Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/rwyxyp5NHgLWn8PRCrZXnoEZgPk.roa
File: rwyxyp5NHgLWn8PRCrZXnoEZgPk.roa (raw, json)
Hash identifier: HRjiUkwyTWOJrOK8bhNmmWOGW/DaLbVM6jzEMvZxZ0I=
Subject key identifier: AF:0C:B1:CA:9E:4D:1E:02:D6:9F:C3:D1:0A:B6:57:9E:81:19:80:F9
Certificate issuer: /CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Certificate serial: 018572280C6E2B929262887F79252298DA03
Authority key identifier: 0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/rwyxyp5NHgLWn8PRCrZXnoEZgPk.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201958
IP address blocks: 185.42.189.0/24 maxlen: 24
185.42.188.0/23 maxlen: 23
185.42.188.0/24 maxlen: 24
185.42.191.0/24 maxlen: 24
185.42.190.0/24 maxlen: 24
185.42.190.0/23 maxlen: 23
2a04:9140:3003::/48 maxlen: 48
2a04:9140:3043::/48 maxlen: 48
2a04:9140:3044::/48 maxlen: 48
2a04:9140:3104::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0c:6e:2b:92:92:62:88:7f:79:25:22:98:da:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af0cb1ca9e4d1e02d69fc3d10ab6579e811980f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:7a:be:7b:22:cf:d9:41:06:f4:aa:40:ce:
14:12:e1:38:c9:86:a2:b3:8a:dc:b4:58:16:1e:73:
c7:89:67:fa:d0:1a:6d:07:5d:27:3b:10:0a:9d:1f:
58:03:75:0b:65:e8:4b:93:29:7f:12:07:de:17:3a:
6b:5a:53:79:c2:b8:d7:69:27:25:7f:50:50:6b:61:
1e:4d:33:7c:f3:e0:9d:f0:64:f8:e4:a3:b9:e0:7e:
2b:3c:09:89:cf:c0:04:ef:8f:78:fb:a4:42:5a:7e:
e5:6a:59:ec:a3:16:fc:f8:3c:93:ff:f4:13:15:4a:
0b:93:9f:25:e0:ca:de:34:c4:5b:69:fc:c4:57:6f:
9d:c7:58:eb:ae:3e:64:34:f6:08:d5:58:58:ac:7a:
53:f8:dd:12:b1:2c:95:ca:a1:5b:a9:db:16:42:d3:
d0:89:81:73:9a:53:41:07:3d:1f:5e:c5:bf:d8:be:
7d:bf:f5:5f:8f:2d:f9:9c:7e:02:00:36:79:25:7c:
82:29:fd:a7:8e:44:66:06:40:73:08:28:c1:cd:a5:
3b:ca:3f:87:7e:26:73:71:f6:05:31:f7:b8:f9:68:
e0:0d:dc:3c:7a:bf:61:51:e1:a0:6d:78:ea:f3:99:
ef:3d:ed:78:d5:8a:2d:5f:5c:6f:21:61:4a:58:6f:
16:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0C:B1:CA:9E:4D:1E:02:D6:9F:C3:D1:0A:B6:57:9E:81:19:80:F9
X509v3 Authority Key Identifier:
keyid:0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/rwyxyp5NHgLWn8PRCrZXnoEZgPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.188.0/22
IPv6:
2a04:9140:3003::/48
2a04:9140:3043::-2a04:9140:3044:ffff:ffff:ffff:ffff:ffff
2a04:9140:3104::/48
Signature Algorithm: sha256WithRSAEncryption
4e:87:2f:13:5a:1c:5e:76:9a:cc:8b:d5:34:24:5e:02:ee:f0:
97:6f:53:44:00:d5:e5:d8:0d:e9:f3:00:c6:83:eb:52:df:ac:
4a:c1:5d:7c:8e:2a:e2:3c:53:ed:1f:f3:85:f7:19:1d:88:58:
14:cb:7e:d4:92:e0:89:79:74:7f:cb:9e:5b:00:f0:85:1b:76:
2b:b2:63:63:a4:96:f8:47:4f:c6:1b:ab:fe:fb:24:68:d5:a3:
50:8e:72:56:9c:78:a4:ac:d1:28:47:fc:b8:62:75:c4:2b:64:
b8:13:6c:b9:96:3e:11:85:bf:f2:fc:eb:23:72:7e:10:09:63:
6c:90:3a:c5:ae:5d:e8:53:e5:ee:e0:5f:f4:df:c4:35:06:9c:
fe:1f:0d:1a:58:c2:85:70:4c:3e:c9:8e:a3:62:55:65:79:95:
10:4a:eb:3e:49:1c:20:1d:0b:a2:68:af:b0:8b:de:77:55:f0:
1f:39:88:68:ea:4b:49:aa:56:1f:59:21:f4:f4:6b:f3:ec:e9:
06:f0:87:dd:e7:2f:f8:9b:65:56:8a:5d:1f:4a:86:bc:d5:62:
5f:c3:e4:7f:9e:fd:aa:28:d2:1c:32:89:76:24:49:5a:c5:c6:
3e:be:8d:13:98:99:c7:63:cb:83:89:07:88:a7:aa:a7:df:75:
64:0d:d1:3f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVyKAxuK5KSYoh/eSUimNoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWIzOGUzNGJiZTE3ZTE1NzcyNzA2YzdhOTYxYTg1ZTVk
MThiNWMwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjBjYjFjYTllNGQxZTAyZDY5ZmMzZDEwYWI2NTc5ZTgxMTk4MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWx6vnsiz9lBBvSqQM4UEuE4yYai
s4rctFgWHnPHiWf60BptB10nOxAKnR9YA3ULZehLkyl/EgfeFzprWlN5wrjXaScl
f1BQa2EeTTN88+Cd8GT45KO54H4rPAmJz8AE7494+6RCWn7lalnsoxb8+DyT//QT
FUoLk58l4MreNMRbafzEV2+dx1jrrj5kNPYI1VhYrHpT+N0SsSyVyqFbqdsWQtPQ
iYFzmlNBBz0fXsW/2L59v/Vfjy35nH4CADZ5JXyCKf2njkRmBkBzCCjBzaU7yj+H
fiZzcfYFMfe4+WjgDdw8er9hUeGgbXjq85nvPe141YotX1xvIWFKWG8WHQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFK8MscqeTR4C1p/D0Qq2V56BGYD5MB8GA1UdIwQY
MBaAFAvrOONLvhfhV3JwbHqWGoXl0YtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2Mt
OWI3OTk3NDgxZjcyLzEvcnd5eHlwNU5IZ0xXbjhQUkNyWlhub0VaZ1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2MtOWI3OTk3NDgxZjcy
LzEvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQCuSq8MCwE
AgACMCYDBwAqBJFAMAMwEgMHACoEkUAwQwMHACoEkUAwRAMHACoEkUAxBDANBgkq
hkiG9w0BAQsFAAOCAQEATocvE1ocXnaazIvVNCReAu7wl29TRADV5dgN6fMAxoPr
Ut+sSsFdfI4q4jxT7R/zhfcZHYhYFMt+1JLgiXl0f8ueWwDwhRt2K7JjY6SW+EdP
xhur/vskaNWjUI5yVpx4pKzRKEf8uGJ1xCtkuBNsuZY+EYW/8vzrI3J+EAljbJA6
xa5d6FPl7uBf9N/ENQac/h8NGljChXBMPsmOo2JVZXmVEErrPkkcIB0LomivsIve
d1XwHzmIaOpLSapWH1kh9PRr8+zpBvCH3ecv+JtlVopdH0qGvNViX8Pkf579qijS
HDKJdiRJWsXGPr6NE5iZx2PLg4kHiKeqp991ZA3RPw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:33 2024 by rpki-client on console-fra.rpki-client.org