Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/126c9e-4fa7-49d4-928c-9107c912d7d8/1/yJ1POFP1qu4pfnx80Dt0Q9SQP9U.roa
File: yJ1POFP1qu4pfnx80Dt0Q9SQP9U.roa (raw, json)
Hash identifier: JyVmBxfqb+8GW6q4MuM0oL1T6bAurtii8zKnCtqUB1c=
Subject key identifier: C8:9D:4F:38:53:F5:AA:EE:29:7E:7C:7C:D0:3B:74:43:D4:90:3F:D5
Certificate issuer: /CN=f256a9edb2d9ade204d82313cce98b6623a9d8ac
Certificate serial: 01856E1D360B84B4462FDC559F588A7E8E27
Authority key identifier: F2:56:A9:ED:B2:D9:AD:E2:04:D8:23:13:CC:E9:8B:66:23:A9:D8:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8lap7bLZreIE2CMTzOmLZiOp2Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/126c9e-4fa7-49d4-928c-9107c912d7d8/1/yJ1POFP1qu4pfnx80Dt0Q9SQP9U.roa
Signing time: Sun 01 Jan 2023 16:14:46 +0000
ROA not before: Sun 01 Jan 2023 16:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61053
IP address blocks: 185.169.140.0/22 maxlen: 22
94.176.188.0/24 maxlen: 24
94.176.189.0/24 maxlen: 24
185.172.159.0/24 maxlen: 24
185.172.158.0/24 maxlen: 24
185.172.157.0/24 maxlen: 24
185.172.156.0/24 maxlen: 24
93.115.11.0/24 maxlen: 24
185.80.128.0/22 maxlen: 22
185.34.52.0/22 maxlen: 22
185.111.180.0/24 maxlen: 24
91.225.104.0/22 maxlen: 22
185.111.183.0/24 maxlen: 24
185.111.182.0/24 maxlen: 24
185.111.181.0/24 maxlen: 24
91.211.244.0/22 maxlen: 22
2a05:7cc4::/32 maxlen: 32
2a05:7cc0::/32 maxlen: 32
2a05:7cc3::/32 maxlen: 32
2a05:7cc5::/32 maxlen: 32
2a05:7cc2::/32 maxlen: 32
2a05:7cc6::/32 maxlen: 32
2a05:7cc7::/32 maxlen: 32
2a05:7cc1::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:36:0b:84:b4:46:2f:dc:55:9f:58:8a:7e:8e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f256a9edb2d9ade204d82313cce98b6623a9d8ac
Validity
Not Before: Jan 1 16:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c89d4f3853f5aaee297e7c7cd03b7443d4903fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a2:5c:5a:03:28:26:21:49:96:93:7f:5f:22:
dd:89:51:a7:fa:7d:ce:af:a1:e9:b9:72:dd:d5:7f:
61:b8:0f:7b:e0:6e:1c:cb:e2:a3:30:54:c0:24:08:
24:ce:04:d3:7b:fe:8d:e3:45:96:e0:4f:bf:e7:30:
03:7d:c5:69:45:39:72:b6:44:5f:02:0e:59:31:06:
53:c0:fa:75:b5:1e:4a:97:c4:2b:54:04:1e:f4:ee:
2e:17:2c:bf:d7:d4:61:d9:54:39:56:20:99:eb:7c:
85:f0:12:45:3c:24:20:45:ea:ed:c1:2d:95:e0:b1:
28:8a:ad:53:61:0b:6d:4e:72:05:8c:78:13:cf:38:
3c:ab:ab:f9:ac:5a:6f:90:3b:e5:f9:f7:19:37:1c:
cb:a6:19:ea:21:de:42:36:79:dd:1d:fc:e8:3c:1c:
cd:ec:5a:05:a8:1d:e5:b1:1c:07:89:4f:ef:6f:fb:
97:2b:3f:13:d9:8f:e9:92:50:5d:4d:11:f8:d8:3c:
3e:34:7b:ec:d3:f1:91:87:3c:5f:19:1e:51:f2:61:
d4:97:be:68:f9:2f:a3:c1:b3:ab:b2:29:d8:15:5b:
57:ce:f5:14:00:74:05:18:5c:da:90:2f:67:28:cd:
b4:7a:b7:d5:29:4e:52:ab:c9:05:f1:31:06:d2:54:
73:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9D:4F:38:53:F5:AA:EE:29:7E:7C:7C:D0:3B:74:43:D4:90:3F:D5
X509v3 Authority Key Identifier:
keyid:F2:56:A9:ED:B2:D9:AD:E2:04:D8:23:13:CC:E9:8B:66:23:A9:D8:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8lap7bLZreIE2CMTzOmLZiOp2Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/126c9e-4fa7-49d4-928c-9107c912d7d8/1/yJ1POFP1qu4pfnx80Dt0Q9SQP9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/126c9e-4fa7-49d4-928c-9107c912d7d8/1/8lap7bLZreIE2CMTzOmLZiOp2Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.244.0/22
91.225.104.0/22
93.115.11.0/24
94.176.188.0/23
185.34.52.0/22
185.80.128.0/22
185.111.180.0/22
185.169.140.0/22
185.172.156.0/22
IPv6:
2a05:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:1c:a9:e0:99:b5:b3:d1:0c:53:7a:1e:d9:7b:5b:77:c2:cd:
4b:ce:d9:c4:b2:19:fb:d3:bb:0f:29:d7:87:3d:24:4a:5d:7d:
6a:4a:cb:08:53:b1:0d:b9:b5:70:e3:a0:06:bf:66:8f:04:95:
e9:8c:92:12:51:c9:4d:0b:6a:72:6e:9d:c3:3f:21:83:c1:51:
88:fc:86:4e:75:ea:9c:d5:6a:2c:36:66:bc:45:c9:a2:d3:c1:
e8:5e:21:76:ce:27:d7:4a:44:ab:4e:52:b9:98:36:14:17:01:
fa:35:b5:47:3a:37:ef:43:7e:54:c9:82:f3:a1:7d:ed:a9:3d:
dc:af:49:50:06:9e:04:3a:62:fd:0b:48:d9:dc:9b:f2:c7:8c:
21:a4:1a:e4:c6:b4:b1:19:dd:5a:e1:84:ce:d2:ae:20:bc:ff:
fc:27:4b:21:3b:0b:c2:a3:7e:2d:50:8f:15:33:fa:dd:26:8f:
68:17:e8:a9:32:1c:70:a9:5b:dd:46:b2:77:19:43:46:90:8a:
32:9b:99:bd:85:a8:ab:02:80:21:bb:a2:c1:fe:f3:b9:61:e3:
0b:7f:f7:48:50:b2:fb:12:7a:f5:42:bc:85:02:52:03:8b:ca:
a8:9b:70:ea:8f:3f:40:20:a9:5f:a1:a7:23:85:d9:1e:96:43:
51:17:ed:3f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVuHTYLhLRGL9xVn1iKfo4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNTZhOWVkYjJkOWFkZTIwNGQ4MjMxM2NjZTk4YjY2MjNh
OWQ4YWMwHhcNMjMwMTAxMTYxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODlkNGYzODUzZjVhYWVlMjk3ZTdjN2NkMDNiNzQ0M2Q0OTAzZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKJcWgMoJiFJlpN/XyLdiVGn+n3O
r6HpuXLd1X9huA974G4cy+KjMFTAJAgkzgTTe/6N40WW4E+/5zADfcVpRTlytkRf
Ag5ZMQZTwPp1tR5Kl8QrVAQe9O4uFyy/19Rh2VQ5ViCZ63yF8BJFPCQgRertwS2V
4LEoiq1TYQttTnIFjHgTzzg8q6v5rFpvkDvl+fcZNxzLphnqId5CNnndHfzoPBzN
7FoFqB3lsRwHiU/vb/uXKz8T2Y/pklBdTRH42Dw+NHvs0/GRhzxfGR5R8mHUl75o
+S+jwbOrsinYFVtXzvUUAHQFGFzakC9nKM20erfVKU5Sq8kF8TEG0lRzOQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMidTzhT9aruKX58fNA7dEPUkD/VMB8GA1UdIwQY
MBaAFPJWqe2y2a3iBNgjE8zpi2YjqdisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGxhcDdiTFpyZUlFMkNNVHpPbUxaaU9wMkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8xMjZjOWUtNGZhNy00OWQ0LTkyOGMt
OTEwN2M5MTJkN2Q4LzEveUoxUE9GUDFxdTRwZm54ODBEdDBROVNRUDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8xMjZjOWUtNGZhNy00OWQ0LTkyOGMtOTEwN2M5MTJkN2Q4
LzEvOGxhcDdiTFpyZUlFMkNNVHpPbUxaaU9wMkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCW9P0AwQC
W+FoAwQAXXMLAwQBXrC8AwQCuSI0AwQCuVCAAwQCuW+0AwQCuamMAwQCuaycMA0E
AgACMAcDBQMqBXzAMA0GCSqGSIb3DQEBCwUAA4IBAQCHHKngmbWz0QxTeh7Ze1t3
ws1LztnEshn707sPKdeHPSRKXX1qSssIU7ENubVw46AGv2aPBJXpjJISUclNC2py
bp3DPyGDwVGI/IZOdeqc1WosNma8Rcmi08HoXiF2zifXSkSrTlK5mDYUFwH6NbVH
OjfvQ35UyYLzoX3tqT3cr0lQBp4EOmL9C0jZ3Jvyx4whpBrkxrSxGd1a4YTO0q4g
vP/8J0shOwvCo34tUI8VM/rdJo9oF+ipMhxwqVvdRrJ3GUNGkIoym5m9hairAoAh
u6LB/vO5YeMLf/dIULL7Enr1QryFAlIDi8qom3Dqjz9AIKlfoacjhdkelkNRF+0/
-----END CERTIFICATE-----
Generated at Tue Dec 5 08:29:22 2023 by rpki-client on console-ams.rpki-client.org