Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6db2f6-e87b-4e1c-82c7-e78553a037bd/1/y5TTn3rmUc8ddgZqDlNce0QIXyg.roa
File: y5TTn3rmUc8ddgZqDlNce0QIXyg.roa (raw, json)
Hash identifier: tNrCVFxjAhdtk6aScIBbAQCHFITmhi+nYTke41eQJ0U=
Subject key identifier: CB:94:D3:9F:7A:E6:51:CF:1D:76:06:6A:0E:53:5C:7B:44:08:5F:28
Certificate issuer: /CN=75889bda54f8857da4290c6779bc00611e73e212
Certificate serial: 018572E8026E4F78F10861BDB74E36D0A72D
Authority key identifier: 75:88:9B:DA:54:F8:85:7D:A4:29:0C:67:79:BC:00:61:1E:73:E2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYib2lT4hX2kKQxnebwAYR5z4hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6db2f6-e87b-4e1c-82c7-e78553a037bd/1/y5TTn3rmUc8ddgZqDlNce0QIXyg.roa
Signing time: Mon 02 Jan 2023 14:34:45 +0000
ROA not before: Mon 02 Jan 2023 14:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44543
IP address blocks: 185.81.41.0/24 maxlen: 24
185.81.40.0/24 maxlen: 24
185.81.43.0/24 maxlen: 24
185.81.42.0/24 maxlen: 24
185.238.95.0/24 maxlen: 24
185.238.94.0/24 maxlen: 24
185.238.93.0/24 maxlen: 24
2a05:8540::/29 maxlen: 29
2a0c:3880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:02:6e:4f:78:f1:08:61:bd:b7:4e:36:d0:a7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75889bda54f8857da4290c6779bc00611e73e212
Validity
Not Before: Jan 2 14:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb94d39f7ae651cf1d76066a0e535c7b44085f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:a9:04:65:4f:85:b0:a5:fb:73:8c:b0:81:
cf:f0:4d:51:1c:83:f2:d4:52:25:4e:71:85:c4:ae:
3b:71:3b:c1:b4:fa:55:10:3b:37:41:c8:6d:4d:83:
0f:3d:94:9d:d3:e9:0d:70:3a:7b:2c:d5:bc:b4:66:
42:83:b5:e2:4a:f1:d2:b6:2a:1d:f1:d6:71:8f:b2:
dc:c9:6b:df:41:85:84:2b:e2:08:58:a5:38:5f:1a:
d4:49:31:57:40:7a:d7:c9:b8:db:70:41:c2:08:e3:
fd:86:bb:18:80:91:e9:d1:0e:2c:fc:88:4b:75:de:
1b:6c:bd:f7:18:a3:37:a8:23:9e:11:ac:17:28:1c:
32:12:a6:fb:f1:d0:80:34:94:00:1f:e2:c3:fd:5e:
0d:0e:36:8b:a8:11:16:14:e2:ca:82:ea:98:60:f2:
6e:bd:0f:bc:1f:51:41:50:af:f6:3e:4a:49:fb:09:
7e:08:cb:5c:a9:fd:0f:07:51:bd:a7:2f:2b:80:ec:
37:74:a0:2c:1b:1b:07:95:89:7e:25:d4:d8:c9:0b:
f0:de:46:dc:5b:71:7d:c2:1d:19:2b:54:49:e0:8a:
b0:56:85:ad:e7:aa:2f:9d:bb:5e:da:da:e5:4b:f0:
cb:ba:30:76:7e:65:ae:c8:51:a7:1e:34:1d:6d:46:
93:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:94:D3:9F:7A:E6:51:CF:1D:76:06:6A:0E:53:5C:7B:44:08:5F:28
X509v3 Authority Key Identifier:
keyid:75:88:9B:DA:54:F8:85:7D:A4:29:0C:67:79:BC:00:61:1E:73:E2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYib2lT4hX2kKQxnebwAYR5z4hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6db2f6-e87b-4e1c-82c7-e78553a037bd/1/y5TTn3rmUc8ddgZqDlNce0QIXyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6db2f6-e87b-4e1c-82c7-e78553a037bd/1/dYib2lT4hX2kKQxnebwAYR5z4hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.40.0/22
185.238.93.0-185.238.95.255
IPv6:
2a05:8540::/29
2a0c:3880::/29
Signature Algorithm: sha256WithRSAEncryption
5b:da:f8:2b:10:10:a2:49:6f:83:3d:bb:40:13:63:b1:ee:c0:
3f:a7:34:62:77:35:a2:37:c3:ec:0e:83:94:0c:91:8a:cf:10:
ea:d5:5b:db:6e:b1:99:16:af:86:b5:a5:6f:6b:7b:9c:80:d5:
82:fa:47:c8:be:4c:0c:77:29:97:9e:55:22:dc:ae:fe:25:0f:
6b:de:04:f4:5d:9b:d6:26:63:73:cd:00:97:b9:d8:6b:82:ca:
23:cd:b8:8d:a7:43:2b:bb:a6:53:2a:3b:d6:59:cd:6f:8f:0c:
35:a6:83:41:95:8d:f1:d0:80:c8:0c:cf:0a:96:59:65:a7:c1:
e0:8e:2a:ee:58:47:d3:c6:13:c1:5e:41:d4:01:be:e0:bf:98:
f4:80:66:6b:4d:79:8d:41:aa:69:60:61:f9:f2:c6:07:9b:8c:
bb:5a:39:f7:a0:4e:69:be:b4:9d:aa:05:9d:ba:fd:d2:de:82:
6f:b6:e7:c6:26:ed:2d:9c:82:3b:84:9a:47:b4:f1:41:56:b1:
59:ae:3e:94:7c:d9:91:0f:97:73:08:89:75:b4:b5:b5:de:5b:
3d:25:e6:c1:b7:c2:23:72:ec:56:fa:2e:ae:ae:c5:39:f6:cf:
b2:46:73:63:df:12:48:d2:da:fa:9b:10:f6:15:38:3c:74:b8:
3a:79:9b:18
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVy6AJuT3jxCGG9t0420KctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ODg5YmRhNTRmODg1N2RhNDI5MGM2Nzc5YmMwMDYxMWU3
M2UyMTIwHhcNMjMwMTAyMTQzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk0ZDM5ZjdhZTY1MWNmMWQ3NjA2NmEwZTUzNWM3YjQ0MDg1ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho2pBGVPhbCl+3OMsIHP8E1RHIPy
1FIlTnGFxK47cTvBtPpVEDs3QchtTYMPPZSd0+kNcDp7LNW8tGZCg7XiSvHStiod
8dZxj7LcyWvfQYWEK+IIWKU4XxrUSTFXQHrXybjbcEHCCOP9hrsYgJHp0Q4s/IhL
dd4bbL33GKM3qCOeEawXKBwyEqb78dCANJQAH+LD/V4NDjaLqBEWFOLKguqYYPJu
vQ+8H1FBUK/2PkpJ+wl+CMtcqf0PB1G9py8rgOw3dKAsGxsHlYl+JdTYyQvw3kbc
W3F9wh0ZK1RJ4IqwVoWt56ovnbte2trlS/DLujB2fmWuyFGnHjQdbUaTCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMuU05965lHPHXYGag5TXHtECF8oMB8GA1UdIwQY
MBaAFHWIm9pU+IV9pCkMZ3m8AGEec+ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFlpYjJsVDRoWDJrS1F4bmVid0FZUjV6NGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82ZGIyZjYtZTg3Yi00ZTFjLTgyYzct
ZTc4NTUzYTAzN2JkLzEveTVUVG4zcm1VYzhkZGdacURsTmNlMFFJWHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82ZGIyZjYtZTg3Yi00ZTFjLTgyYzctZTc4NTUzYTAzN2Jk
LzEvZFlpYjJsVDRoWDJrS1F4bmVid0FZUjV6NGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUAwQCuVEoMAwD
BAC57l0DBAW57kAwFAQCAAIwDgMFAyoFhUADBQMqDDiAMA0GCSqGSIb3DQEBCwUA
A4IBAQBb2vgrEBCiSW+DPbtAE2Ox7sA/pzRidzWiN8PsDoOUDJGKzxDq1VvbbrGZ
Fq+GtaVva3ucgNWC+kfIvkwMdymXnlUi3K7+JQ9r3gT0XZvWJmNzzQCXudhrgsoj
zbiNp0Mru6ZTKjvWWc1vjww1poNBlY3x0IDIDM8Kllllp8HgjiruWEfTxhPBXkHU
Ab7gv5j0gGZrTXmNQappYGH58sYHm4y7Wjn3oE5pvrSdqgWduv3S3oJvtufGJu0t
nII7hJpHtPFBVrFZrj6UfNmRD5dzCIl1tLW13ls9JebBt8IjcuxW+i6ursU59s+y
RnNj3xJI0tr6mxD2FTg8dLg6eZsY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org