Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/yqb6_lmpx5jQI3iIKZnOpPYaXWY.roa
File: yqb6_lmpx5jQI3iIKZnOpPYaXWY.roa (raw, json)
Hash identifier: +cGwIRVMw6Wp4Dr3L9AHDC2XC2BIVa2zGPl3XTcqy7A=
Subject key identifier: CA:A6:FA:FE:59:A9:C7:98:D0:23:78:88:29:99:CE:A4:F6:1A:5D:66
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0185B9F4732A72DBE9745C372716ECD31069
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/yqb6_lmpx5jQI3iIKZnOpPYaXWY.roa
Signing time: Mon 16 Jan 2023 09:41:23 +0000
ROA not before: Mon 16 Jan 2023 09:41:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 88.210.36.0/23 maxlen: 24
185.140.210.0/24 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b9:f4:73:2a:72:db:e9:74:5c:37:27:16:ec:d3:10:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 16 09:41:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caa6fafe59a9c798d02378882999cea4f61a5d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:71:0d:10:f9:ee:34:eb:e8:d6:dc:b2:49:73:
ce:09:c8:59:79:bc:ca:16:05:ee:44:71:4f:fa:fe:
5c:72:73:07:29:8c:ce:8d:e9:51:51:b0:07:74:a4:
65:d0:46:6a:0f:49:08:ee:47:88:36:a3:b0:fc:c0:
f4:70:5e:99:cd:2f:de:a8:08:4c:ba:d9:56:92:ce:
b0:8c:56:9a:33:a4:7c:18:70:8e:b2:72:48:38:00:
9c:55:d0:65:24:ca:8d:f1:58:b3:f6:8a:44:67:4d:
21:7e:f1:49:0f:24:b5:57:f2:b3:4a:0f:d3:96:54:
65:c2:00:84:59:01:ef:2d:c8:44:03:27:9e:73:97:
7f:3d:f4:67:63:b1:45:79:54:2c:01:78:28:b9:1f:
86:93:81:ee:84:bf:57:c7:71:8a:1b:4f:be:05:43:
31:22:b4:59:32:6d:13:ca:06:bd:ce:6f:01:1e:0e:
5b:d8:bc:dc:4c:13:0f:cd:d6:46:b5:a7:ce:83:a1:
14:81:b4:56:73:b5:0c:ba:03:a0:fd:af:00:0d:de:
8d:cd:26:85:fe:25:36:77:4b:45:2c:7d:77:04:aa:
e9:e4:d8:c9:2d:91:3a:a0:01:0f:aa:7e:4b:4f:b6:
8e:ee:f0:5e:8e:17:c2:a7:c5:ca:61:e2:e2:46:44:
60:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A6:FA:FE:59:A9:C7:98:D0:23:78:88:29:99:CE:A4:F6:1A:5D:66
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/yqb6_lmpx5jQI3iIKZnOpPYaXWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.210.36.0/23
185.140.210.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
b7:53:8b:38:04:6e:ed:e6:bc:ba:12:87:c8:b2:e2:21:7a:d9:
4a:2b:fd:a7:93:ec:fe:d8:8b:09:ba:e3:b9:ec:36:fc:19:fb:
e5:cb:87:86:ae:74:ea:ba:68:4b:4a:4b:51:cd:ca:d3:9c:29:
61:87:b8:ea:41:ac:3d:17:a7:84:9d:ec:e9:c8:ad:be:83:5b:
b1:49:1f:9b:7a:aa:d1:a7:16:1a:70:6d:4e:3e:9f:4c:e8:9b:
0d:9d:0c:79:b7:bc:73:26:a9:4b:ce:69:63:3a:77:83:56:85:
8a:97:3e:79:15:2e:25:6e:7a:af:f7:1f:cd:a2:cf:f6:fb:11:
66:d3:a0:e1:46:c9:55:48:6d:76:3c:90:c1:a9:85:88:d2:23:
c0:4e:30:69:4d:6e:9e:73:a5:3a:81:a6:74:a0:74:b3:d1:33:
71:9b:ce:17:e9:46:fc:da:cf:ec:1a:23:9d:68:98:c3:6e:49:
e2:ac:f7:28:b1:b9:8e:db:25:4d:e9:5b:ad:70:36:af:70:23:
3f:24:90:bd:40:08:79:18:cc:d3:f2:d0:4a:d1:57:d2:50:02:
de:0b:80:3f:26:48:6f:46:c2:61:9a:77:b1:06:20:89:05:04:
c1:12:ac:73:3c:39:b5:68:2c:1d:80:fd:d4:0a:65:c1:7c:28:
02:13:df:f6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYW59HMqctvpdFw3Jxbs0xBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwMTE2MDk0MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE2ZmFmZTU5YTljNzk4ZDAyMzc4ODgyOTk5Y2VhNGY2MWE1ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHENEPnuNOvo1tyySXPOCchZebzK
FgXuRHFP+v5ccnMHKYzOjelRUbAHdKRl0EZqD0kI7keINqOw/MD0cF6ZzS/eqAhM
utlWks6wjFaaM6R8GHCOsnJIOACcVdBlJMqN8Viz9opEZ00hfvFJDyS1V/KzSg/T
llRlwgCEWQHvLchEAyeec5d/PfRnY7FFeVQsAXgouR+Gk4HuhL9Xx3GKG0++BUMx
IrRZMm0Tyga9zm8BHg5b2LzcTBMPzdZGtafOg6EUgbRWc7UMugOg/a8ADd6NzSaF
/iU2d0tFLH13BKrp5NjJLZE6oAEPqn5LT7aO7vBejhfCp8XKYeLiRkRgiwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMqm+v5ZqceY0CN4iCmZzqT2Gl1mMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEveXFiNl9sbXB4NWpRSTNpSUtabk9wUFlhWFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDASBAIAATAMAwQBWNIkAwQA
uYzSMCYEAgACMCADBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkq
hkiG9w0BAQsFAAOCAQEAt1OLOARu7ea8uhKHyLLiIXrZSiv9p5Ps/tiLCbrjuew2
/Bn75cuHhq506rpoS0pLUc3K05wpYYe46kGsPRenhJ3s6citvoNbsUkfm3qq0acW
GnBtTj6fTOibDZ0Mebe8cyapS85pYzp3g1aFipc+eRUuJW56r/cfzaLP9vsRZtOg
4UbJVUhtdjyQwamFiNIjwE4waU1unnOlOoGmdKB0s9EzcZvOF+lG/NrP7BojnWiY
w25J4qz3KLG5jtslTelbrXA2r3AjPySQvUAIeRjM0/LQStFX0lAC3guAPyZIb0bC
YZp3sQYgiQUEwRKsczw5tWgsHYD91AplwXwoAhPf9g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org