Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/142c4d-d073-48b2-bca0-322b5172af61/1/ykOUnsU0C2fr6Vvai8y3x-T4gZ0.roa
File: ykOUnsU0C2fr6Vvai8y3x-T4gZ0.roa (raw, json)
Hash identifier: jVdWIUq33eNOBhe9uokHrOlHfEf44H1atOMIjae18Wk=
Subject key identifier: CA:43:94:9E:C5:34:0B:67:EB:E9:5B:DA:8B:CC:B7:C7:E4:F8:81:9D
Certificate issuer: /CN=a02347bc9d973355e4801f289ca075f9d1e18d48
Certificate serial: 01856BA56D7F68DE5302388EB5A46FC4A595
Authority key identifier: A0:23:47:BC:9D:97:33:55:E4:80:1F:28:9C:A0:75:F9:D1:E1:8D:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCNHvJ2XM1XkgB8onKB1-dHhjUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/142c4d-d073-48b2-bca0-322b5172af61/1/ykOUnsU0C2fr6Vvai8y3x-T4gZ0.roa
Signing time: Sun 01 Jan 2023 04:44:41 +0000
ROA not before: Sun 01 Jan 2023 04:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206737
IP address blocks: 185.109.50.0/24 maxlen: 24
2a0e:4b80::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:6d:7f:68:de:53:02:38:8e:b5:a4:6f:c4:a5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a02347bc9d973355e4801f289ca075f9d1e18d48
Validity
Not Before: Jan 1 04:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca43949ec5340b67ebe95bda8bccb7c7e4f8819d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3c:63:5e:02:c7:15:75:6e:8b:46:8f:59:4e:
50:16:05:98:0f:41:8f:98:c4:b0:fe:cc:cc:ad:41:
f4:33:15:29:29:7b:22:30:32:21:0a:df:17:34:c3:
b2:96:94:f2:80:3c:83:59:4a:e0:4c:4c:84:07:d3:
cf:97:06:73:c4:61:f1:8a:2e:69:74:be:de:e1:19:
03:40:60:38:a5:67:30:4c:50:0a:36:48:5a:2d:ae:
e7:36:3d:cb:95:7e:a6:83:c8:65:16:8f:50:d5:e0:
a7:43:c2:58:01:a3:5a:24:70:9c:53:b4:47:18:e9:
ac:7d:95:b0:87:b4:ba:64:9b:c2:e1:47:24:fb:ca:
a0:d9:57:d6:bc:04:ea:f4:e8:3f:d6:67:dd:26:42:
16:1e:c8:b4:07:5b:ac:f6:d9:a2:8d:78:c6:4d:8f:
e7:47:9f:ff:21:2e:25:8c:ad:71:8e:12:c5:80:0a:
e1:75:11:5c:19:a2:63:81:bf:a7:0b:64:3c:9d:72:
fc:bf:5d:41:32:a5:19:76:44:8a:b5:ba:80:1f:9f:
f3:cb:4f:87:f3:92:bd:5b:75:d2:9c:a3:0f:58:e1:
80:f2:00:fb:d0:c4:c4:48:22:26:65:f1:dd:8e:5b:
90:96:57:d2:89:bc:1e:ff:09:d5:9e:64:5a:e7:2c:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:43:94:9E:C5:34:0B:67:EB:E9:5B:DA:8B:CC:B7:C7:E4:F8:81:9D
X509v3 Authority Key Identifier:
keyid:A0:23:47:BC:9D:97:33:55:E4:80:1F:28:9C:A0:75:F9:D1:E1:8D:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCNHvJ2XM1XkgB8onKB1-dHhjUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/142c4d-d073-48b2-bca0-322b5172af61/1/ykOUnsU0C2fr6Vvai8y3x-T4gZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/142c4d-d073-48b2-bca0-322b5172af61/1/oCNHvJ2XM1XkgB8onKB1-dHhjUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.50.0/24
IPv6:
2a0e:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
58:60:8f:98:2d:70:ef:75:52:e2:d4:ec:67:5d:57:ce:33:60:
83:3e:82:76:f2:36:3d:23:df:b7:fc:5b:8d:0a:f4:51:0a:ab:
06:17:26:0b:70:6a:a5:4c:eb:19:00:03:6a:3f:17:07:ac:6e:
0f:eb:8b:dc:d4:88:c5:88:55:89:b5:81:be:bb:08:a6:56:ce:
6e:3d:4a:3e:72:6d:39:11:25:df:3b:9f:ca:c5:ac:3c:c4:e8:
e9:7a:b9:81:ab:58:4e:54:d6:33:93:0a:23:f8:61:fc:e9:90:
13:16:89:64:5f:a2:30:bd:93:4f:c1:0e:9c:12:20:56:36:b5:
56:39:5c:d4:79:15:2e:80:da:04:c0:dc:d4:97:1a:1e:81:50:
cf:3a:f7:1b:9f:72:d3:98:11:50:5d:ba:29:f0:e7:f3:b4:65:
39:46:59:a1:b4:e4:8e:a4:e6:b3:98:65:b8:b1:de:7c:b0:cd:
e4:04:fc:2b:0f:73:36:6b:dd:c9:ac:64:d0:4b:cb:68:00:94:
6c:e7:6a:03:1a:ba:b8:23:4d:35:31:2a:83:0f:79:cd:11:8b:
26:b4:c7:08:7d:61:3e:53:90:80:c3:5d:28:2c:f5:fc:ae:8b:
ca:99:04:09:f6:23:07:43:e8:01:be:7f:c1:f0:07:65:6c:cb:
d0:eb:8a:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrpW1/aN5TAjiOtaRvxKWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjM0N2JjOWQ5NzMzNTVlNDgwMWYyODljYTA3NWY5ZDFl
MThkNDgwHhcNMjMwMTAxMDQ0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQzOTQ5ZWM1MzQwYjY3ZWJlOTViZGE4YmNjYjdjN2U0Zjg4MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszxjXgLHFXVui0aPWU5QFgWYD0GP
mMSw/szMrUH0MxUpKXsiMDIhCt8XNMOylpTygDyDWUrgTEyEB9PPlwZzxGHxii5p
dL7e4RkDQGA4pWcwTFAKNkhaLa7nNj3LlX6mg8hlFo9Q1eCnQ8JYAaNaJHCcU7RH
GOmsfZWwh7S6ZJvC4Uck+8qg2VfWvATq9Og/1mfdJkIWHsi0B1us9tmijXjGTY/n
R5//IS4ljK1xjhLFgArhdRFcGaJjgb+nC2Q8nXL8v11BMqUZdkSKtbqAH5/zy0+H
85K9W3XSnKMPWOGA8gD70MTESCImZfHdjluQllfSibwe/wnVnmRa5yxnWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMpDlJ7FNAtn6+lb2ovMt8fk+IGdMB8GA1UdIwQY
MBaAFKAjR7ydlzNV5IAfKJygdfnR4Y1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NOSHZKMlhNMVhrZ0I4b25LQjEtZEhoalVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xNDJjNGQtZDA3My00OGIyLWJjYTAt
MzIyYjUxNzJhZjYxLzEveWtPVW5zVTBDMmZyNlZ2YWk4eTN4LVQ0Z1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xNDJjNGQtZDA3My00OGIyLWJjYTAtMzIyYjUxNzJhZjYx
LzEvb0NOSHZKMlhNMVhrZ0I4b25LQjEtZEhoalVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuW0yMA0E
AgACMAcDBQMqDkuAMA0GCSqGSIb3DQEBCwUAA4IBAQBYYI+YLXDvdVLi1OxnXVfO
M2CDPoJ28jY9I9+3/FuNCvRRCqsGFyYLcGqlTOsZAANqPxcHrG4P64vc1IjFiFWJ
tYG+uwimVs5uPUo+cm05ESXfO5/Kxaw8xOjpermBq1hOVNYzkwoj+GH86ZATFolk
X6IwvZNPwQ6cEiBWNrVWOVzUeRUugNoEwNzUlxoegVDPOvcbn3LTmBFQXbop8Ofz
tGU5RlmhtOSOpOazmGW4sd58sM3kBPwrD3M2a93JrGTQS8toAJRs52oDGrq4I001
MSqDD3nNEYsmtMcIfWE+U5CAw10oLPX8rovKmQQJ9iMHQ+gBvn/B8AdlbMvQ64rT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:01 2024 by rpki-client on console-fra.rpki-client.org