Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yn5lQ8BVUMozxiME_xDMgkTvAoo.roa
File: Yn5lQ8BVUMozxiME_xDMgkTvAoo.roa (raw, json)
Hash identifier: HOciWTGiiPNMJ9SEuFad2pJ+3a7zz2XmVUC2dEzcVEo=
Subject key identifier: 62:7E:65:43:C0:55:50:CA:33:C6:23:04:FF:10:CC:82:44:EF:02:8A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018B2AF5D51B258433258724242218CEA0FA
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yn5lQ8BVUMozxiME_xDMgkTvAoo.roa
Signing time: Fri 13 Oct 2023 21:33:55 +0000
ROA not before: Fri 13 Oct 2023 21:33:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52423
IP address blocks: 185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
185.190.80.0/24 maxlen: 32
185.184.141.0/24 maxlen: 32
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:f5:d5:1b:25:84:33:25:87:24:24:22:18:ce:a0:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Oct 13 21:33:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=627e6543c05550ca33c62304ff10cc8244ef028a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:be:0e:08:1c:a5:fa:2d:f4:5a:ab:15:80:f2:
f4:a6:5f:71:d1:8a:12:a5:7c:0e:69:55:b7:1a:34:
57:79:85:33:83:18:86:85:1f:1c:3e:f6:fe:3b:a3:
49:37:15:6e:5a:d4:2b:75:4a:fe:96:46:b9:bb:92:
6c:bf:fa:c3:54:7a:fb:56:5d:8d:84:b3:3a:f4:32:
2c:d4:7a:52:8d:41:b5:b3:e0:65:02:4e:03:ef:bf:
21:53:17:94:6f:ff:33:6c:c6:37:de:27:1a:49:e0:
85:19:76:40:0a:79:ca:32:9b:89:ad:8f:0a:68:b5:
50:10:45:bc:ca:35:32:b8:f2:ef:ed:36:03:8c:35:
8b:57:24:98:d7:a1:a6:de:29:a2:a0:a4:2b:02:f5:
c7:af:e4:1f:8e:1a:49:cc:7a:e0:b3:61:89:b2:df:
01:7e:b8:6a:b8:1c:a4:90:1e:7f:87:ee:d9:9d:74:
8b:40:b4:df:17:f1:85:77:c8:df:be:9c:0d:df:ca:
70:e9:c4:1f:37:32:dc:5e:f5:b8:92:89:7a:fb:f7:
f1:d4:e5:b6:44:d9:d6:d4:3c:a7:76:db:a5:b1:e4:
51:b9:a9:d2:fc:9c:30:2e:02:9e:98:20:83:4b:fa:
32:ff:02:ba:81:2c:42:55:62:1b:a3:b9:0a:ff:9d:
ca:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7E:65:43:C0:55:50:CA:33:C6:23:04:FF:10:CC:82:44:EF:02:8A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Yn5lQ8BVUMozxiME_xDMgkTvAoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:25:65:cc:14:d7:b5:fa:49:8e:ac:e5:41:df:e8:6f:b6:6f:
39:1c:ae:f7:e1:88:12:b9:5b:c6:ce:45:c3:64:2b:3b:b5:21:
51:21:e7:15:73:c3:d0:ee:63:a2:04:88:d5:2f:d6:b0:64:6f:
86:bd:0f:89:c8:31:35:60:b8:5e:88:53:f6:60:52:93:fe:e5:
15:1d:c4:dc:1b:9e:d7:ed:e7:63:33:07:c2:7f:af:51:f5:b2:
f3:d7:9f:cd:45:8f:3a:2e:4c:f9:2b:e9:82:0d:23:15:69:dc:
19:48:32:fe:3e:2c:74:8f:cc:02:7f:21:55:96:7e:d4:b4:77:
76:30:0e:1b:d6:63:b1:11:7c:e7:ae:fd:9c:f3:77:c0:bd:56:
bb:c5:59:3f:ef:80:0c:99:1c:fd:a1:72:29:8b:8d:ba:d9:50:
60:b4:05:12:9a:81:ae:39:72:8b:d4:27:90:42:3c:dd:d5:66:
67:22:8d:af:95:be:a6:06:0d:f9:19:da:4d:fb:b5:5b:fa:3c:
6a:ae:9b:20:91:57:ff:af:97:2b:9d:6e:b2:42:47:75:2b:91:
f0:28:96:26:f6:93:37:fc:a7:d1:cb:e7:95:7f:ff:4d:cd:61:
10:da:73:6c:ed:fc:dd:ea:0e:93:75:f1:5c:24:b3:b2:ca:38:
12:ea:c4:74
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYsq9dUbJYQzJYckJCIYzqD6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMDEzMjEzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdlNjU0M2MwNTU1MGNhMzNjNjIzMDRmZjEwY2M4MjQ0ZWYwMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb4OCByl+i30WqsVgPL0pl9x0YoS
pXwOaVW3GjRXeYUzgxiGhR8cPvb+O6NJNxVuWtQrdUr+lka5u5Jsv/rDVHr7Vl2N
hLM69DIs1HpSjUG1s+BlAk4D778hUxeUb/8zbMY33icaSeCFGXZACnnKMpuJrY8K
aLVQEEW8yjUyuPLv7TYDjDWLVySY16Gm3imioKQrAvXHr+QfjhpJzHrgs2GJst8B
frhquBykkB5/h+7ZnXSLQLTfF/GFd8jfvpwN38pw6cQfNzLcXvW4kol6+/fx1OW2
RNnW1DyndtulseRRuanS/JwwLgKemCCDS/oy/wK6gSxCVWIbo7kK/53KUQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGJ+ZUPAVVDKM8YjBP8QzIJE7wKKMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWW41bFE4QlZVTW96eGlNRV94RE1na1R2QW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5uI0D
BAS5uIADBAG5ufgDBAC5vlAwDQYJKoZIhvcNAQELBQADggEBAHolZcwU17X6SY6s
5UHf6G+2bzkcrvfhiBK5W8bORcNkKzu1IVEh5xVzw9DuY6IEiNUv1rBkb4a9D4nI
MTVguF6IU/ZgUpP+5RUdxNwbntft52MzB8J/r1H1svPXn81FjzouTPkr6YINIxVp
3BlIMv4+LHSPzAJ/IVWWftS0d3YwDhvWY7ERfOeu/Zzzd8C9VrvFWT/vgAyZHP2h
cimLjbrZUGC0BRKaga45covUJ5BCPN3VZmcija+VvqYGDfkZ2k37tVv6PGqumyCR
V/+vlyudbrJCR3UrkfAolib2kzf8p9HL55V//03NYRDac2zt/N3qDpN18Vwks7LK
OBLqxHQ=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org