Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/YySBXvkhZWgTpgIP2tSVd48ekLo.roa
File: YySBXvkhZWgTpgIP2tSVd48ekLo.roa (raw, json)
Hash identifier: 9fuNbjMHit+wyOLipOzj64CRDLj7EcSo/6r4HBx40d0=
Subject key identifier: 63:24:81:5E:F9:21:65:68:13:A6:02:0F:DA:D4:95:77:8F:1E:90:BA
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 0187FA803E78840FE2FB1525CF57B3A7E7F2
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/YySBXvkhZWgTpgIP2tSVd48ekLo.roa
Signing time: Mon 08 May 2023 08:35:21 +0000
ROA not before: Mon 08 May 2023 08:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.84.140.0/22 maxlen: 24
185.63.152.0/22 maxlen: 24
185.103.172.0/22 maxlen: 24
2a05:a640::/29 maxlen: 64
2a03:7e0::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:80:3e:78:84:0f:e2:fb:15:25:cf:57:b3:a7:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: May 8 08:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6324815ef921656813a6020fdad495778f1e90ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:0e:71:9d:d4:0d:1c:1b:6a:a9:9e:56:51:
ae:1b:e1:fc:60:05:94:55:5a:c6:82:3e:38:a0:1e:
4f:da:7b:95:50:18:36:37:15:ca:cd:af:3b:62:97:
96:f4:99:0f:f3:d1:77:13:6c:28:41:69:e0:e2:4e:
79:3d:44:ea:a4:9b:5c:ca:b7:de:84:ac:ab:c8:9a:
7d:41:87:ec:33:24:38:47:68:ed:27:29:2e:46:28:
12:f6:2f:c4:e3:d5:eb:be:11:bd:8a:54:e5:0a:40:
cd:74:82:d9:8f:f7:1a:24:02:bb:fe:1f:c5:44:5b:
bc:f9:d0:4c:4b:c2:43:0e:f2:df:19:42:07:13:bb:
04:4a:83:9a:cf:e0:c2:e1:9e:d7:0e:cf:0a:f5:3d:
1b:8a:ab:54:5d:a0:92:3c:04:f3:9d:0d:3b:33:cf:
78:04:f3:c0:f7:1d:1b:d8:e4:a7:3f:8d:6b:ef:b3:
ad:af:a0:86:31:07:7b:f2:67:89:54:c8:0c:42:bb:
97:32:7a:d8:96:d4:c9:4a:a7:03:ce:f8:2f:0c:18:
37:d9:56:c3:f1:e0:2e:bd:30:a2:12:07:13:e9:04:
a7:13:f1:63:1b:3d:49:c7:ba:c3:b0:2c:8d:c6:a8:
8a:12:b9:9e:e4:45:8f:29:52:e2:6a:1c:8a:02:b2:
33:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:81:5E:F9:21:65:68:13:A6:02:0F:DA:D4:95:77:8F:1E:90:BA
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/YySBXvkhZWgTpgIP2tSVd48ekLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.152.0/22
185.84.140.0/22
185.103.172.0/22
IPv6:
2a03:7e0::/32
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
7b:30:96:15:df:77:9d:50:bf:9c:a2:bb:57:7c:85:e7:f5:ab:
50:32:f5:71:8b:c7:b0:ff:01:40:52:29:20:d9:7f:ee:ee:9e:
91:e5:c7:bb:1d:9d:28:7f:a7:d0:d6:c4:d3:b9:f2:bf:02:5c:
05:7a:8e:bb:d5:f7:b1:fe:0d:9c:ab:2f:3c:67:2e:d9:2d:10:
b1:b7:98:71:0f:24:b2:2a:48:3b:e1:4f:35:76:ca:7b:94:fe:
47:a3:8f:ce:96:89:14:87:51:f2:c9:f3:1c:1d:1a:24:3c:d7:
39:03:78:ca:99:4b:fd:f7:45:78:27:7e:73:8f:13:a5:10:a1:
9f:54:bf:10:2b:1c:6e:c2:48:0d:7c:0c:7c:02:21:d4:cd:6c:
63:ab:6e:40:43:8d:af:9c:79:a2:ba:00:8f:18:6d:26:02:c8:
d9:fb:20:cb:79:3c:bb:3b:3d:86:78:87:ea:11:d2:c9:b5:9c:
01:27:52:b5:2a:30:79:b3:8d:3c:5f:de:3c:fd:69:61:57:20:
8e:0f:8c:5b:d4:3b:56:de:58:46:78:6b:7e:2e:90:24:1a:11:
0c:0e:41:1c:ba:db:c1:5b:c5:bf:ff:64:1a:01:a3:d1:ea:1f:
e7:d3:05:b8:2b:a7:95:a8:67:7d:fd:e9:bf:18:22:89:58:e9:
e8:94:28:34
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYf6gD54hA/i+xUlz1ezp+fyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjMwNTA4MDgzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI0ODE1ZWY5MjE2NTY4MTNhNjAyMGZkYWQ0OTU3NzhmMWU5MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOkOcZ3UDRwbaqmeVlGuG+H8YAWU
VVrGgj44oB5P2nuVUBg2NxXKza87YpeW9JkP89F3E2woQWng4k55PUTqpJtcyrfe
hKyryJp9QYfsMyQ4R2jtJykuRigS9i/E49XrvhG9ilTlCkDNdILZj/caJAK7/h/F
RFu8+dBMS8JDDvLfGUIHE7sESoOaz+DC4Z7XDs8K9T0biqtUXaCSPATznQ07M894
BPPA9x0b2OSnP41r77Otr6CGMQd78meJVMgMQruXMnrYltTJSqcDzvgvDBg32VbD
8eAuvTCiEgcT6QSnE/FjGz1Jx7rDsCyNxqiKErme5EWPKVLiahyKArIzUwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGMkgV75IWVoE6YCD9rUlXePHpC6MB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvWXlTQlh2a2haV2dUcGdJUDJ0U1ZkNDhla0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT+YAwQC
uVSMAwQCuWesMBQEAgACMA4DBQAqAwfgAwUDKgWmQDANBgkqhkiG9w0BAQsFAAOC
AQEAezCWFd93nVC/nKK7V3yF5/WrUDL1cYvHsP8BQFIpINl/7u6ekeXHux2dKH+n
0NbE07nyvwJcBXqOu9X3sf4NnKsvPGcu2S0QsbeYcQ8ksipIO+FPNXbKe5T+R6OP
zpaJFIdR8snzHB0aJDzXOQN4yplL/fdFeCd+c48TpRChn1S/ECscbsJIDXwMfAIh
1M1sY6tuQEONr5x5oroAjxhtJgLI2fsgy3k8uzs9hniH6hHSybWcASdStSowebON
PF/ePP1pYVcgjg+MW9Q7Vt5YRnhrfi6QJBoRDA5BHLrbwVvFv/9kGgGj0eof59MF
uCunlahnff3pvxgiiVjp6JQoNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:18 2024 by rpki-client on console-ams.rpki-client.org