Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/9YybZ4BhKXRCePqqI5N_jMmxccM.roa
File: 9YybZ4BhKXRCePqqI5N_jMmxccM.roa (raw, json)
Hash identifier: 0ynCtfyJOTpJQEWxbCtcOMelq9AHJYgetM8ndmdqonE=
Subject key identifier: F5:8C:9B:67:80:61:29:74:42:78:FA:AA:23:93:7F:8C:C9:B1:71:C3
Certificate issuer: /CN=c42287c68458f980ca9b7c36d61f6af586464b28
Certificate serial: 01856F022A37304269356FE935B738888FC0
Authority key identifier: C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/9YybZ4BhKXRCePqqI5N_jMmxccM.roa
Signing time: Sun 01 Jan 2023 20:24:50 +0000
ROA not before: Sun 01 Jan 2023 20:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59414
IP address blocks: 185.72.20.0/23 maxlen: 24
185.72.22.0/23 maxlen: 24
2a05:3d80::/32 maxlen: 48
2a05:3d81::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2a:37:30:42:69:35:6f:e9:35:b7:38:88:8f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42287c68458f980ca9b7c36d61f6af586464b28
Validity
Not Before: Jan 1 20:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f58c9b67806129744278faaa23937f8cc9b171c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:eb:0b:b4:6b:1e:5d:2b:50:8b:49:40:1c:
48:36:3f:46:3a:8b:07:90:cd:34:cd:17:c4:4f:26:
26:09:1d:10:81:ad:fd:bc:a9:0a:25:d4:51:11:18:
3f:86:f8:72:c7:f1:56:cd:4a:03:7d:dc:e8:65:04:
bf:8e:99:94:f4:29:96:58:0b:aa:b6:a8:85:7c:48:
8d:06:95:3a:8a:2d:5a:1a:93:09:52:64:50:1f:8d:
81:c7:56:75:90:34:15:2d:e7:b7:51:08:0c:e1:99:
35:aa:b5:fb:3d:49:38:68:e6:72:0c:3a:39:f0:7c:
f8:c1:23:a6:13:6b:4d:11:8a:5c:78:a8:66:43:11:
86:7d:7d:65:9b:bc:57:61:d3:f5:f9:f2:96:07:14:
20:ac:5f:d2:ba:13:39:c4:da:49:78:e9:d1:3d:b1:
24:4d:eb:25:04:3e:ff:e5:09:47:c4:a3:26:f0:ca:
90:b3:ed:01:dd:9c:e3:44:37:0e:c9:5a:78:c1:75:
b3:33:12:20:e9:47:d2:eb:d5:25:cd:bf:0b:d5:ab:
e4:ba:c0:8c:e1:20:b4:fb:1c:fb:78:42:7e:08:cc:
c0:15:9c:87:82:6f:81:9c:1a:bc:35:c3:81:dd:dc:
3c:04:0b:8d:37:47:98:b1:1c:c7:67:2f:6b:92:59:
ee:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:8C:9B:67:80:61:29:74:42:78:FA:AA:23:93:7F:8C:C9:B1:71:C3
X509v3 Authority Key Identifier:
keyid:C4:22:87:C6:84:58:F9:80:CA:9B:7C:36:D6:1F:6A:F5:86:46:4B:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCKHxoRY-YDKm3w21h9q9YZGSyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/9YybZ4BhKXRCePqqI5N_jMmxccM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/45f3bc-93c8-4bb9-8d4c-b12d7f892f5b/1/xCKHxoRY-YDKm3w21h9q9YZGSyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.20.0/22
IPv6:
2a05:3d80::/31
Signature Algorithm: sha256WithRSAEncryption
99:58:68:df:de:a3:5e:e7:f7:c7:41:d4:a8:4d:fc:86:5f:5c:
6a:a5:4f:dd:cf:7a:40:a4:6f:d9:ae:ba:5c:78:91:88:a4:03:
83:8f:f1:07:39:8b:3e:a1:7a:c5:fd:e4:8a:d8:b2:d9:5e:82:
c5:87:c2:04:49:f4:12:8b:3d:3a:6a:f5:f7:38:91:fc:68:e3:
67:f1:08:36:fa:3d:2c:6f:75:68:19:e1:6e:d8:98:ed:1e:8c:
3d:56:ac:f2:52:9d:6c:ae:85:98:9c:95:ac:b1:6f:53:68:de:
82:8f:8b:cf:5a:c8:c5:fc:fc:ea:4b:8b:a3:5d:24:21:5d:23:
b3:0e:17:b2:7b:f7:b6:db:88:c9:7e:51:ee:46:e5:9e:10:93:
12:b1:71:58:b8:e9:cb:d5:33:e7:90:70:4d:8d:bb:08:aa:9c:
27:78:75:1a:e7:17:46:1b:ff:a6:76:cf:b8:53:19:11:be:94:
40:63:c0:89:e5:4d:28:e8:41:dc:99:f6:e3:6f:4e:91:ae:7a:
48:e3:0d:fe:85:c7:7c:71:11:c4:e9:95:2a:76:3c:42:b4:9c:
46:9d:f8:41:ee:76:92:bd:c9:19:7f:b3:41:db:7b:ac:97:b6:
dd:bf:df:18:3a:47:8c:c8:24:6a:85:48:65:9f:47:bb:7b:ca:
46:11:14:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAio3MEJpNW/pNbc4iI/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjI4N2M2ODQ1OGY5ODBjYTliN2MzNmQ2MWY2YWY1ODY0
NjRiMjgwHhcNMjMwMTAxMjAyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNThjOWI2NzgwNjEyOTc0NDI3OGZhYWEyMzkzN2Y4Y2M5YjE3MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeHrC7RrHl0rUItJQBxINj9GOosH
kM00zRfETyYmCR0Qga39vKkKJdRRERg/hvhyx/FWzUoDfdzoZQS/jpmU9CmWWAuq
tqiFfEiNBpU6ii1aGpMJUmRQH42Bx1Z1kDQVLee3UQgM4Zk1qrX7PUk4aOZyDDo5
8Hz4wSOmE2tNEYpceKhmQxGGfX1lm7xXYdP1+fKWBxQgrF/SuhM5xNpJeOnRPbEk
TeslBD7/5QlHxKMm8MqQs+0B3ZzjRDcOyVp4wXWzMxIg6UfS69Ulzb8L1avkusCM
4SC0+xz7eEJ+CMzAFZyHgm+BnBq8NcOB3dw8BAuNN0eYsRzHZy9rklnuyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPWMm2eAYSl0Qnj6qiOTf4zJsXHDMB8GA1UdIwQY
MBaAFMQih8aEWPmAypt8NtYfavWGRksoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMt
YjEyZDdmODkyZjViLzEvOVl5Ylo0QmhLWFJDZVBxcUk1Tl9qTW14Y2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NWYzYmMtOTNjOC00YmI5LThkNGMtYjEyZDdmODkyZjVi
LzEveENLSHhvUlktWURLbTN3MjFoOXE5WVpHU3lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUgUMA0E
AgACMAcDBQEqBT2AMA0GCSqGSIb3DQEBCwUAA4IBAQCZWGjf3qNe5/fHQdSoTfyG
X1xqpU/dz3pApG/ZrrpceJGIpAODj/EHOYs+oXrF/eSK2LLZXoLFh8IESfQSiz06
avX3OJH8aONn8Qg2+j0sb3VoGeFu2JjtHow9VqzyUp1sroWYnJWssW9TaN6Cj4vP
WsjF/PzqS4ujXSQhXSOzDheye/e224jJflHuRuWeEJMSsXFYuOnL1TPnkHBNjbsI
qpwneHUa5xdGG/+mds+4UxkRvpRAY8CJ5U0o6EHcmfbjb06RrnpI4w3+hcd8cRHE
6ZUqdjxCtJxGnfhB7naSvckZf7NB23usl7bdv98YOkeMyCRqhUhln0e7e8pGERS8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:08 2024 by rpki-client on console-fra.rpki-client.org