Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/ye6238pOX3uN6vnb7wBc9ukBbqE.roa
File: ye6238pOX3uN6vnb7wBc9ukBbqE.roa (raw, json)
Hash identifier: dZZs8ZuJ+Z8bjsb05NTPyhbUW6logYLpkqZA1jD0yCg=
Subject key identifier: C9:EE:B6:DF:CA:4E:5F:7B:8D:EA:F9:DB:EF:00:5C:F6:E9:01:6E:A1
Certificate issuer: /CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Certificate serial: 018C0F80FF8FA4F423668E4FF610405C5323
Authority key identifier: 87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/ye6238pOX3uN6vnb7wBc9ukBbqE.roa
Signing time: Mon 27 Nov 2023 06:39:21 +0000
ROA not before: Mon 27 Nov 2023 06:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210275
IP address blocks: 185.35.78.0/24 maxlen: 24
185.35.78.0/23 maxlen: 23
2a13:2400::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:80:ff:8f:a4:f4:23:66:8e:4f:f6:10:40:5c:53:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e965e78831a88ba8fa419432a9d7bac9db38a3
Validity
Not Before: Nov 27 06:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9eeb6dfca4e5f7b8deaf9dbef005cf6e9016ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:51:7f:cf:15:e9:7c:a9:ba:17:88:d6:44:0f:
a3:5a:1f:d0:ba:92:fa:71:a4:be:11:b1:46:c6:46:
2e:bc:e9:c7:85:25:c8:82:2f:c4:cf:27:90:87:f8:
4f:14:3c:ae:2f:4c:e5:aa:99:26:5a:07:d0:27:e1:
52:3e:52:a1:46:4b:5a:3b:9c:5f:05:13:d2:b8:ee:
8d:76:b4:45:73:ef:86:8b:ae:32:01:d7:1c:ea:57:
4a:ae:5c:60:b7:b7:38:e4:55:cd:e8:8b:0e:c5:b2:
c1:68:c6:f7:80:8d:f5:4d:23:0e:c9:59:e4:93:8b:
f2:df:6f:0d:08:42:e0:a3:32:ce:b7:d4:da:61:91:
a4:d1:13:3b:af:a1:6e:b5:6e:e4:91:68:db:39:d2:
a9:e9:da:4f:c8:1e:bc:f9:29:50:79:25:38:57:50:
7f:06:e6:89:54:f6:5d:fa:2c:93:83:95:6d:29:3a:
05:3c:f3:68:0f:1c:38:b2:c2:10:a2:15:75:19:df:
ec:49:35:04:39:f6:05:eb:dd:0a:ed:60:25:98:92:
df:7c:7b:41:11:d7:9a:e9:91:25:12:74:fe:7c:3f:
99:95:7d:c3:99:9d:c7:ed:03:6b:c2:9b:6a:cd:af:
5f:87:c3:5a:d5:0b:3b:fa:95:2a:82:7c:67:36:dd:
60:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:EE:B6:DF:CA:4E:5F:7B:8D:EA:F9:DB:EF:00:5C:F6:E9:01:6E:A1
X509v3 Authority Key Identifier:
keyid:87:E9:65:E7:88:31:A8:8B:A8:FA:41:94:32:A9:D7:BA:C9:DB:38:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ll54gxqIuo-kGUMqnXusnbOKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/ye6238pOX3uN6vnb7wBc9ukBbqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/050533-a57e-4a8b-bf0d-cee3b492902e/1/h-ll54gxqIuo-kGUMqnXusnbOKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.78.0/23
IPv6:
2a13:2400::/29
Signature Algorithm: sha256WithRSAEncryption
55:70:ce:b1:b9:2c:c0:34:8f:6b:6e:fe:3c:9d:14:14:6a:72:
e6:ad:fc:98:11:a8:7f:5f:e4:31:d4:6d:5c:0e:d7:99:81:ac:
ab:1f:28:21:34:46:e0:62:cc:04:1a:14:f9:20:3e:41:43:4a:
e0:3e:fa:bb:a2:3a:c8:78:ea:37:cc:fc:1d:2e:ca:c2:9c:4c:
e5:1d:8e:5d:43:17:67:3f:e1:32:25:a4:e5:c4:d3:1d:b9:eb:
1c:dd:0b:19:f1:88:8a:79:a8:35:e0:7c:28:b4:19:61:67:88:
70:54:41:c8:bd:cc:a9:82:f7:cb:36:07:44:27:27:98:aa:33:
f9:a6:95:15:49:df:47:40:65:9b:34:2d:fe:c5:de:ee:0d:89:
2c:fa:4b:2a:8d:50:12:57:b5:78:13:16:bc:b9:32:0c:06:4a:
71:82:95:43:98:f7:d6:d8:23:06:ca:98:b8:0e:3d:56:53:ff:
ad:74:2c:5e:9c:28:05:bd:66:50:2c:85:4f:22:01:91:02:3f:
d6:fa:32:e9:bd:f9:eb:cf:ce:32:19:f5:84:f3:fa:f6:c9:11:
0e:f9:c6:ad:2c:9a:9c:83:26:38:9d:72:59:f4:bb:46:cd:86:
fa:0d:10:d4:6c:64:57:6c:9f:b8:6b:e8:04:14:7a:c0:35:59:
a1:e7:28:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwPgP+PpPQjZo5P9hBAXFMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTk2NWU3ODgzMWE4OGJhOGZhNDE5NDMyYTlkN2JhYzlk
YjM4YTMwHhcNMjMxMTI3MDYzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWVlYjZkZmNhNGU1ZjdiOGRlYWY5ZGJlZjAwNWNmNmU5MDE2ZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVF/zxXpfKm6F4jWRA+jWh/QupL6
caS+EbFGxkYuvOnHhSXIgi/EzyeQh/hPFDyuL0zlqpkmWgfQJ+FSPlKhRktaO5xf
BRPSuO6NdrRFc++Gi64yAdcc6ldKrlxgt7c45FXN6IsOxbLBaMb3gI31TSMOyVnk
k4vy328NCELgozLOt9TaYZGk0RM7r6FutW7kkWjbOdKp6dpPyB68+SlQeSU4V1B/
BuaJVPZd+iyTg5VtKToFPPNoDxw4ssIQohV1Gd/sSTUEOfYF690K7WAlmJLffHtB
Edea6ZElEnT+fD+ZlX3DmZ3H7QNrwptqza9fh8Na1Qs7+pUqgnxnNt1gTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMnutt/KTl97jer52+8AXPbpAW6hMB8GA1UdIwQY
MBaAFIfpZeeIMaiLqPpBlDKp17rJ2zijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQt
Y2VlM2I0OTI5MDJlLzEveWU2MjM4cE9YM3VONnZuYjd3QmM5dWtCYnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wNTA1MzMtYTU3ZS00YThiLWJmMGQtY2VlM2I0OTI5MDJl
LzEvaC1sbDU0Z3hxSXVvLWtHVU1xblh1c25iT0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuSNOMA0E
AgACMAcDBQMqEyQAMA0GCSqGSIb3DQEBCwUAA4IBAQBVcM6xuSzANI9rbv48nRQU
anLmrfyYEah/X+Qx1G1cDteZgayrHyghNEbgYswEGhT5ID5BQ0rgPvq7ojrIeOo3
zPwdLsrCnEzlHY5dQxdnP+EyJaTlxNMduesc3QsZ8YiKeag14HwotBlhZ4hwVEHI
vcypgvfLNgdEJyeYqjP5ppUVSd9HQGWbNC3+xd7uDYks+ksqjVASV7V4Exa8uTIM
BkpxgpVDmPfW2CMGypi4Dj1WU/+tdCxenCgFvWZQLIVPIgGRAj/W+jLpvfnrz84y
GfWE8/r2yREO+catLJqcgyY4nXJZ9LtGzYb6DRDUbGRXbJ+4a+gEFHrANVmh5yg/
-----END CERTIFICATE-----
Generated at Mon Nov 27 08:35:35 2023 by rpki-client on console-fra.rpki-client.org