f:6b:35:64:1f:3b:93:28:e9:7a:9f:80:e6:31:0e:
ff:7c:b4:99:e6:84:d4:12:82:0b:ee:58:8c:0c:0f:
8e:c5:01:4e:30:dc:92:cf:74:bc:d8:62:cb:fb:ad:
82:e5:48:76:74:8e:3e:66:ab:27:66:3e:97:ac:e9:
8d:77:cf:63:53:7d:55:9d:08:59:b0:dd:6c:db:f6:
53:24:3d:07:f7:76:26:45:a1:0b:9a:05:5e:e8:e4:
16:f5:eb:27:58:5e:3e:88:67:0f:bc:e2:29:e8:00:
d1:c3:d5:87:f1:1c:ad:e7:f0:20:a3:06:83:71:fe:
f5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B8:E6:9C:91:53:62:3B:75:D5:3A:F2:97:07:60:E7:D3:02:2B:B2
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/YbjmnJFTYjt11Trylwdg59MCK7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.166.0/23
185.226.229.0/24
185.232.132.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4d:5e:99:ec:8a:b6:46:04:4f:f6:27:22:53:4f:ee:75:33:
92:bf:c7:1b:ca:5c:68:08:0a:03:4d:4b:0d:de:be:0c:a2:f1:
9c:23:55:4c:f3:98:58:04:09:b8:60:87:39:7c:4c:85:d8:c8:
50:f2:6e:ff:38:c9:ac:63:74:f9:55:39:22:a7:0f:ce:d0:71:
d4:68:ad:52:ad:0a:56:eb:6b:ca:89:28:93:7e:fd:3c:39:22:
65:2b:9f:e5:48:8c:2c:b6:b6:ba:33:fe:17:b0:1c:7b:80:c5:
57:44:ba:a2:be:6a:1f:01:e3:91:88:aa:75:e6:f3:3a:47:99:
be:58:ff:2d:03:e9:55:b7:8e:7c:7e:69:6f:8a:ba:7e:ae:42:
b7:fd:68:88:c4:5e:80:f3:cc:db:85:8f:a1:dd:c6:ea:b1:c2:
c7:78:f9:b9:e1:22:19:9e:ba:18:cd:42:b0:25:42:da:13:9c:
76:a2:5b:3e:fe:bc:ca:4b:81:7c:58:ad:4a:ac:71:79:87:6a:
0f:14:e0:05:68:52:0c:0e:9b:7d:53:eb:9a:06:11:a7:66:81:
67:c2:d0:79:25:e6:8a:db:f3:8d:dc:73:cf:75:69:39:0d:ff:
bc:c8:83:a3:68:e9:14:66:46:70:8d:56:0e:06:e8:98:8e:6e:
5d:fd:04:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvy4jkzrwcHYsja7Suwow4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI4ZTY5YzkxNTM2MjNiNzVkNTNhZjI5NzA3NjBlN2QzMDIyYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYn5iBMHYKAw+yFcYImKFW1aQsiN
OyjS1N18X9mIuG+oqIcpZlKK8Hz5dhgyQpPxk37A2KigYWZigLuH78QABn6Cio9H
+n3rrq3VdSsVQiWx0sd+b8sHNJRIhCxfcs1s2XvAv9b9bJYzjPaf1yVHwS3qb6XN
5AHLPHPSpScZ+W8YA9YOSTtPazVkHzuTKOl6n4DmMQ7/fLSZ5oTUEoIL7liMDA+O
xQFOMNySz3S82GLL+62C5Uh2dI4+ZqsnZj6XrOmNd89jU31VnQhZsN1s2/ZTJD0H
93YmRaELmgVe6OQW9esnWF4+iGcPvOIp6ADRw9WH8Ryt5/AgowaDcf71TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGG45pyRU2I7ddU68pcHYOfTAiuyMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvWWJqbW5KRlRZanQxMVRyeWx3ZGc1OU1DSzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBudymAwQA
ueLlAwQAueiEMA0GCSqGSIb3DQEBCwUAA4IBAQARTV6Z7Iq2RgRP9iciU0/udTOS
v8cbylxoCAoDTUsN3r4MovGcI1VM85hYBAm4YIc5fEyF2MhQ8m7/OMmsY3T5VTki
pw/O0HHUaK1SrQpW62vKiSiTfv08OSJlK5/lSIwstra6M/4XsBx7gMVXRLqivmof
AeORiKp15vM6R5m+WP8tA+lVt458fmlvirp+rkK3/WiIxF6A88zbhY+h3cbqscLH
ePm54SIZnroYzUKwJULaE5x2ols+/rzKS4F8WK1KrHF5h2oPFOAFaFIMDpt9U+ua
BhGnZoFnwtB5JeaK2/ON3HPPdWk5Df+8yIOjaOkUZkZwjVYOBuiYjm5d/QRz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:06 2024 by rpki-client on console-ams.rpki-client.org