Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/_YXBPEAzlRRg6qsWZiQzb7Mh0MQ.roa
File: _YXBPEAzlRRg6qsWZiQzb7Mh0MQ.roa (raw, json)
Hash identifier: 7DyEFswteRjb7OFdxDTf205sDMc4KEa4HCsLjJWfyz4=
Subject key identifier: FD:85:C1:3C:40:33:95:14:60:EA:AB:16:66:24:33:6F:B3:21:D0:C4
Certificate issuer: /CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
Certificate serial: 01856CF870A394997896D572AF78CAB06C43
Authority key identifier: 8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/_YXBPEAzlRRg6qsWZiQzb7Mh0MQ.roa
Signing time: Sun 01 Jan 2023 10:54:59 +0000
ROA not before: Sun 01 Jan 2023 10:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61956
IP address blocks: 185.47.120.0/22 maxlen: 22
185.47.122.0/23 maxlen: 23
2a01:8be0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:70:a3:94:99:78:96:d5:72:af:78:ca:b0:6c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
Validity
Not Before: Jan 1 10:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd85c13c4033951460eaab166624336fb321d0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:57:cd:ee:83:a8:a7:80:e7:2c:9a:e6:18:77:
f2:5b:8d:0a:1d:5f:6d:dd:96:00:ea:4a:90:98:e5:
a7:4f:9d:52:3a:ea:da:64:cf:f8:42:9d:56:cb:08:
c4:dd:be:ee:4b:44:c9:8a:3c:ac:4f:0b:0f:41:cc:
f7:9e:40:50:97:78:99:17:d9:b5:00:05:ae:27:83:
d6:e3:fe:3a:0f:17:d3:3f:ae:56:27:4e:7f:51:d6:
07:58:20:b0:28:e9:b4:9e:95:7d:76:cf:c9:d9:99:
b4:c4:7f:8d:d0:51:78:82:91:c6:b0:53:75:0f:e1:
c5:bf:3e:fd:b3:cb:4a:e2:68:97:b4:c8:97:d1:94:
84:b7:fc:b6:75:d9:29:dc:c7:66:f3:2f:f8:6e:ac:
50:65:7d:71:7f:60:d1:05:45:d2:b5:75:ab:78:a2:
6b:08:9a:87:7f:3a:85:68:f3:4d:db:de:d0:89:0e:
56:d5:d8:1a:83:b8:d1:6e:bf:f4:80:ec:bd:4b:f6:
f0:b5:6a:a1:5f:be:1f:fb:4a:f8:3a:eb:14:d8:d6:
c2:9c:34:3a:52:e6:89:3c:b6:9d:83:4b:70:5e:a4:
1e:62:45:ba:c3:5c:81:17:cb:d3:3b:44:d1:4b:be:
3a:3b:5b:01:42:b2:e8:e6:46:39:c8:02:b7:cb:d4:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:85:C1:3C:40:33:95:14:60:EA:AB:16:66:24:33:6F:B3:21:D0:C4
X509v3 Authority Key Identifier:
keyid:8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/_YXBPEAzlRRg6qsWZiQzb7Mh0MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/jsH30FMGguG2jjv-WodE7lGtM10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.120.0/22
IPv6:
2a01:8be0::/29
Signature Algorithm: sha256WithRSAEncryption
74:df:1c:37:74:90:d9:99:ad:56:8a:a9:50:28:35:35:a4:be:
f3:a5:02:a7:6e:22:bc:e4:7d:20:cc:df:82:e7:60:39:2c:1d:
b0:91:2d:12:33:84:4c:04:ba:dd:ee:e4:31:da:31:f0:d3:22:
0e:3a:98:88:64:f3:d7:ca:4d:f3:c9:d2:72:80:7a:a1:96:26:
64:8e:bf:b9:f9:95:73:9f:58:c5:15:ec:dd:6a:c0:bb:25:b7:
15:b8:e3:c8:54:7a:d6:ee:92:4b:44:27:6b:87:54:0d:eb:8e:
39:bc:89:a4:2f:55:be:f5:87:32:19:74:1c:94:15:df:dd:5b:
48:97:c3:54:42:65:69:21:dc:ba:48:8d:22:de:bc:a5:3b:45:
d4:a5:8c:e4:2a:b2:c4:ca:5b:d1:90:3e:50:f3:f3:03:7f:6c:
82:f7:cf:71:44:68:e1:4c:ab:3b:ab:aa:f6:99:d9:4b:06:e5:
65:4b:e0:ca:0f:7d:79:91:04:6c:27:a5:4b:49:65:79:6a:9e:
c7:75:ea:88:8f:c4:9f:95:ea:4e:dd:2b:e5:0c:ac:22:01:00:
8b:42:6e:bc:98:ff:74:8d:e7:ab:29:91:84:72:09:2d:88:81:
e6:d0:3d:3d:5d:c4:b1:9d:13:80:71:bf:e0:82:0b:1a:1a:d5:
20:e0:28:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HCjlJl4ltVyr3jKsGxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzFmN2QwNTMwNjgyZTFiNjhlM2JmZTVhODc0NGVlNTFh
ZDMzNWQwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDg1YzEzYzQwMzM5NTE0NjBlYWFiMTY2NjI0MzM2ZmIzMjFkMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlfN7oOop4DnLJrmGHfyW40KHV9t
3ZYA6kqQmOWnT51SOuraZM/4Qp1WywjE3b7uS0TJijysTwsPQcz3nkBQl3iZF9m1
AAWuJ4PW4/46DxfTP65WJ05/UdYHWCCwKOm0npV9ds/J2Zm0xH+N0FF4gpHGsFN1
D+HFvz79s8tK4miXtMiX0ZSEt/y2ddkp3Mdm8y/4bqxQZX1xf2DRBUXStXWreKJr
CJqHfzqFaPNN297QiQ5W1dgag7jRbr/0gOy9S/bwtWqhX74f+0r4OusU2NbCnDQ6
UuaJPLadg0twXqQeYkW6w1yBF8vTO0TRS746O1sBQrLo5kY5yAK3y9T6pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP2FwTxAM5UUYOqrFmYkM2+zIdDEMB8GA1UdIwQY
MBaAFI7B99BTBoLhto47/lqHRO5RrTNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNIMzBGTUdndUcyamp2LVdvZEU3bEd0TTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS85MThhMzMtNjc2Ni00Nzk1LTg1NzMt
YWVlNjk4YWY2OGI3LzEvX1lYQlBFQXpsUlJnNnFzV1ppUXpiN01oME1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS85MThhMzMtNjc2Ni00Nzk1LTg1NzMtYWVlNjk4YWY2OGI3
LzEvanNIMzBGTUdndUcyamp2LVdvZEU3bEd0TTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS94MA0E
AgACMAcDBQMqAYvgMA0GCSqGSIb3DQEBCwUAA4IBAQB03xw3dJDZma1WiqlQKDU1
pL7zpQKnbiK85H0gzN+C52A5LB2wkS0SM4RMBLrd7uQx2jHw0yIOOpiIZPPXyk3z
ydJygHqhliZkjr+5+ZVzn1jFFezdasC7JbcVuOPIVHrW7pJLRCdrh1QN6445vImk
L1W+9YcyGXQclBXf3VtIl8NUQmVpIdy6SI0i3rylO0XUpYzkKrLEylvRkD5Q8/MD
f2yC989xRGjhTKs7q6r2mdlLBuVlS+DKD315kQRsJ6VLSWV5ap7HdeqIj8SflepO
3SvlDKwiAQCLQm68mP90jeerKZGEcgktiIHm0D09XcSxnROAcb/gggsaGtUg4Ch2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:30 2024 by rpki-client on console-fra.rpki-client.org