Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/yfVhThborezFin9KDWaKseIyBlE.roa
File: yfVhThborezFin9KDWaKseIyBlE.roa (raw, json)
Hash identifier: 8HPKs81Dpf5KNiiWfwUyjTX+0wQhiEayApMWnyfiouY=
Subject key identifier: C9:F5:61:4E:16:E8:AD:EC:C5:8A:7F:4A:0D:66:8A:B1:E2:32:06:51
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01857D45277FC19235DED4A633D0384315F0
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/yfVhThborezFin9KDWaKseIyBlE.roa
Signing time: Wed 04 Jan 2023 14:52:42 +0000
ROA not before: Wed 04 Jan 2023 14:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 194.187.188.0/22 maxlen: 24
185.169.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Sep 2023 21:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7d:45:27:7f:c1:92:35:de:d4:a6:33:d0:38:43:15:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 4 14:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f5614e16e8adecc58a7f4a0d668ab1e2320651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d1:96:35:1e:60:79:85:ac:db:27:d4:f7:9b:
fe:eb:77:d4:4e:ee:33:4c:58:00:25:6f:f1:d1:fd:
c7:8c:26:fc:cb:64:e5:de:32:33:84:53:16:15:fb:
e2:0f:a7:4d:b4:38:83:4a:d6:d5:c4:7b:51:fa:51:
e5:5d:38:8b:20:f3:03:e7:b4:9d:fd:c9:84:65:ee:
c0:dd:73:ac:34:67:8e:08:34:be:e2:9e:f7:22:d4:
d0:63:2c:76:ca:dd:7e:85:da:40:04:e6:06:fd:02:
1f:a7:5b:28:e3:4a:e4:aa:4b:68:0e:51:a3:ed:89:
a4:7d:33:71:f0:c3:ba:b8:44:92:1f:95:49:99:10:
23:ed:b4:e7:ce:74:38:76:e3:a9:4b:2a:85:16:7f:
a4:19:61:01:89:25:c9:2c:e0:4c:25:b2:11:e3:0d:
24:18:30:22:ea:b6:22:66:a7:bd:04:4e:af:f6:06:
c3:b1:4d:3a:df:1d:f8:8f:83:66:80:d8:85:ea:12:
ea:ef:42:9e:4d:64:f1:53:41:3a:53:5a:b0:97:6f:
c9:62:b2:85:aa:41:0f:8f:76:c4:23:6a:9b:ad:3d:
44:4a:94:4a:ee:95:e1:56:95:47:b4:ec:17:95:6f:
6f:ad:fd:88:8c:ad:4d:26:78:4b:55:7b:29:8b:a4:
5a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F5:61:4E:16:E8:AD:EC:C5:8A:7F:4A:0D:66:8A:B1:E2:32:06:51
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/yfVhThborezFin9KDWaKseIyBlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.5.0/24
194.187.188.0/22
Signature Algorithm: sha256WithRSAEncryption
16:c9:34:58:47:89:b1:f4:d6:e1:8a:a2:56:d9:eb:23:34:31:
6a:14:a9:f4:d1:a4:68:39:ec:ae:ac:3e:55:30:e5:ca:0e:c6:
95:6c:48:4b:f2:0f:69:90:31:e1:04:d1:54:22:70:9d:55:7f:
9f:77:c9:99:7c:86:f7:34:64:4f:9d:f9:bd:48:48:49:ea:c0:
d1:50:50:c7:a5:ca:f5:26:4e:a6:f0:26:e1:fe:1e:b4:0d:85:
5e:53:af:12:71:cc:7a:36:29:8c:0a:ec:54:21:40:9c:6b:4e:
e4:0e:d9:6b:ab:b0:4f:8e:76:8a:59:d3:91:b7:85:d0:56:36:
ea:1a:31:51:ea:0e:f3:06:15:0b:eb:87:71:49:92:f3:43:c7:
6e:25:cc:82:0b:8b:85:37:e8:71:b2:22:3c:f6:6a:45:ea:3a:
8d:6a:80:27:e1:f9:17:92:39:63:15:93:86:f9:4d:e0:e5:60:
c9:8d:07:fc:78:6b:c9:1e:07:94:26:89:7c:78:51:1a:cd:04:
66:fc:58:c0:1e:07:73:30:69:f2:93:79:e8:55:85:62:9c:64:
bb:79:93:83:6e:c0:7e:1f:a7:84:34:60:70:5a:6b:f2:41:c7:
86:dd:a7:a5:6c:24:f9:9d:d1:80:17:ee:26:75:68:3e:c6:83:
fa:1e:61:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV9RSd/wZI13tSmM9A4QxXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTA0MTQ1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY1NjE0ZTE2ZThhZGVjYzU4YTdmNGEwZDY2OGFiMWUyMzIwNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9GWNR5geYWs2yfU95v+63fUTu4z
TFgAJW/x0f3HjCb8y2Tl3jIzhFMWFfviD6dNtDiDStbVxHtR+lHlXTiLIPMD57Sd
/cmEZe7A3XOsNGeOCDS+4p73ItTQYyx2yt1+hdpABOYG/QIfp1so40rkqktoDlGj
7YmkfTNx8MO6uESSH5VJmRAj7bTnznQ4duOpSyqFFn+kGWEBiSXJLOBMJbIR4w0k
GDAi6rYiZqe9BE6v9gbDsU063x34j4NmgNiF6hLq70KeTWTxU0E6U1qwl2/JYrKF
qkEPj3bEI2qbrT1ESpRK7pXhVpVHtOwXlW9vrf2IjK1NJnhLVXspi6RaMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMn1YU4W6K3sxYp/Sg1mirHiMgZRMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEveWZWaFRoYm9yZXpGaW45S0RXYUtzZUl5QmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuakFAwQC
wru8MA0GCSqGSIb3DQEBCwUAA4IBAQAWyTRYR4mx9NbhiqJW2esjNDFqFKn00aRo
OeyurD5VMOXKDsaVbEhL8g9pkDHhBNFUInCdVX+fd8mZfIb3NGRPnfm9SEhJ6sDR
UFDHpcr1Jk6m8Cbh/h60DYVeU68Sccx6NimMCuxUIUCca07kDtlrq7BPjnaKWdOR
t4XQVjbqGjFR6g7zBhUL64dxSZLzQ8duJcyCC4uFN+hxsiI89mpF6jqNaoAn4fkX
kjljFZOG+U3g5WDJjQf8eGvJHgeUJol8eFEazQRm/FjAHgdzMGnyk3noVYVinGS7
eZODbsB+H6eENGBwWmvyQceG3aelbCT5ndGAF+4mdWg+xoP6HmFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org