Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/y82bj7yPjubw2QDdXLWZ8xn_zjg.roa
File: y82bj7yPjubw2QDdXLWZ8xn_zjg.roa (raw, json)
Hash identifier: l+DyYCFxsTaD5jUJFyFQgcvoEeuc9aX7yhsegqBMh/Q=
Subject key identifier: CB:CD:9B:8F:BC:8F:8E:E6:F0:D9:00:DD:5C:B5:99:F3:19:FF:CE:38
Certificate issuer: /CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
Certificate serial: 018CC8015768547CE7D4ABE909C69E969AD1
Authority key identifier: 8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/y82bj7yPjubw2QDdXLWZ8xn_zjg.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61956
IP address blocks: 185.47.120.0/22 maxlen: 22
185.47.122.0/23 maxlen: 23
2a01:8be0::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:57:68:54:7c:e7:d4:ab:e9:09:c6:9e:96:9a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec1f7d0530682e1b68e3bfe5a8744ee51ad335d
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbcd9b8fbc8f8ee6f0d900dd5cb599f319ffce38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:06:11:e8:e6:14:d4:51:91:0f:fe:5b:59:
d6:89:f9:5d:2c:5a:03:a1:69:4d:87:52:f1:a1:0d:
26:c3:a4:e5:af:17:09:94:7a:94:c3:54:37:b6:ef:
d7:b9:d7:f4:8a:b5:58:76:4d:24:0b:5a:55:1e:5c:
dc:f3:05:a6:75:03:f9:a6:7c:4f:c1:1b:f8:de:2e:
c2:58:f8:ca:c7:49:b8:d4:28:a6:43:d6:5f:da:53:
04:17:70:83:ae:d9:d8:37:d6:0f:0b:7d:de:eb:1b:
b0:c6:f3:40:b7:f4:22:1a:f3:25:d9:be:10:c8:9e:
ef:e5:55:a8:10:50:32:fc:de:ed:f9:0e:2e:78:13:
9d:6c:98:83:e9:bb:cd:a5:75:ce:b3:84:30:80:0e:
35:cd:2e:97:b6:75:66:f0:8c:86:59:0d:47:e2:80:
aa:6c:00:1c:76:b4:6c:2a:41:cf:d6:e4:d6:16:d0:
63:5f:b4:2e:a4:47:f5:3e:21:ef:ad:f3:1d:35:40:
b9:d7:fe:69:92:72:c9:fe:04:76:dd:0c:79:90:9e:
45:c1:f7:5c:a7:7f:63:96:3d:d8:da:0f:9d:bc:93:
89:fe:f4:c7:7a:79:ef:79:5a:b6:d7:78:a6:7e:8b:
95:b6:2e:6b:af:75:7f:b2:90:19:77:c4:d8:3a:b0:
41:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CD:9B:8F:BC:8F:8E:E6:F0:D9:00:DD:5C:B5:99:F3:19:FF:CE:38
X509v3 Authority Key Identifier:
keyid:8E:C1:F7:D0:53:06:82:E1:B6:8E:3B:FE:5A:87:44:EE:51:AD:33:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsH30FMGguG2jjv-WodE7lGtM10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/y82bj7yPjubw2QDdXLWZ8xn_zjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/918a33-6766-4795-8573-aee698af68b7/1/jsH30FMGguG2jjv-WodE7lGtM10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.120.0/22
IPv6:
2a01:8be0::/29
Signature Algorithm: sha256WithRSAEncryption
d5:91:19:95:44:fa:b1:81:d4:cc:97:0f:5b:23:46:57:06:02:
d0:20:0e:59:ef:c4:50:61:74:83:f2:e4:7e:f4:bf:e3:d4:b5:
a2:05:38:f6:06:6f:27:26:a1:60:9d:d1:ec:f6:b7:bf:61:f1:
f4:10:84:8e:be:0d:ff:29:e2:8a:bf:ad:67:55:12:e4:18:30:
82:c7:25:67:c7:a7:3f:57:76:18:3a:8e:06:fd:83:f9:20:58:
ef:79:0f:48:a0:41:e8:ce:ed:5a:5c:55:03:91:5b:da:04:96:
5f:b2:81:e8:fe:2c:36:56:fc:e6:c5:1b:42:63:68:3f:01:df:
75:91:f6:d8:30:06:54:14:ab:5e:aa:a6:93:36:0f:63:ff:ab:
ab:19:b8:14:53:78:e6:be:cd:05:b8:30:2d:f7:c2:6e:37:0a:
5b:15:9d:7c:89:42:f5:06:ff:23:9f:b2:c0:28:97:e4:f9:18:
d4:a0:e6:e6:0f:bb:5e:93:bb:20:97:86:f0:a9:8b:3e:16:67:
84:d1:60:ae:2c:6a:78:d5:89:02:4f:d3:76:a5:a4:38:09:d6:
8a:4a:12:c5:b7:0c:61:9f:ca:3a:da:13:ef:3e:23:dd:c2:23:
67:b3:0a:17:e8:1e:f9:6c:e8:02:64:aa:92:01:a8:fa:a7:5f:
7a:54:10:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAVdoVHzn1KvpCcaelprRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzFmN2QwNTMwNjgyZTFiNjhlM2JmZTVhODc0NGVlNTFh
ZDMzNWQwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNkOWI4ZmJjOGY4ZWU2ZjBkOTAwZGQ1Y2I1OTlmMzE5ZmZjZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAkGEejmFNRRkQ/+W1nWifldLFoD
oWlNh1LxoQ0mw6TlrxcJlHqUw1Q3tu/Xudf0irVYdk0kC1pVHlzc8wWmdQP5pnxP
wRv43i7CWPjKx0m41CimQ9Zf2lMEF3CDrtnYN9YPC33e6xuwxvNAt/QiGvMl2b4Q
yJ7v5VWoEFAy/N7t+Q4ueBOdbJiD6bvNpXXOs4QwgA41zS6XtnVm8IyGWQ1H4oCq
bAAcdrRsKkHP1uTWFtBjX7QupEf1PiHvrfMdNUC51/5pknLJ/gR23Qx5kJ5Fwfdc
p39jlj3Y2g+dvJOJ/vTHennveVq213imfouVti5rr3V/spAZd8TYOrBB3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvNm4+8j47m8NkA3Vy1mfMZ/844MB8GA1UdIwQY
MBaAFI7B99BTBoLhto47/lqHRO5RrTNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNIMzBGTUdndUcyamp2LVdvZEU3bEd0TTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS85MThhMzMtNjc2Ni00Nzk1LTg1NzMt
YWVlNjk4YWY2OGI3LzEveTgyYmo3eVBqdWJ3MlFEZFhMV1o4eG5fempnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS85MThhMzMtNjc2Ni00Nzk1LTg1NzMtYWVlNjk4YWY2OGI3
LzEvanNIMzBGTUdndUcyamp2LVdvZEU3bEd0TTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS94MA0E
AgACMAcDBQMqAYvgMA0GCSqGSIb3DQEBCwUAA4IBAQDVkRmVRPqxgdTMlw9bI0ZX
BgLQIA5Z78RQYXSD8uR+9L/j1LWiBTj2Bm8nJqFgndHs9re/YfH0EISOvg3/KeKK
v61nVRLkGDCCxyVnx6c/V3YYOo4G/YP5IFjveQ9IoEHozu1aXFUDkVvaBJZfsoHo
/iw2VvzmxRtCY2g/Ad91kfbYMAZUFKteqqaTNg9j/6urGbgUU3jmvs0FuDAt98Ju
NwpbFZ18iUL1Bv8jn7LAKJfk+RjUoObmD7tek7sgl4bwqYs+FmeE0WCuLGp41YkC
T9N2paQ4CdaKShLFtwxhn8o62hPvPiPdwiNnswoX6B75bOgCZKqSAaj6p196VBBO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:20 2025 by rpki-client