Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3df62d-5d57-4d7e-9444-5351f1bde72f/1/yiiCpLhwoLx9rSny1BWDDZak74E.roa
File: yiiCpLhwoLx9rSny1BWDDZak74E.roa (raw, json)
Hash identifier: /oFHTubBvBLR/9YCNP/FRZVELS/q0szc5Yz33pNaCfA=
Subject key identifier: CA:28:82:A4:B8:70:A0:BC:7D:AD:29:F2:D4:15:83:0D:96:A4:EF:81
Certificate issuer: /CN=64a7156b8aa89f76e4d38af2c109fbc14917b086
Certificate serial: 01856E01E0162794F742C511F9EF8E56E1CF
Authority key identifier: 64:A7:15:6B:8A:A8:9F:76:E4:D3:8A:F2:C1:09:FB:C1:49:17:B0:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKcVa4qon3bk04rywQn7wUkXsIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3df62d-5d57-4d7e-9444-5351f1bde72f/1/yiiCpLhwoLx9rSny1BWDDZak74E.roa
Signing time: Sun 01 Jan 2023 15:44:54 +0000
ROA not before: Sun 01 Jan 2023 15:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34062
IP address blocks: 185.99.17.0/24 maxlen: 24
185.99.16.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:e0:16:27:94:f7:42:c5:11:f9:ef:8e:56:e1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a7156b8aa89f76e4d38af2c109fbc14917b086
Validity
Not Before: Jan 1 15:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca2882a4b870a0bc7dad29f2d415830d96a4ef81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:f9:d3:75:f7:07:ab:57:80:95:64:9e:bb:
d2:82:e1:c3:43:9b:76:c2:16:00:9a:56:29:4a:16:
06:ad:5e:08:ea:14:3b:8d:75:4d:82:cb:34:64:9e:
c8:78:51:d9:f5:b8:9a:ae:a8:f9:7c:74:58:82:6a:
38:23:dc:26:bc:72:be:b7:ee:52:e4:e6:52:81:90:
f1:97:b7:8f:a8:06:51:af:e8:46:61:78:32:94:d9:
45:83:fd:03:e7:d0:b7:37:5a:9f:6c:ae:33:48:09:
55:cf:07:48:91:5b:28:5d:ac:00:be:df:c5:7e:f7:
09:ed:f7:dd:6a:af:ac:97:91:6d:40:f8:7f:10:50:
8c:d3:02:0d:44:86:c8:71:3c:83:a2:8b:23:8f:ab:
a0:ad:a3:5e:2b:e5:91:a8:2c:5b:6a:a6:a1:6b:2b:
c1:46:5b:c6:83:3e:49:c8:af:26:86:21:da:bf:8c:
0a:f4:7c:8e:85:80:30:18:fd:6a:82:38:80:15:9b:
93:da:44:c5:2e:ba:12:9e:61:59:e6:7b:12:bb:0a:
d7:e2:f8:4a:98:13:99:38:5a:c8:08:a6:9e:d1:53:
c2:e8:9f:63:ad:c1:17:74:80:1a:72:24:f1:d9:e9:
db:9d:0f:0a:02:bb:86:44:e2:0c:2c:25:61:68:37:
57:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:28:82:A4:B8:70:A0:BC:7D:AD:29:F2:D4:15:83:0D:96:A4:EF:81
X509v3 Authority Key Identifier:
keyid:64:A7:15:6B:8A:A8:9F:76:E4:D3:8A:F2:C1:09:FB:C1:49:17:B0:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKcVa4qon3bk04rywQn7wUkXsIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3df62d-5d57-4d7e-9444-5351f1bde72f/1/yiiCpLhwoLx9rSny1BWDDZak74E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3df62d-5d57-4d7e-9444-5351f1bde72f/1/ZKcVa4qon3bk04rywQn7wUkXsIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.16.0/23
Signature Algorithm: sha256WithRSAEncryption
24:61:ae:f4:73:80:95:5b:cd:2f:b2:d4:34:6c:60:38:43:f7:
8a:c5:3f:9e:a1:75:a9:5c:66:70:99:33:ce:26:63:16:13:15:
1c:fa:26:9a:b7:28:36:66:6c:bd:55:8c:96:a1:0d:43:12:29:
ab:ee:dc:f8:c4:21:36:70:2a:35:0a:c3:e9:1b:60:6c:72:62:
1d:d4:84:8b:e6:09:08:d2:e4:92:eb:a3:01:74:0e:55:11:bf:
fc:62:99:53:2f:14:ae:5d:0b:22:55:fc:bf:d2:a7:91:e3:9d:
1e:be:93:a4:0a:92:2f:e3:79:7f:91:a1:bb:de:25:3b:07:1c:
69:bf:72:a5:15:7c:42:90:66:ae:38:03:c5:f5:f9:53:7b:7f:
98:ee:58:eb:53:45:13:dc:c9:cb:08:95:8e:f5:4f:fa:d1:b5:
85:54:91:1c:ca:c4:68:13:d2:43:ef:9c:61:da:1d:1f:79:16:
65:a5:5a:24:68:ec:d2:f5:83:c6:3e:1e:82:62:7f:e0:7f:33:
38:63:0b:bb:2d:42:49:63:ee:90:21:78:f2:f0:d9:e4:9b:ae:
3c:2c:64:1f:c4:59:be:d3:fd:79:f9:01:5e:e3:07:f2:50:70:
cc:1d:86:11:d8:23:00:99:ff:7a:c7:68:d9:02:72:2b:5a:0e:
fb:fd:15:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAeAWJ5T3QsUR+e+OVuHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTcxNTZiOGFhODlmNzZlNGQzOGFmMmMxMDlmYmMxNDkx
N2IwODYwHhcNMjMwMTAxMTU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI4ODJhNGI4NzBhMGJjN2RhZDI5ZjJkNDE1ODMwZDk2YTRlZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7z503X3B6tXgJVknrvSguHDQ5t2
whYAmlYpShYGrV4I6hQ7jXVNgss0ZJ7IeFHZ9biarqj5fHRYgmo4I9wmvHK+t+5S
5OZSgZDxl7ePqAZRr+hGYXgylNlFg/0D59C3N1qfbK4zSAlVzwdIkVsoXawAvt/F
fvcJ7ffdaq+sl5FtQPh/EFCM0wINRIbIcTyDoosjj6ugraNeK+WRqCxbaqahayvB
RlvGgz5JyK8mhiHav4wK9HyOhYAwGP1qgjiAFZuT2kTFLroSnmFZ5nsSuwrX4vhK
mBOZOFrICKae0VPC6J9jrcEXdIAaciTx2enbnQ8KAruGROIMLCVhaDdXHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoogqS4cKC8fa0p8tQVgw2WpO+BMB8GA1UdIwQY
MBaAFGSnFWuKqJ925NOK8sEJ+8FJF7CGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktjVmE0cW9uM2JrMDRyeXdRbjd3VWtYc0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zZGY2MmQtNWQ1Ny00ZDdlLTk0NDQt
NTM1MWYxYmRlNzJmLzEveWlpQ3BMaHdvTHg5clNueTFCV0REWmFrNzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zZGY2MmQtNWQ1Ny00ZDdlLTk0NDQtNTM1MWYxYmRlNzJm
LzEvWktjVmE0cW9uM2JrMDRyeXdRbjd3VWtYc0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAkYa70c4CVW80vstQ0bGA4Q/eKxT+eoXWpXGZwmTPO
JmMWExUc+iaatyg2Zmy9VYyWoQ1DEimr7tz4xCE2cCo1CsPpG2BscmId1ISL5gkI
0uSS66MBdA5VEb/8YplTLxSuXQsiVfy/0qeR450evpOkCpIv43l/kaG73iU7Bxxp
v3KlFXxCkGauOAPF9flTe3+Y7ljrU0UT3MnLCJWO9U/60bWFVJEcysRoE9JD75xh
2h0feRZlpVokaOzS9YPGPh6CYn/gfzM4Ywu7LUJJY+6QIXjy8Nnkm648LGQfxFm+
0/15+QFe4wfyUHDMHYYR2CMAmf96x2jZAnIrWg77/RUI
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:23 2024 by rpki-client on console-ams.rpki-client.org