Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/d8776b-284a-4f78-a71c-4574062aecb5/1/ypKX3nWWsTUdd2RWsEbeL3cLYeI.roa
File: ypKX3nWWsTUdd2RWsEbeL3cLYeI.roa (raw, json)
Hash identifier: XByXnlM1tGFxy6C7UK1cJmPgPVtKCJWZy/HOfIEXA9Y=
Subject key identifier: CA:92:97:DE:75:96:B1:35:1D:77:64:56:B0:46:DE:2F:77:0B:61:E2
Certificate issuer: /CN=feeff92fc9fe53547b7e3be1f83608809c4566c9
Certificate serial: 018B8F70CB6699C67679D4EE909A308369EF
Authority key identifier: FE:EF:F9:2F:C9:FE:53:54:7B:7E:3B:E1:F8:36:08:80:9C:45:66:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_u_5L8n-U1R7fjvh-DYIgJxFZsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/d8776b-284a-4f78-a71c-4574062aecb5/1/ypKX3nWWsTUdd2RWsEbeL3cLYeI.roa
Signing time: Thu 02 Nov 2023 09:50:15 +0000
ROA not before: Thu 02 Nov 2023 09:50:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206655
IP address blocks: 185.200.180.0/22 maxlen: 24
185.107.204.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:70:cb:66:99:c6:76:79:d4:ee:90:9a:30:83:69:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feeff92fc9fe53547b7e3be1f83608809c4566c9
Validity
Not Before: Nov 2 09:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca9297de7596b1351d776456b046de2f770b61e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:d0:98:50:45:fb:6b:3e:55:1c:c7:0e:2a:
cb:11:76:01:75:17:68:70:79:77:8e:1a:b8:a2:05:
3a:ee:8c:f8:bc:d7:b2:bc:98:03:8c:c1:b1:c8:08:
ac:43:af:09:26:56:51:82:f9:4d:b0:68:89:0c:90:
e5:f8:9c:3a:82:f4:6f:4b:bb:fb:c7:58:9b:7f:3e:
35:c1:32:aa:fa:c0:0b:a8:ff:d2:d8:97:88:59:e6:
16:25:4f:c9:c4:35:76:dd:49:de:f0:48:a1:23:ae:
ad:01:df:65:f4:14:bd:c6:30:42:4e:99:c5:5a:65:
b5:ba:fc:7d:31:cb:2b:09:77:34:cb:3e:05:4e:8f:
f5:ef:30:13:7e:93:f5:1a:61:31:dc:ca:80:b5:e1:
b3:b5:e9:28:69:7a:40:55:32:c1:1b:71:1e:62:87:
79:2e:c1:59:94:9e:21:55:8c:fc:65:8c:9f:8f:3d:
69:47:fd:7d:e0:a5:65:29:69:95:92:80:00:48:6d:
21:02:25:27:12:bc:f2:62:05:11:01:ae:68:2d:5c:
d0:32:a2:c2:f7:ac:b5:01:f9:87:b2:f3:76:fe:bd:
dc:45:42:42:e5:d4:fd:f8:69:f6:cc:d5:bd:99:c5:
95:14:92:6d:71:1f:fd:08:0b:0f:a3:93:4a:bb:93:
12:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:92:97:DE:75:96:B1:35:1D:77:64:56:B0:46:DE:2F:77:0B:61:E2
X509v3 Authority Key Identifier:
keyid:FE:EF:F9:2F:C9:FE:53:54:7B:7E:3B:E1:F8:36:08:80:9C:45:66:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_u_5L8n-U1R7fjvh-DYIgJxFZsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d8776b-284a-4f78-a71c-4574062aecb5/1/ypKX3nWWsTUdd2RWsEbeL3cLYeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/d8776b-284a-4f78-a71c-4574062aecb5/1/_u_5L8n-U1R7fjvh-DYIgJxFZsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.204.0/22
185.200.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:2a:b2:d8:d2:d2:a8:9d:f4:7c:14:1c:d3:5e:18:0a:ea:a5:
61:1d:e1:fc:fe:8d:cf:e4:a5:71:5f:29:b7:1b:d2:df:a2:bb:
c3:d9:07:3f:71:37:57:f1:78:71:6f:17:2a:ac:fd:b6:2c:7c:
0b:db:ed:04:e4:52:e7:66:88:71:7d:ee:2c:94:11:0e:4f:75:
06:1f:4b:8b:39:aa:a0:cf:8e:fb:a1:8d:28:36:b6:91:69:62:
01:d2:66:f8:fb:c7:6b:83:ab:75:f1:20:b9:2a:e7:17:9d:87:
2e:f9:ca:4b:d0:3b:46:f7:f3:b9:bf:57:98:b8:99:97:d9:8f:
07:0c:e4:1d:10:68:6f:da:f6:b4:46:a3:39:07:51:de:51:29:
f9:68:a4:52:f9:2d:0b:4e:51:09:9a:60:f7:e2:d0:de:4a:19:
ef:a2:a5:9b:87:67:3b:b7:a3:55:f0:fc:38:fc:a8:03:7e:7d:
bb:a0:ae:97:4e:02:8d:e0:16:78:5e:5b:32:31:ac:4a:f2:1d:
d1:c4:7d:07:ed:e9:b2:8a:22:a3:e9:72:5a:05:6f:52:fe:ed:
bd:e0:29:19:ff:a5:99:01:e9:8f:86:b1:39:4e:28:f7:a8:bc:
7d:a9:4f:21:d6:d0:6f:6a:c6:88:db:62:4b:49:72:78:9a:a8:
c6:17:08:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuPcMtmmcZ2edTukJowg2nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZWZmOTJmYzlmZTUzNTQ3YjdlM2JlMWY4MzYwODgwOWM0
NTY2YzkwHhcNMjMxMTAyMDk1MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkyOTdkZTc1OTZiMTM1MWQ3NzY0NTZiMDQ2ZGUyZjc3MGI2MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6vQmFBF+2s+VRzHDirLEXYBdRdo
cHl3jhq4ogU67oz4vNeyvJgDjMGxyAisQ68JJlZRgvlNsGiJDJDl+Jw6gvRvS7v7
x1ibfz41wTKq+sALqP/S2JeIWeYWJU/JxDV23Une8EihI66tAd9l9BS9xjBCTpnF
WmW1uvx9McsrCXc0yz4FTo/17zATfpP1GmEx3MqAteGztekoaXpAVTLBG3EeYod5
LsFZlJ4hVYz8ZYyfjz1pR/194KVlKWmVkoAASG0hAiUnErzyYgURAa5oLVzQMqLC
96y1AfmHsvN2/r3cRUJC5dT9+Gn2zNW9mcWVFJJtcR/9CAsPo5NKu5MS2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqSl951lrE1HXdkVrBG3i93C2HiMB8GA1UdIwQY
MBaAFP7v+S/J/lNUe3474fg2CICcRWbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3VfNUw4bi1VMVI3Zmp2aC1EWUlnSnhGWnNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9kODc3NmItMjg0YS00Zjc4LWE3MWMt
NDU3NDA2MmFlY2I1LzEveXBLWDNuV1dzVFVkZDJSV3NFYmVMM2NMWWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9kODc3NmItMjg0YS00Zjc4LWE3MWMtNDU3NDA2MmFlY2I1
LzEvX3VfNUw4bi1VMVI3Zmp2aC1EWUlnSnhGWnNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWvMAwQC
uci0MA0GCSqGSIb3DQEBCwUAA4IBAQCoKrLY0tKonfR8FBzTXhgK6qVhHeH8/o3P
5KVxXym3G9LforvD2Qc/cTdX8XhxbxcqrP22LHwL2+0E5FLnZohxfe4slBEOT3UG
H0uLOaqgz477oY0oNraRaWIB0mb4+8drg6t18SC5KucXnYcu+cpL0DtG9/O5v1eY
uJmX2Y8HDOQdEGhv2va0RqM5B1HeUSn5aKRS+S0LTlEJmmD34tDeShnvoqWbh2c7
t6NV8Pw4/KgDfn27oK6XTgKN4BZ4XlsyMaxK8h3RxH0H7emyiiKj6XJaBW9S/u29
4CkZ/6WZAemPhrE5Tij3qLx9qU8h1tBvasaI22JLSXJ4mqjGFwhn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:49 2024 by rpki-client on console-fra.rpki-client.org