Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YG4qKl1eCEc_OeZLlx08UH0ygv0.roa
File: YG4qKl1eCEc_OeZLlx08UH0ygv0.roa (raw, json)
Hash identifier: iw4gYmtjlOw6gboNh0/06hcgp8x5XkNqO2DUw/Z6V2Y=
Subject key identifier: 60:6E:2A:2A:5D:5E:08:47:3F:39:E6:4B:97:1D:3C:50:7D:32:82:FD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01862BE418E4B0CA194FFA16E6D56590B446
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YG4qKl1eCEc_OeZLlx08UH0ygv0.roa
Signing time: Tue 07 Feb 2023 12:40:14 +0000
ROA not before: Tue 07 Feb 2023 12:40:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 185.217.119.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Mar 2023 05:52:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2b:e4:18:e4:b0:ca:19:4f:fa:16:e6:d5:65:90:b4:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 7 12:40:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=606e2a2a5d5e08473f39e64b971d3c507d3282fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:33:f8:76:f6:fb:db:7d:a7:9b:13:03:d1:eb:
d8:73:10:6a:e3:e0:08:0f:3d:c7:aa:13:74:95:cb:
9b:24:5d:0f:ca:ee:4c:aa:88:20:a0:96:4b:45:93:
8d:f7:2c:0e:7f:40:20:bd:c7:f8:89:f5:5d:59:26:
f3:ba:ac:42:43:1d:ac:3a:86:8f:16:84:9a:2f:c3:
c7:83:86:6b:e7:79:b2:75:84:14:90:5d:c5:20:14:
9a:6c:39:8b:e1:6d:21:24:ee:c2:e6:6a:22:16:29:
47:73:ac:23:0a:83:b7:b2:09:6a:54:d7:4f:1a:b5:
d5:54:a9:25:0c:5f:42:80:92:9d:0c:14:5e:14:43:
b2:bb:1f:90:56:1f:be:d8:7b:75:fe:70:fe:95:58:
82:7c:2d:73:51:cd:db:c5:95:dd:87:86:e4:54:ba:
d0:00:ab:48:67:27:32:42:4d:b5:45:0c:fe:4b:d7:
f3:ff:70:b1:25:76:1d:aa:83:b0:96:95:7a:00:81:
d2:a9:db:34:ca:31:a5:2b:ab:7b:42:50:e7:8f:f3:
d1:87:13:84:64:e9:b4:b3:c7:b0:21:82:5c:36:69:
6d:41:00:9f:75:19:de:4d:c9:6e:22:94:93:b0:f8:
cc:59:ec:85:2c:04:bb:6c:8c:23:ef:0c:eb:d3:bb:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6E:2A:2A:5D:5E:08:47:3F:39:E6:4B:97:1D:3C:50:7D:32:82:FD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YG4qKl1eCEc_OeZLlx08UH0ygv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.150.0/24
185.217.119.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6e:7a:eb:b1:39:6c:6a:0e:b0:01:23:80:82:7a:f3:07:ab:
60:ea:14:87:8f:bd:07:c3:c3:a6:0b:4f:7e:10:bd:2e:37:65:
8b:49:04:2a:41:f3:e6:9d:c8:8b:a9:50:ad:1a:9a:9b:7e:2c:
8e:a7:00:3c:cc:15:ce:e2:62:e1:4e:4c:9a:71:ba:d9:c6:61:
2d:f9:b9:63:6d:24:63:b7:79:57:dc:b1:92:90:80:37:b3:18:
d9:7c:78:34:d2:79:3b:61:ea:5c:0c:77:92:cc:51:6a:98:95:
e2:4b:fa:02:3b:10:69:54:a9:54:18:6e:e4:f3:db:e8:f2:8e:
69:a3:8b:00:66:06:11:a7:28:da:8c:a1:9b:0a:3f:8f:2a:5e:
a3:0f:97:9c:2e:5c:ad:da:c2:42:10:27:45:42:9d:82:b9:83:
35:b8:5d:5c:45:3d:57:38:ad:5c:11:59:89:f3:5d:64:11:49:
eb:f9:dc:a6:23:87:43:fc:a7:09:29:7c:5a:29:10:5c:b4:41:
cf:df:2d:76:01:b2:f9:01:cc:ef:f5:24:10:b2:30:db:79:eb:
d4:41:f1:c1:eb:f1:7c:4e:ce:39:1b:d5:ec:8e:1a:61:6c:99:
fb:3e:5c:92:0b:2d:49:09:ac:40:ec:b6:63:7f:9a:02:e1:73:
c0:df:57:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYr5BjksMoZT/oW5tVlkLRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MTI0MDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZlMmEyYTVkNWUwODQ3M2YzOWU2NGI5NzFkM2M1MDdkMzI4MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TP4dvb7232nmxMD0evYcxBq4+AI
Dz3HqhN0lcubJF0Pyu5MqoggoJZLRZON9ywOf0Agvcf4ifVdWSbzuqxCQx2sOoaP
FoSaL8PHg4Zr53mydYQUkF3FIBSabDmL4W0hJO7C5moiFilHc6wjCoO3sglqVNdP
GrXVVKklDF9CgJKdDBReFEOyux+QVh++2Ht1/nD+lViCfC1zUc3bxZXdh4bkVLrQ
AKtIZycyQk21RQz+S9fz/3CxJXYdqoOwlpV6AIHSqds0yjGlK6t7QlDnj/PRhxOE
ZOm0s8ewIYJcNmltQQCfdRneTcluIpSTsPjMWeyFLAS7bIwj7wzr07s6AwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGBuKipdXghHPznmS5cdPFB9MoL9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWUc0cUtsMWVDRWNfT2VaTGx4MDhVSDB5Z3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/eWAwQA
udl3MA0GCSqGSIb3DQEBCwUAA4IBAQBUbnrrsTlsag6wASOAgnrzB6tg6hSHj70H
w8OmC09+EL0uN2WLSQQqQfPmnciLqVCtGpqbfiyOpwA8zBXO4mLhTkyacbrZxmEt
+bljbSRjt3lX3LGSkIA3sxjZfHg00nk7YepcDHeSzFFqmJXiS/oCOxBpVKlUGG7k
89vo8o5po4sAZgYRpyjajKGbCj+PKl6jD5ecLlyt2sJCECdFQp2CuYM1uF1cRT1X
OK1cEVmJ811kEUnr+dymI4dD/KcJKXxaKRBctEHP3y12AbL5Aczv9SQQsjDbeevU
QfHB6/F8Ts45G9XsjhphbJn7PlySCy1JCaxA7LZjf5oC4XPA31fB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org