Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yXZ2kfSxNGzNoWPsi1BCR-HunbQ.roa
File: yXZ2kfSxNGzNoWPsi1BCR-HunbQ.roa (raw, json)
Hash identifier: xy549v5EKWegL1KvdEFJYBxlsfUXVAeP8P8iCY/I+dI=
Subject key identifier: C9:76:76:91:F4:B1:34:6C:CD:A1:63:EC:8B:50:42:47:E1:EE:9D:B4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C79AB44C77D8420B623B68F4403CA1442
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yXZ2kfSxNGzNoWPsi1BCR-HunbQ.roa
Signing time: Sun 17 Dec 2023 21:25:16 +0000
ROA not before: Sun 17 Dec 2023 21:25:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:ab:44:c7:7d:84:20:b6:23:b6:8f:44:03:ca:14:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 17 21:25:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9767691f4b1346ccda163ec8b504247e1ee9db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:60:29:d0:6d:69:90:25:28:52:ff:60:b0:d7:
3e:04:0f:17:5e:0c:13:01:31:04:17:09:51:01:45:
00:86:5c:cd:4f:bb:c4:64:0f:32:2d:ea:dd:c0:37:
37:37:3b:45:ec:95:39:67:d8:27:98:5e:3b:6c:45:
d3:8b:da:78:5e:16:89:d4:7b:f5:cd:ec:88:97:09:
fe:53:08:df:57:27:bf:42:1a:17:05:3e:a7:57:79:
95:c3:16:12:8e:d8:70:bc:c8:8c:83:0a:7d:0f:94:
58:46:f7:9f:d9:50:ff:22:41:08:33:8c:13:08:f6:
81:67:4f:68:77:14:b8:c6:77:13:71:b1:be:fa:2b:
17:fb:e2:da:04:57:6a:43:bb:d1:96:07:37:bf:41:
ba:aa:fd:7f:12:4e:f0:ef:1e:59:4a:66:9a:4a:60:
38:c3:8c:d4:36:3b:30:70:e3:64:f3:d6:c6:9c:99:
fc:4c:03:df:0c:df:8f:8d:5e:c8:6e:e4:de:08:7c:
9c:8c:74:3d:0f:c7:45:45:88:e8:0f:f0:f9:c3:fb:
55:06:e7:54:72:51:63:6a:dd:b5:57:2d:05:66:4a:
14:53:56:eb:ec:3a:24:bd:53:a0:2a:b4:9a:88:f4:
b3:74:d6:f7:52:55:0a:44:cb:6e:4e:87:2d:b8:71:
13:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:76:76:91:F4:B1:34:6C:CD:A1:63:EC:8B:50:42:47:E1:EE:9D:B4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yXZ2kfSxNGzNoWPsi1BCR-HunbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.223.80.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
41:b5:9b:5b:32:6e:27:4e:2c:36:3d:d6:16:f0:b6:25:49:bf:
9e:6d:df:dd:32:1e:e8:5e:e3:89:8b:85:a2:0d:27:b9:ff:75:
15:3a:48:33:d9:a7:bc:d3:37:ef:27:de:0b:21:38:26:5c:9d:
a2:12:79:9b:2a:be:a7:52:74:6a:d0:0f:a9:9c:2e:99:31:3e:
03:5c:a1:10:7c:b6:f6:7b:8f:bc:95:b8:7a:01:64:d3:02:c5:
c0:97:fc:96:3d:5d:31:0c:8a:a8:7a:6c:ac:35:15:37:3b:5d:
b5:06:24:2e:6a:16:c0:e8:af:d9:fe:ca:42:e2:cd:b7:78:bc:
d3:95:1b:28:87:33:73:90:ec:7b:d7:6f:03:da:14:53:a3:27:
32:99:87:ba:b6:94:70:9f:7e:e2:b1:c0:85:6d:9b:14:c9:fe:
00:7b:11:2b:e1:be:87:41:f3:e5:a4:39:eb:d4:cd:99:8b:c3:
84:57:01:1d:1f:f8:83:56:03:66:ec:80:83:c5:c8:a5:dd:61:
89:13:02:71:b7:db:d4:9d:2b:25:c6:15:46:0d:f3:cc:8e:72:
23:40:03:2f:6d:3c:82:ee:e6:c7:cb:07:24:81:49:f5:af:c9:
c0:d3:5e:34:28:6d:7a:0a:01:74:66:69:3c:1a:e2:75:ad:d3:
b5:7e:91:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYx5q0THfYQgtiO2j0QDyhRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE3MjEyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc2NzY5MWY0YjEzNDZjY2RhMTYzZWM4YjUwNDI0N2UxZWU5ZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGAp0G1pkCUoUv9gsNc+BA8XXgwT
ATEEFwlRAUUAhlzNT7vEZA8yLerdwDc3NztF7JU5Z9gnmF47bEXTi9p4XhaJ1Hv1
zeyIlwn+UwjfVye/QhoXBT6nV3mVwxYSjthwvMiMgwp9D5RYRvef2VD/IkEIM4wT
CPaBZ09odxS4xncTcbG++isX++LaBFdqQ7vRlgc3v0G6qv1/Ek7w7x5ZSmaaSmA4
w4zUNjswcONk89bGnJn8TAPfDN+PjV7IbuTeCHycjHQ9D8dFRYjoD/D5w/tVBudU
clFjat21Vy0FZkoUU1br7DokvVOgKrSaiPSzdNb3UlUKRMtuToctuHET3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMl2dpH0sTRszaFj7ItQQkfh7p20MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveVhaMmtmU3hOR3pOb1dQc2kxQkNSLUh1bmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH34AwQA
ud9QAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBBtZtbMm4nTiw2PdYW8LYlSb+e
bd/dMh7oXuOJi4WiDSe5/3UVOkgz2ae80zfvJ94LITgmXJ2iEnmbKr6nUnRq0A+p
nC6ZMT4DXKEQfLb2e4+8lbh6AWTTAsXAl/yWPV0xDIqoemysNRU3O121BiQuahbA
6K/Z/spC4s23eLzTlRsohzNzkOx7128D2hRToycymYe6tpRwn37iscCFbZsUyf4A
exEr4b6HQfPlpDnr1M2Zi8OEVwEdH/iDVgNm7ICDxcil3WGJEwJxt9vUnSslxhVG
DfPMjnIjQAMvbTyC7ubHywckgUn1r8nA0140KG16CgF0Zmk8GuJ1rdO1fpE7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org