Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/yzvKE5TzF-vcsuOEhYBcyHuuj5c.roa
File: yzvKE5TzF-vcsuOEhYBcyHuuj5c.roa (raw, json)
Hash identifier: jIq/e1FgqYjbXmXcHMum9gQlB+0E1t3dCi4rZkah8AM=
Subject key identifier: CB:3B:CA:13:94:F3:17:EB:DC:B2:E3:84:85:80:5C:C8:7B:AE:8F:97
Certificate issuer: /CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Certificate serial: 0185CAE3C7F2A5A22BBF8F1135E7D50B0BA0
Authority key identifier: 70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/yzvKE5TzF-vcsuOEhYBcyHuuj5c.roa
Signing time: Thu 19 Jan 2023 16:36:43 +0000
ROA not before: Thu 19 Jan 2023 16:36:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39671
IP address blocks: 185.229.70.0/24 maxlen: 24
185.229.69.0/24 maxlen: 24
185.229.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:e3:c7:f2:a5:a2:2b:bf:8f:11:35:e7:d5:0b:0b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70dc927808b9a67e7cba1ba74efb5bf6c12c895b
Validity
Not Before: Jan 19 16:36:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3bca1394f317ebdcb2e38485805cc87bae8f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:20:b6:ff:10:62:d3:1a:d4:f4:8f:a1:16:
28:9f:d2:02:5d:ee:e3:ac:77:ef:1d:9e:86:db:f0:
1c:99:95:c0:da:65:e1:3f:cf:5d:0a:9b:29:0f:76:
65:18:f2:65:d2:a0:94:dc:da:0c:93:08:ca:b6:5f:
da:ce:00:45:b3:cb:84:89:c9:13:80:4b:79:91:45:
9a:f7:8d:32:0a:30:12:f4:f3:62:7a:99:32:71:62:
43:4a:ae:18:2a:1a:ab:3c:5d:84:8e:67:e2:31:70:
a1:ae:32:64:7a:ce:96:4c:94:a0:15:ed:ed:fa:05:
57:49:fc:87:0b:48:be:11:70:17:10:1b:e7:aa:42:
74:dd:99:91:5c:b7:15:c2:2c:fc:3d:38:75:23:3e:
d5:c6:01:7a:c0:05:e4:d0:b8:62:79:6a:eb:18:67:
8c:f5:c6:08:e1:82:e6:c5:84:09:03:a7:64:3f:df:
d9:a0:42:1d:77:84:44:89:42:b3:45:13:b1:20:c0:
05:30:52:a5:77:f0:f9:c7:68:d9:c6:d4:ea:66:d1:
09:7f:d7:d7:30:95:0a:b2:ed:6c:40:9a:8c:63:82:
c5:5b:bb:c8:9e:45:53:7b:07:a7:d5:af:8b:e9:2b:
36:6d:f5:8b:81:18:ef:c9:a3:a2:85:04:08:4d:99:
c2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3B:CA:13:94:F3:17:EB:DC:B2:E3:84:85:80:5C:C8:7B:AE:8F:97
X509v3 Authority Key Identifier:
keyid:70:DC:92:78:08:B9:A6:7E:7C:BA:1B:A7:4E:FB:5B:F6:C1:2C:89:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNySeAi5pn58uhunTvtb9sEsiVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/yzvKE5TzF-vcsuOEhYBcyHuuj5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88a580-5dc1-4c86-92c5-5eebb1259dc9/1/cNySeAi5pn58uhunTvtb9sEsiVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.68.0-185.229.70.255
Signature Algorithm: sha256WithRSAEncryption
76:34:89:75:c9:a2:c9:e3:bb:05:06:ee:44:ec:b2:f5:77:fa:
55:cd:b5:49:b2:ef:47:03:ac:cd:e6:68:24:6a:4a:14:f6:09:
bf:32:f1:32:fe:cc:b2:25:b8:ec:5f:00:bb:bc:99:6c:6b:b2:
8b:9b:26:ec:38:4b:ea:f3:00:8e:20:50:9d:f6:bb:1a:02:75:
78:7a:b8:54:0a:6e:5f:76:b4:95:aa:ad:0c:a6:a1:dc:52:8d:
89:70:b3:54:21:1f:c3:7c:59:db:f7:e2:cc:39:ac:17:16:fc:
66:62:04:fe:ff:2a:a7:44:10:43:f5:f0:14:5f:1f:38:4e:db:
a0:96:25:a4:bc:c8:a8:70:7d:8c:f6:a7:82:c5:cd:9b:fb:6f:
d5:2f:0f:fd:db:6a:5f:82:36:40:1d:f3:f2:4a:57:49:62:af:
c7:87:82:12:e1:08:23:f0:b4:d1:78:17:5b:77:27:3d:6d:dc:
02:ec:1e:80:5d:83:13:4b:49:6e:54:08:41:3c:db:b5:2d:93:
4c:69:1f:75:4f:34:f2:67:fa:b3:54:7d:3e:e8:a0:f2:c0:af:
cd:aa:2d:e7:20:a8:fb:0e:f5:2a:7a:6e:14:13:7e:3f:0d:44:
81:28:44:da:18:62:f6:a1:91:d0:7a:db:07:6e:34:63:25:a1:
c8:ae:51:a1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXK48fypaIrv48RNefVCwugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGM5Mjc4MDhiOWE2N2U3Y2JhMWJhNzRlZmI1YmY2YzEy
Yzg5NWIwHhcNMjMwMTE5MTYzNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNiY2ExMzk0ZjMxN2ViZGNiMmUzODQ4NTgwNWNjODdiYWU4Zjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ0gtv8QYtMa1PSPoRYon9ICXe7j
rHfvHZ6G2/AcmZXA2mXhP89dCpspD3ZlGPJl0qCU3NoMkwjKtl/azgBFs8uEickT
gEt5kUWa940yCjAS9PNiepkycWJDSq4YKhqrPF2EjmfiMXChrjJkes6WTJSgFe3t
+gVXSfyHC0i+EXAXEBvnqkJ03ZmRXLcVwiz8PTh1Iz7VxgF6wAXk0LhieWrrGGeM
9cYI4YLmxYQJA6dkP9/ZoEIdd4REiUKzRROxIMAFMFKld/D5x2jZxtTqZtEJf9fX
MJUKsu1sQJqMY4LFW7vInkVTewen1a+L6Ss2bfWLgRjvyaOihQQITZnC9QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMs7yhOU8xfr3LLjhIWAXMh7ro+XMB8GA1UdIwQY
MBaAFHDckngIuaZ+fLobp077W/bBLIlbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUt
NWVlYmIxMjU5ZGM5LzEveXp2S0U1VHpGLXZjc3VPRWhZQmN5SHV1ajVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGE1ODAtNWRjMS00Yzg2LTkyYzUtNWVlYmIxMjU5ZGM5
LzEvY055U2VBaTVwbjU4dWh1blR2dGI5c0VzaVZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK55UQD
BAC55UYwDQYJKoZIhvcNAQELBQADggEBAHY0iXXJosnjuwUG7kTssvV3+lXNtUmy
70cDrM3maCRqShT2Cb8y8TL+zLIluOxfALu8mWxrsoubJuw4S+rzAI4gUJ32uxoC
dXh6uFQKbl92tJWqrQymodxSjYlws1QhH8N8Wdv34sw5rBcW/GZiBP7/KqdEEEP1
8BRfHzhO26CWJaS8yKhwfYz2p4LFzZv7b9UvD/3bal+CNkAd8/JKV0lir8eHghLh
CCPwtNF4F1t3Jz1t3ALsHoBdgxNLSW5UCEE827Utk0xpH3VPNPJn+rNUfT7ooPLA
r82qLecgqPsO9Sp6bhQTfj8NRIEoRNoYYvahkdB62wduNGMlociuUaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org