Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8a6b6e-9bb7-45fc-97be-22b8498b515b/1/YIFBTXtJntOw7_a0_WX5xAWkab0.roa
File: YIFBTXtJntOw7_a0_WX5xAWkab0.roa (raw, json)
Hash identifier: 05JVma4CsFK5EBr120yEc1/kpLwQJQay+hLqzIabmX4=
Subject key identifier: 60:81:41:4D:7B:49:9E:D3:B0:EF:F6:B4:FD:65:F9:C4:05:A4:69:BD
Certificate issuer: /CN=e7d3e463f11ccad055d1662e008c2a94f42de9de
Certificate serial: 01856DE6570EEE4280B023A8F7178BDDE672
Authority key identifier: E7:D3:E4:63:F1:1C:CA:D0:55:D1:66:2E:00:8C:2A:94:F4:2D:E9:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59PkY_EcytBV0WYuAIwqlPQt6d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8a6b6e-9bb7-45fc-97be-22b8498b515b/1/YIFBTXtJntOw7_a0_WX5xAWkab0.roa
Signing time: Sun 01 Jan 2023 15:14:50 +0000
ROA not before: Sun 01 Jan 2023 15:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47195
IP address blocks: 79.110.80.0/20 maxlen: 24
194.187.16.0/22 maxlen: 24
2001:67c:31c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:57:0e:ee:42:80:b0:23:a8:f7:17:8b:dd:e6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d3e463f11ccad055d1662e008c2a94f42de9de
Validity
Not Before: Jan 1 15:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6081414d7b499ed3b0eff6b4fd65f9c405a469bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:aa:80:a9:2c:21:7c:52:06:54:98:eb:82:8b:
bc:1c:85:8f:5e:b0:61:f7:cf:00:e2:e1:1b:06:83:
28:64:00:5b:82:7f:09:9f:b1:34:b4:63:94:a4:81:
0f:94:7f:b3:8a:61:6b:8b:d3:62:1d:e1:f4:e6:96:
c4:ec:26:af:48:ad:02:fa:c5:95:36:54:4e:55:09:
a4:09:00:5a:37:1d:20:dc:9d:c0:32:3f:79:19:46:
a7:22:83:cd:81:45:1f:82:3a:67:04:fd:95:1e:9b:
ab:ec:b0:df:e3:1e:c8:6e:6a:b8:ab:fc:78:e6:2b:
9e:32:56:c6:5a:a3:4c:fc:d9:a4:7e:e8:8f:d0:8a:
7b:5f:9d:b5:c2:37:b9:41:80:8d:d4:6e:4e:b8:b2:
3e:0c:fa:a9:1e:37:a3:06:92:8b:28:06:51:bc:d3:
b2:40:71:27:05:06:dc:4d:db:53:2e:22:eb:81:fd:
5d:81:67:e1:70:76:71:da:ba:96:1a:11:20:35:f1:
b3:ff:2e:fd:cc:fc:92:69:dd:5c:d4:a8:00:a2:e8:
fe:ab:d1:56:d8:ef:20:a4:12:e5:f9:09:60:e8:d6:
b3:ab:0d:3d:da:ff:27:88:73:40:b5:00:cc:83:10:
b1:a9:b1:2f:1b:f2:13:6a:09:74:49:d7:53:f3:57:
44:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:81:41:4D:7B:49:9E:D3:B0:EF:F6:B4:FD:65:F9:C4:05:A4:69:BD
X509v3 Authority Key Identifier:
keyid:E7:D3:E4:63:F1:1C:CA:D0:55:D1:66:2E:00:8C:2A:94:F4:2D:E9:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59PkY_EcytBV0WYuAIwqlPQt6d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8a6b6e-9bb7-45fc-97be-22b8498b515b/1/YIFBTXtJntOw7_a0_WX5xAWkab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8a6b6e-9bb7-45fc-97be-22b8498b515b/1/59PkY_EcytBV0WYuAIwqlPQt6d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.80.0/20
194.187.16.0/22
IPv6:
2001:67c:31c::/48
Signature Algorithm: sha256WithRSAEncryption
96:4c:1d:01:0d:34:8d:0d:6c:7c:70:25:72:db:c0:3c:7a:39:
7b:86:b4:8b:39:3c:23:f9:89:56:d2:1e:5c:10:bb:9b:cf:91:
05:83:5d:9a:fc:53:99:4f:95:0d:33:16:46:ed:21:f5:48:9f:
21:44:d4:4b:87:b0:b9:63:a7:30:ef:0e:fe:bc:60:d6:e1:64:
4f:85:d5:a2:b5:79:5b:25:71:69:c5:03:81:56:8f:66:9a:11:
85:2b:72:11:8f:1b:f7:1a:b7:d0:2b:75:07:d9:30:74:2e:67:
eb:51:12:05:6d:4c:43:40:46:1d:49:53:ea:47:5d:9a:fb:dc:
50:ab:59:23:62:3e:9b:77:40:17:8e:65:4f:01:6e:e4:07:9f:
28:a7:9f:06:13:d9:86:77:6b:7f:8f:df:6c:3c:59:7d:96:52:
a6:10:9d:b3:88:f2:78:96:af:d8:d2:d8:8f:3e:7a:d6:fa:a7:
04:d3:71:56:bf:a6:a3:16:04:ab:ff:9c:8e:6f:c6:2c:60:29:
d7:bc:74:46:50:1a:f0:42:66:0b:ae:1c:9b:a4:67:e5:32:7f:
11:00:d5:eb:e5:39:b9:c0:94:ff:be:ae:14:48:fd:99:1b:25:
fc:2f:ab:be:65:b9:be:d9:b7:eb:32:db:5a:4a:ee:b5:93:cc:
00:da:19:c8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVt5lcO7kKAsCOo9xeL3eZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDNlNDYzZjExY2NhZDA1NWQxNjYyZTAwOGMyYTk0ZjQy
ZGU5ZGUwHhcNMjMwMTAxMTUxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgxNDE0ZDdiNDk5ZWQzYjBlZmY2YjRmZDY1ZjljNDA1YTQ2OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKqAqSwhfFIGVJjrgou8HIWPXrBh
988A4uEbBoMoZABbgn8Jn7E0tGOUpIEPlH+zimFri9NiHeH05pbE7CavSK0C+sWV
NlROVQmkCQBaNx0g3J3AMj95GUanIoPNgUUfgjpnBP2VHpur7LDf4x7Ibmq4q/x4
5iueMlbGWqNM/NmkfuiP0Ip7X521wje5QYCN1G5OuLI+DPqpHjejBpKLKAZRvNOy
QHEnBQbcTdtTLiLrgf1dgWfhcHZx2rqWGhEgNfGz/y79zPySad1c1KgAouj+q9FW
2O8gpBLl+Qlg6Nazqw092v8niHNAtQDMgxCxqbEvG/ITagl0SddT81dEfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGCBQU17SZ7TsO/2tP1l+cQFpGm9MB8GA1UdIwQY
MBaAFOfT5GPxHMrQVdFmLgCMKpT0LeneMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTlQa1lfRWN5dEJWMFdZdUFJd3FsUFF0NmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84YTZiNmUtOWJiNy00NWZjLTk3YmUt
MjJiODQ5OGI1MTViLzEvWUlGQlRYdEpudE93N19hMF9XWDV4QVdrYWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84YTZiNmUtOWJiNy00NWZjLTk3YmUtMjJiODQ5OGI1MTVi
LzEvNTlQa1lfRWN5dEJWMFdZdUFJd3FsUFF0NmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQET25QAwQC
wrsQMA8EAgACMAkDBwAgAQZ8AxwwDQYJKoZIhvcNAQELBQADggEBAJZMHQENNI0N
bHxwJXLbwDx6OXuGtIs5PCP5iVbSHlwQu5vPkQWDXZr8U5lPlQ0zFkbtIfVInyFE
1EuHsLljpzDvDv68YNbhZE+F1aK1eVslcWnFA4FWj2aaEYUrchGPG/cat9ArdQfZ
MHQuZ+tREgVtTENARh1JU+pHXZr73FCrWSNiPpt3QBeOZU8BbuQHnyinnwYT2YZ3
a3+P32w8WX2WUqYQnbOI8niWr9jS2I8+etb6pwTTcVa/pqMWBKv/nI5vxixgKde8
dEZQGvBCZguuHJukZ+UyfxEA1evlObnAlP++rhRI/ZkbJfwvq75lub7Zt+sy21pK
7rWTzADaGcg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:37 2024 by rpki-client on console-fra.rpki-client.org