Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/YkqC-nxJSXBpRo0kSRuHU7-rUN0.roa
File: YkqC-nxJSXBpRo0kSRuHU7-rUN0.roa (raw, json)
Hash identifier: QY1KiqiqH/tBl+9BHuDCXFxGI9oIEuxcVG4fcvJtge8=
Subject key identifier: 62:4A:82:FA:7C:49:49:70:69:46:8D:24:49:1B:87:53:BF:AB:50:DD
Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Certificate serial: 01856BF7DE93F1F7B8E83E21B826E17BAD54
Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/YkqC-nxJSXBpRo0kSRuHU7-rUN0.roa
Signing time: Sun 01 Jan 2023 06:14:44 +0000
ROA not before: Sun 01 Jan 2023 06:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60752
IP address blocks: 185.26.1.0/24 maxlen: 24
185.26.0.0/24 maxlen: 24
185.26.2.0/24 maxlen: 24
193.35.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 05:36:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:de:93:f1:f7:b8:e8:3e:21:b8:26:e1:7b:ad:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Validity
Not Before: Jan 1 06:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=624a82fa7c49497069468d24491b8753bfab50dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:4f:cc:a7:5b:90:4b:6e:9e:82:51:e3:95:
6d:5d:1f:d1:c8:4e:0f:b9:dd:f9:c6:b8:cc:83:3e:
b6:68:fa:e2:4d:e4:64:40:38:e3:19:68:f7:c5:49:
0f:8e:86:4d:6b:f1:8b:9e:4d:dc:c4:18:4e:01:85:
f6:d8:e3:d3:1d:77:5a:c4:3c:55:a0:04:f2:6a:a1:
3e:dd:7b:5e:bf:88:46:76:98:af:28:d5:c4:17:79:
16:c6:b4:d6:36:d0:23:eb:50:f4:3c:0b:42:44:14:
bb:bc:14:20:79:7f:d0:f2:96:2f:67:02:0e:07:e0:
2d:f7:f0:ff:68:67:5e:c0:7c:33:a4:5e:bf:30:f0:
d5:9e:2c:6c:82:65:a5:f4:80:6d:f5:d0:90:2f:42:
10:57:ed:cd:df:d3:3f:ff:ee:7b:36:16:c6:86:c6:
6b:64:33:55:3f:2a:15:09:f5:a4:81:e8:55:e8:10:
e2:2b:6b:bb:83:d0:f6:41:d7:43:92:eb:56:0b:27:
9d:42:c8:10:d4:b6:ce:6c:e1:74:71:c6:a1:9a:d8:
e1:7f:d4:b3:48:a6:a9:33:99:9b:2f:18:77:2a:4f:
94:23:d2:82:c2:6e:1f:d4:04:a3:f3:e0:b4:7d:ce:
79:2d:6e:00:a4:54:b5:23:3f:c9:e4:c4:2e:de:e1:
b9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:82:FA:7C:49:49:70:69:46:8D:24:49:1B:87:53:BF:AB:50:DD
X509v3 Authority Key Identifier:
keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/YkqC-nxJSXBpRo0kSRuHU7-rUN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.0.0-185.26.2.255
193.35.225.0/24
Signature Algorithm: sha256WithRSAEncryption
16:e3:9f:50:32:bd:61:7d:f0:5f:aa:f1:f1:ff:4e:38:e9:47:
18:d0:f2:1c:1b:a2:58:41:02:b8:41:c5:15:80:aa:af:1d:c6:
88:d8:2a:83:a1:63:24:a4:63:7e:ce:ae:11:9b:ed:3d:e4:7c:
b2:5c:82:d9:0f:b8:1d:1c:e9:68:c7:26:67:c3:fa:90:36:0c:
ba:8d:e2:99:bd:33:e3:d8:f9:43:10:a6:d7:54:ae:07:36:be:
a0:80:8d:a4:b3:18:b1:d8:35:9b:e7:b8:ee:15:f7:e7:a7:9e:
0e:64:4a:d1:17:92:0e:b9:27:e9:8c:2e:4d:34:96:28:6c:a3:
18:6c:fb:cd:04:3c:87:3b:09:e8:9d:8e:26:b2:40:f4:19:17:
76:f7:3d:ac:a3:ec:59:a5:3a:e7:fc:90:bc:cd:ac:32:ca:4c:
4a:03:34:23:05:b6:a4:53:37:aa:29:01:59:8b:69:05:11:c0:
00:03:cd:c4:16:a4:c9:7c:b4:57:40:35:ef:f5:9f:55:31:85:
05:fd:03:62:ec:17:2b:47:b8:65:d3:87:55:74:b7:9a:2b:1c:
92:5e:cc:3f:fb:83:3f:bd:45:b5:b1:6f:e4:b6:ef:9d:0a:4e:
cc:46:e5:3f:92:dd:e6:42:4e:72:23:1e:d7:d2:ca:ac:69:c8:
f1:51:5a:e0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVr996T8fe46D4huCbhe61UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl
OTExYzEwHhcNMjMwMTAxMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhODJmYTdjNDk0OTcwNjk0NjhkMjQ0OTFiODc1M2JmYWI1MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzN5PzKdbkEtunoJR45VtXR/RyE4P
ud35xrjMgz62aPriTeRkQDjjGWj3xUkPjoZNa/GLnk3cxBhOAYX22OPTHXdaxDxV
oATyaqE+3Xtev4hGdpivKNXEF3kWxrTWNtAj61D0PAtCRBS7vBQgeX/Q8pYvZwIO
B+At9/D/aGdewHwzpF6/MPDVnixsgmWl9IBt9dCQL0IQV+3N39M//+57NhbGhsZr
ZDNVPyoVCfWkgehV6BDiK2u7g9D2QddDkutWCyedQsgQ1LbObOF0ccahmtjhf9Sz
SKapM5mbLxh3Kk+UI9KCwm4f1ASj8+C0fc55LW4ApFS1Iz/J5MQu3uG5QQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGJKgvp8SUlwaUaNJEkbh1O/q1DdMB8GA1UdIwQY
MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt
M2EwZmFhMjhiNWFjLzEvWWtxQy1ueEpTWEJwUm8wa1NSdUhVNy1yVU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj
LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwG5GgME
ALkaAgMEAMEj4TANBgkqhkiG9w0BAQsFAAOCAQEAFuOfUDK9YX3wX6rx8f9OOOlH
GNDyHBuiWEECuEHFFYCqrx3GiNgqg6FjJKRjfs6uEZvtPeR8slyC2Q+4HRzpaMcm
Z8P6kDYMuo3imb0z49j5QxCm11SuBza+oICNpLMYsdg1m+e47hX356eeDmRK0ReS
Drkn6YwuTTSWKGyjGGz7zQQ8hzsJ6J2OJrJA9BkXdvc9rKPsWaU65/yQvM2sMspM
SgM0IwW2pFM3qikBWYtpBRHAAAPNxBakyXy0V0A17/WfVTGFBf0DYuwXK0e4ZdOH
VXS3misckl7MP/uDP71FtbFv5LbvnQpOzEblP5Ld5kJOciMe19LKrGnI8VFa4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:55 2024 by rpki-client on console-ams.rpki-client.org