Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/B-YYpBjrgyIeHj-9wzdT8fYaYyY.roa
File: B-YYpBjrgyIeHj-9wzdT8fYaYyY.roa (raw, json)
Hash identifier: FMt9jhNMyWF4INpeo8AAEE06nqFUU9d5Zq97Njx5dKk=
Subject key identifier: 07:E6:18:A4:18:EB:83:22:1E:1E:3F:BD:C3:37:53:F1:F6:1A:63:26
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 01857082DD399B9310F89218518D4BBCD465
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/B-YYpBjrgyIeHj-9wzdT8fYaYyY.roa
Signing time: Mon 02 Jan 2023 03:25:02 +0000
ROA not before: Mon 02 Jan 2023 03:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60601
IP address blocks: 185.11.216.0/24 maxlen: 24
2a03:69c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:dd:39:9b:93:10:f8:92:18:51:8d:4b:bc:d4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jan 2 03:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07e618a418eb83221e1e3fbdc33753f1f61a6326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bd:4b:52:08:67:95:b9:53:46:a8:f3:11:dd:
a8:a1:27:61:66:34:7f:cb:18:af:7c:33:37:34:da:
2b:f1:b5:d2:f1:cf:10:f3:21:51:c4:91:46:bc:f4:
6a:cd:d1:ca:d1:96:00:ad:c8:bf:ac:d5:91:e0:eb:
dd:bb:73:a7:f1:52:a8:22:4f:f9:62:81:de:fd:91:
66:5f:ae:da:09:3e:06:e9:d1:df:67:b3:f3:4f:b4:
31:39:70:25:48:0c:c3:c9:f1:0b:1b:4a:2e:65:46:
a9:14:44:56:ef:f3:07:ef:f1:d7:fd:64:94:73:44:
e7:96:11:2c:91:54:88:f2:80:14:eb:9d:79:ef:2b:
5e:3c:7b:2a:ad:88:39:23:c8:6e:2c:97:62:72:5b:
94:48:50:e7:19:c8:d5:38:f8:0a:d7:a1:1b:0b:8d:
3f:ed:d3:55:a0:41:14:cd:04:9f:fe:6f:e7:fc:18:
47:d6:68:c1:e5:99:0b:3a:9a:e4:f4:93:8b:58:57:
5b:02:20:21:0c:8c:9b:5d:8f:13:f2:6d:2c:aa:a7:
53:30:e3:b0:51:82:54:67:c7:25:7d:3e:4e:58:9a:
31:da:d8:4d:55:e3:5c:e8:21:24:0c:f4:a6:80:50:
68:d9:97:f3:3f:c8:0d:7a:b0:25:ab:6d:4f:ca:60:
97:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E6:18:A4:18:EB:83:22:1E:1E:3F:BD:C3:37:53:F1:F6:1A:63:26
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/B-YYpBjrgyIeHj-9wzdT8fYaYyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.216.0/24
IPv6:
2a03:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
98:49:9c:e2:c8:2b:c9:18:b9:d1:a7:57:0d:7e:e2:8a:06:dc:
b1:08:c7:73:41:ed:9b:da:29:fd:6e:e7:38:4e:f7:a7:97:f2:
58:52:01:de:59:c3:a5:ab:c7:d1:86:52:d4:8b:69:f6:58:6f:
71:cf:96:b5:c4:02:0b:ad:fc:ce:db:58:c6:51:7b:7e:49:2d:
cf:f8:a6:80:e1:78:69:40:49:4c:9a:88:d9:63:e8:db:c8:ae:
10:bb:4e:e5:44:c8:66:c5:13:bb:07:cb:8e:fa:95:03:55:54:
ed:e0:32:77:c1:68:b2:6f:85:55:c1:01:89:b2:21:9c:c1:ab:
80:6c:60:76:82:8c:79:33:50:f8:0a:a9:66:f5:f3:8d:51:48:
d2:88:27:e9:b5:ae:00:08:83:a8:15:88:60:0a:1c:cb:6f:46:
9e:88:13:98:d8:e7:30:06:f2:d2:53:11:68:8c:0f:15:45:e0:
5c:7d:ac:a9:b5:cf:4b:63:70:8d:bf:0f:45:ba:e0:a6:86:34:
7d:79:25:99:c7:53:70:49:00:c5:a6:ec:25:79:70:7a:8b:38:
00:99:92:fa:6e:6c:86:9e:8f:20:60:bc:fb:0a:b5:ff:b2:3e:
c2:66:67:9f:66:ac:88:8b:04:02:18:38:e2:bd:f7:6b:39:23:
ae:a0:83:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwgt05m5MQ+JIYUY1LvNRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjMwMTAyMDMyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U2MThhNDE4ZWI4MzIyMWUxZTNmYmRjMzM3NTNmMWY2MWE2MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb1LUghnlblTRqjzEd2ooSdhZjR/
yxivfDM3NNor8bXS8c8Q8yFRxJFGvPRqzdHK0ZYArci/rNWR4Ovdu3On8VKoIk/5
YoHe/ZFmX67aCT4G6dHfZ7PzT7QxOXAlSAzDyfELG0ouZUapFERW7/MH7/HX/WSU
c0TnlhEskVSI8oAU65157ytePHsqrYg5I8huLJdicluUSFDnGcjVOPgK16EbC40/
7dNVoEEUzQSf/m/n/BhH1mjB5ZkLOprk9JOLWFdbAiAhDIybXY8T8m0sqqdTMOOw
UYJUZ8clfT5OWJox2thNVeNc6CEkDPSmgFBo2ZfzP8gNerAlq21PymCX1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAfmGKQY64MiHh4/vcM3U/H2GmMmMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQi1ZWXBCanJneUllSGotOXd6ZFQ4ZllhWXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQvYMA8E
AgACMAkDBwAqA2nAAAAwDQYJKoZIhvcNAQELBQADggEBAJhJnOLIK8kYudGnVw1+
4ooG3LEIx3NB7ZvaKf1u5zhO96eX8lhSAd5Zw6Wrx9GGUtSLafZYb3HPlrXEAgut
/M7bWMZRe35JLc/4poDheGlASUyaiNlj6NvIrhC7TuVEyGbFE7sHy476lQNVVO3g
MnfBaLJvhVXBAYmyIZzBq4BsYHaCjHkzUPgKqWb1841RSNKIJ+m1rgAIg6gViGAK
HMtvRp6IE5jY5zAG8tJTEWiMDxVF4Fx9rKm1z0tjcI2/D0W64KaGNH15JZnHU3BJ
AMWm7CV5cHqLOACZkvpubIaejyBgvPsKtf+yPsJmZ59mrIiLBAIYOOK992s5I66g
g70=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:15 2024 by rpki-client on console-fra.rpki-client.org