Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YKRBuR1Xi6HEb2ydzPUiOqAd1P4.roa
File: YKRBuR1Xi6HEb2ydzPUiOqAd1P4.roa (raw, json)
Hash identifier: Mgllw2YQGrTiXBG/g9qpX2hZ/OE4m45Jq93eP3TzHJo=
Subject key identifier: 60:A4:41:B9:1D:57:8B:A1:C4:6F:6C:9D:CC:F5:22:3A:A0:1D:D4:FE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B64442E78007EE0840A9CB4476803D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YKRBuR1Xi6HEb2ydzPUiOqAd1P4.roa
Signing time: Mon 02 Jan 2023 09:00:48 +0000
ROA not before: Mon 02 Jan 2023 09:00:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 185.234.22.0/24 maxlen: 24
185.238.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:44:42:e7:80:07:ee:08:40:a9:cb:44:76:80:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60a441b91d578ba1c46f6c9dccf5223aa01dd4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:af:ac:18:6e:3f:40:69:7d:2a:0d:3e:a4:0c:
fb:d1:fb:de:c7:a9:66:3a:7b:5e:5b:12:e9:8c:30:
77:57:66:41:6e:48:9b:47:96:bd:73:66:0d:78:23:
a2:b7:74:7c:3c:b6:43:ec:b6:65:a1:ff:ff:57:0a:
cd:99:f6:ac:d1:91:5d:c7:19:af:3a:ff:8b:88:99:
c0:54:73:8e:5d:cb:36:13:a6:44:61:83:1b:f9:67:
d7:3e:b7:8f:56:74:68:03:ea:6a:b7:c2:e2:b8:25:
2d:d5:78:49:ee:ab:de:ff:dd:3c:3e:af:e6:57:c2:
46:ab:d5:2a:12:a8:72:a2:2a:f3:4d:64:14:da:9f:
6f:cf:d0:69:82:b6:55:c0:8c:7f:9f:d2:93:7d:b1:
33:eb:bc:92:c1:93:66:9b:1a:06:d6:b8:09:9d:73:
65:47:b4:c4:b4:7c:20:36:29:fd:70:dc:28:fb:e7:
52:8c:b8:04:f5:ed:6b:c3:cc:97:1d:8c:2d:2a:8b:
e5:f0:8a:9f:64:88:dd:e4:01:1f:6d:55:b9:1a:12:
d3:35:fc:a5:69:0b:25:28:6a:a7:b8:98:42:aa:ac:
22:65:03:19:77:ed:0b:9f:34:b9:a2:05:74:84:07:
2e:d9:a5:07:af:64:fc:08:99:65:b3:ed:e8:73:df:
68:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A4:41:B9:1D:57:8B:A1:C4:6F:6C:9D:CC:F5:22:3A:A0:1D:D4:FE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YKRBuR1Xi6HEb2ydzPUiOqAd1P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.22.0/24
185.238.228.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ed:d7:46:89:11:27:a3:0e:e5:e7:dc:39:87:e8:b4:8d:4b:
e7:6c:dd:ea:fd:8f:97:d9:22:e4:01:ed:4c:bb:26:1a:9e:ff:
25:4c:7c:c2:d7:eb:60:a2:22:00:d8:6a:4e:8c:84:91:10:c7:
a7:e8:c0:fe:ed:70:a3:ad:c4:f2:a4:8a:58:87:fc:9a:ce:dd:
58:07:45:42:d6:df:6e:18:f0:4a:b4:d9:56:bb:18:af:a4:5a:
07:20:c3:7e:c4:58:0c:31:8a:1e:97:8c:fe:7f:ae:c4:df:b8:
72:2f:03:f8:44:ab:10:ca:33:f5:73:ee:56:d6:39:b4:13:93:
a1:4e:c9:63:7b:9e:a6:a1:72:e6:fc:16:e5:84:ce:7a:1f:19:
13:e3:c2:5f:6b:a6:ca:45:8f:2a:9b:e1:1d:77:8d:d5:12:d3:
a0:b2:20:40:0e:e9:05:3b:34:7d:92:14:44:9f:0b:af:ec:5d:
2c:63:b1:41:be:ae:9a:2a:88:d7:dd:c9:71:f2:75:50:96:d5:
6e:3f:57:1b:c6:a2:87:68:7c:82:cc:f0:54:31:79:41:b6:b8:
07:9e:7c:1f:00:0c:42:a6:33:ec:3f:e9:4e:3c:d4:be:06:58:
81:b1:bf:87:b3:89:e0:bc:b6:fe:34:54:e5:f3:96:19:db:5f:
a3:2b:88:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxtkRC54AH7ghAqctEdoA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE0NDFiOTFkNTc4YmExYzQ2ZjZjOWRjY2Y1MjIzYWEwMWRkNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva+sGG4/QGl9Kg0+pAz70fvex6lm
OnteWxLpjDB3V2ZBbkibR5a9c2YNeCOit3R8PLZD7LZlof//VwrNmfas0ZFdxxmv
Ov+LiJnAVHOOXcs2E6ZEYYMb+WfXPrePVnRoA+pqt8LiuCUt1XhJ7qve/908Pq/m
V8JGq9UqEqhyoirzTWQU2p9vz9BpgrZVwIx/n9KTfbEz67ySwZNmmxoG1rgJnXNl
R7TEtHwgNin9cNwo++dSjLgE9e1rw8yXHYwtKovl8IqfZIjd5AEfbVW5GhLTNfyl
aQslKGqnuJhCqqwiZQMZd+0LnzS5ogV0hAcu2aUHr2T8CJlls+3oc99oFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCkQbkdV4uhxG9sncz1IjqgHdT+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWUtSQnVSMVhpNkhFYjJ5ZHpQVWlPcUFkMVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueoWAwQA
ue7kMA0GCSqGSIb3DQEBCwUAA4IBAQBG7ddGiREnow7l59w5h+i0jUvnbN3q/Y+X
2SLkAe1MuyYanv8lTHzC1+tgoiIA2GpOjISREMen6MD+7XCjrcTypIpYh/yazt1Y
B0VC1t9uGPBKtNlWuxivpFoHIMN+xFgMMYoel4z+f67E37hyLwP4RKsQyjP1c+5W
1jm0E5OhTslje56moXLm/BblhM56HxkT48Jfa6bKRY8qm+Edd43VEtOgsiBADukF
OzR9khREnwuv7F0sY7FBvq6aKojX3clx8nVQltVuP1cbxqKHaHyCzPBUMXlBtrgH
nnwfAAxCpjPsP+lOPNS+BliBsb+Hs4ngvLb+NFTl85YZ21+jK4hn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org