Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yfLWb77dZNv6lroLrNIC1n_4dLY.roa
File: yfLWb77dZNv6lroLrNIC1n_4dLY.roa (raw, json)
Hash identifier: 74NKQrzgtPfZPTL2HFwMqZ6H3/yrwE5KjNSQbcrkKQY=
Subject key identifier: C9:F2:D6:6F:BE:DD:64:DB:FA:96:BA:0B:AC:D2:02:D6:7F:F8:74:B6
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53FC03580EC755E96DD88C706AD14F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yfLWb77dZNv6lroLrNIC1n_4dLY.roa
Signing time: Sun 01 Jan 2023 07:55:21 +0000
ROA not before: Sun 01 Jan 2023 07:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55081
IP address blocks: 185.114.226.0/24 maxlen: 32
87.239.51.0/24 maxlen: 32
185.166.236.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:fc:03:58:0e:c7:55:e9:6d:d8:8c:70:6a:d1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f2d66fbedd64dbfa96ba0bacd202d67ff874b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:02:10:03:7f:56:69:44:60:8c:c9:ee:3f:
84:3f:51:b3:8b:68:c5:5e:9f:f3:82:e6:d4:cf:12:
c8:5f:43:8b:9f:3f:fc:50:27:33:e2:ca:cd:4f:5a:
14:7a:f9:bb:18:75:75:12:75:f4:dc:3c:a2:3f:6a:
b1:dd:61:02:46:a5:56:ce:9d:cd:04:3e:3f:53:9f:
93:6b:cc:2f:98:a9:ab:a1:46:b7:ce:67:76:3b:0d:
fc:a9:33:ae:5e:14:35:53:72:2b:25:55:10:ac:4e:
a2:b8:9a:3b:99:52:d3:0d:6f:0c:92:b1:bf:a1:0a:
3d:30:5e:71:29:18:27:96:65:7e:23:cb:64:43:dc:
38:0d:16:bf:a5:38:cb:a8:2e:36:c2:e7:da:a0:df:
19:35:ba:b1:31:04:19:70:7e:bc:32:90:da:e3:9a:
37:26:bc:e7:19:fa:49:bf:da:b8:8b:03:b4:fd:04:
71:78:c6:a9:03:db:a9:ce:3c:2d:c3:d2:13:18:c6:
12:e6:9d:29:05:b9:11:47:ef:80:63:16:0c:e0:55:
50:31:ef:8b:6c:d9:68:59:99:d1:b6:de:c9:17:6b:
04:51:b6:1b:8f:a7:f9:0d:35:6a:d4:3c:6b:c7:9e:
dd:bd:43:5a:99:9e:b7:88:84:0c:1d:d8:69:2a:08:
9e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F2:D6:6F:BE:DD:64:DB:FA:96:BA:0B:AC:D2:02:D6:7F:F8:74:B6
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yfLWb77dZNv6lroLrNIC1n_4dLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.51.0/24
185.114.226.0/24
185.166.236.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e2:c8:14:43:94:96:cf:43:67:12:3d:95:2e:31:b0:c6:89:
8c:ab:22:28:b2:62:91:a5:8b:1a:f5:44:ab:fb:d3:4b:12:72:
2c:63:b1:06:a4:b4:46:f8:42:7d:a1:c3:f4:d4:4d:48:08:2c:
a3:c0:53:80:fc:6a:2a:fb:da:56:12:38:62:53:04:79:07:bf:
ce:bb:a0:cc:3e:ea:80:3b:01:9a:91:52:73:4b:21:e0:e4:51:
18:92:51:17:6c:85:cb:79:43:3c:a4:36:e5:f4:a2:4e:00:a6:
c6:3b:86:24:52:e9:f6:82:c3:51:62:97:db:4a:69:89:48:27:
28:dc:da:33:13:6d:10:ea:59:ae:43:a7:3d:4d:57:78:6b:23:
5d:36:5c:b0:9d:3e:28:cd:3c:48:6b:77:04:3d:e5:ba:60:22:
48:22:e7:5f:ff:d6:ab:60:21:b2:c4:8b:e0:a3:27:be:d9:73:
44:56:fb:4d:d6:f8:af:f7:d5:ca:f2:43:c1:28:cf:1d:90:19:
26:c2:ae:0d:d0:42:3e:9f:54:e7:58:ee:05:55:13:19:21:40:
f3:f8:b2:30:c4:40:16:64:09:ba:6d:81:a3:f7:f7:e7:49:83:
85:d7:14:68:60:61:8f:76:47:bf:dd:c9:40:35:41:b4:80:24:
bf:9c:6a:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsU/wDWA7HVelt2IxwatFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYyZDY2ZmJlZGQ2NGRiZmE5NmJhMGJhY2QyMDJkNjdmZjg3NGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBECEAN/VmlEYIzJ7j+EP1Gzi2jF
Xp/zgubUzxLIX0OLnz/8UCcz4srNT1oUevm7GHV1EnX03DyiP2qx3WECRqVWzp3N
BD4/U5+Ta8wvmKmroUa3zmd2Ow38qTOuXhQ1U3IrJVUQrE6iuJo7mVLTDW8MkrG/
oQo9MF5xKRgnlmV+I8tkQ9w4DRa/pTjLqC42wufaoN8ZNbqxMQQZcH68MpDa45o3
JrznGfpJv9q4iwO0/QRxeMapA9upzjwtw9ITGMYS5p0pBbkRR++AYxYM4FVQMe+L
bNloWZnRtt7JF2sEUbYbj6f5DTVq1Dxrx57dvUNamZ63iIQMHdhpKgiecwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMny1m++3WTb+pa6C6zSAtZ/+HS2MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveWZMV2I3N2RaTnY2bHJvTHJOSUMxbl80ZExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+8zAwQA
uXLiAwQAuabsMA0GCSqGSIb3DQEBCwUAA4IBAQBM4sgUQ5SWz0NnEj2VLjGwxomM
qyIosmKRpYsa9USr+9NLEnIsY7EGpLRG+EJ9ocP01E1ICCyjwFOA/Goq+9pWEjhi
UwR5B7/Ou6DMPuqAOwGakVJzSyHg5FEYklEXbIXLeUM8pDbl9KJOAKbGO4YkUun2
gsNRYpfbSmmJSCco3NozE20Q6lmuQ6c9TVd4ayNdNlywnT4ozTxIa3cEPeW6YCJI
Iudf/9arYCGyxIvgoye+2XNEVvtN1viv99XK8kPBKM8dkBkmwq4N0EI+n1TnWO4F
VRMZIUDz+LIwxEAWZAm6bYGj9/fnSYOF1xRoYGGPdke/3clANUG0gCS/nGro
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org