Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/jYl4Z1py2qzX7wCe3LxXYJqH1gQ.roa
File: jYl4Z1py2qzX7wCe3LxXYJqH1gQ.roa (raw, json)
Hash identifier: jMCA93LilHkFi5Ga5qMDGHBor3EWcDytVMzbATd1pus=
Subject key identifier: 8D:89:78:67:5A:72:DA:AC:D7:EF:00:9E:DC:BC:57:60:9A:87:D6:04
Certificate issuer: /CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Certificate serial: 018B36FCC14123FAC953BAD76D4A2AA19175
Authority key identifier: D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/jYl4Z1py2qzX7wCe3LxXYJqH1gQ.roa
Signing time: Mon 16 Oct 2023 05:36:55 +0000
ROA not before: Mon 16 Oct 2023 05:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60752
IP address blocks: 185.26.1.0/24 maxlen: 24
185.26.0.0/24 maxlen: 24
185.26.3.0/24 maxlen: 24
185.26.2.0/24 maxlen: 24
193.35.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:fc:c1:41:23:fa:c9:53:ba:d7:6d:4a:2a:a1:91:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8320bd4ef858fd62bb2485d08b0a86920e911c1
Validity
Not Before: Oct 16 05:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d8978675a72daacd7ef009edcbc57609a87d604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e9:25:e4:2b:df:26:33:84:a1:8b:03:f7:74:
a1:99:77:52:07:f4:d0:14:1e:71:4c:d0:fe:ce:30:
86:6a:fe:a9:f0:ad:67:a5:70:63:3b:fb:11:bf:b3:
49:65:39:68:e7:ef:c3:13:95:ed:e6:22:86:79:a5:
13:89:88:8f:a5:df:7c:a5:23:fb:15:ba:be:34:be:
ca:dc:0f:5a:61:f3:cc:b4:28:46:49:ba:73:24:d8:
57:bf:62:dc:09:e5:ac:ca:46:78:5d:d0:0c:f5:bd:
35:ba:70:2a:31:6c:22:55:c6:c6:b5:e0:0b:b7:f1:
30:83:c9:43:c1:e6:17:44:56:97:d2:85:b3:1e:a9:
e8:50:50:d3:c0:1e:3e:94:7d:fc:2c:f4:75:5a:7b:
48:22:be:ce:71:ea:cf:0d:3a:d1:ef:62:42:37:e0:
17:01:df:5e:34:5d:55:ca:03:59:4c:c9:51:24:65:
43:ea:e6:57:4e:20:e4:89:ec:70:00:3b:3f:a4:6d:
43:97:c7:f1:a3:93:53:6d:ab:64:d8:7f:ef:2b:03:
a0:e6:63:3c:b6:82:49:34:17:25:4d:03:23:49:02:
a4:db:da:b3:bc:21:2c:f7:98:bd:1a:77:f6:63:28:
ea:b1:ea:1c:b5:f4:1b:15:dc:0e:d2:ec:c5:b2:e7:
7d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:89:78:67:5A:72:DA:AC:D7:EF:00:9E:DC:BC:57:60:9A:87:D6:04
X509v3 Authority Key Identifier:
keyid:D8:32:0B:D4:EF:85:8F:D6:2B:B2:48:5D:08:B0:A8:69:20:E9:11:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DIL1O-Fj9YrskhdCLCoaSDpEcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/jYl4Z1py2qzX7wCe3LxXYJqH1gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bd81e7-397e-4d5d-a5f1-3a0faa28b5ac/1/2DIL1O-Fj9YrskhdCLCoaSDpEcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.0.0/22
193.35.225.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:4c:a9:12:37:a0:63:ff:ae:9e:07:d9:44:39:80:c7:9c:20:
d6:54:59:ad:55:bc:c6:7b:bc:5e:7d:27:27:6c:1c:f8:cf:67:
81:83:ca:5d:4e:53:94:a4:a6:a3:97:a3:40:53:8d:33:2c:c4:
1f:0b:9c:d4:0e:32:d8:03:b3:b6:7e:41:38:04:ce:8f:f4:98:
56:aa:21:85:82:f3:f4:20:01:57:f0:d2:87:f4:df:bf:21:ab:
cb:b1:63:af:63:1d:47:a6:22:35:ed:89:be:3a:69:bb:57:99:
f3:51:2a:01:f5:f5:19:aa:14:e8:c6:4a:4b:a1:c6:2d:7d:67:
32:c8:27:eb:0d:85:b0:12:64:bd:01:f5:94:05:1b:9e:4f:cb:
99:28:d4:77:b6:51:57:df:7c:ba:a0:2c:90:d1:d1:b9:67:69:
fc:b1:d7:58:5e:25:98:43:49:cc:f2:95:13:1e:7d:fa:96:6a:
42:9f:e4:cf:56:96:a9:25:9b:fc:87:a9:2b:b0:24:26:a9:15:
e4:bc:0b:83:93:0c:69:80:6f:a9:c1:3f:92:29:45:7d:2f:77:
df:aa:05:d5:60:89:d7:29:6f:36:20:e8:44:85:33:a1:3d:e0:
04:c8:26:31:47:04:0b:59:57:40:07:0b:7f:57:6d:4f:65:62:
ce:3c:dc:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs2/MFBI/rJU7rXbUoqoZF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzIwYmQ0ZWY4NThmZDYyYmIyNDg1ZDA4YjBhODY5MjBl
OTExYzEwHhcNMjMxMDE2MDUzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg5Nzg2NzVhNzJkYWFjZDdlZjAwOWVkY2JjNTc2MDlhODdkNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApukl5CvfJjOEoYsD93ShmXdSB/TQ
FB5xTND+zjCGav6p8K1npXBjO/sRv7NJZTlo5+/DE5Xt5iKGeaUTiYiPpd98pSP7
Fbq+NL7K3A9aYfPMtChGSbpzJNhXv2LcCeWsykZ4XdAM9b01unAqMWwiVcbGteAL
t/Ewg8lDweYXRFaX0oWzHqnoUFDTwB4+lH38LPR1WntIIr7OcerPDTrR72JCN+AX
Ad9eNF1VygNZTMlRJGVD6uZXTiDkiexwADs/pG1Dl8fxo5NTbatk2H/vKwOg5mM8
toJJNBclTQMjSQKk29qzvCEs95i9Gnf2YyjqseoctfQbFdwO0uzFsud9dwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI2JeGdactqs1+8Anty8V2Cah9YEMB8GA1UdIwQY
MBaAFNgyC9TvhY/WK7JIXQiwqGkg6RHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEt
M2EwZmFhMjhiNWFjLzEvallsNFoxcHkycXpYN3dDZTNMeFhZSnFIMWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iZDgxZTctMzk3ZS00ZDVkLWE1ZjEtM2EwZmFhMjhiNWFj
LzEvMkRJTDFPLUZqOVlyc2toZENMQ29hU0RwRWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRoAAwQA
wSPhMA0GCSqGSIb3DQEBCwUAA4IBAQAOTKkSN6Bj/66eB9lEOYDHnCDWVFmtVbzG
e7xefScnbBz4z2eBg8pdTlOUpKajl6NAU40zLMQfC5zUDjLYA7O2fkE4BM6P9JhW
qiGFgvP0IAFX8NKH9N+/IavLsWOvYx1HpiI17Ym+Omm7V5nzUSoB9fUZqhToxkpL
ocYtfWcyyCfrDYWwEmS9AfWUBRueT8uZKNR3tlFX33y6oCyQ0dG5Z2n8sddYXiWY
Q0nM8pUTHn36lmpCn+TPVpapJZv8h6krsCQmqRXkvAuDkwxpgG+pwT+SKUV9L3ff
qgXVYInXKW82IOhEhTOhPeAEyCYxRwQLWVdABwt/V21PZWLOPNzH
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:48 2024 by rpki-client on console-ams.rpki-client.org