Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/yjOU9pGs3mQIHp1SmsqpnxxwKdE.roa
File: yjOU9pGs3mQIHp1SmsqpnxxwKdE.roa (raw, json)
Hash identifier: yFXQWPElSAj5D/7zc4YmCNNk5VzcViMw0C9I7xgtVz4=
Subject key identifier: CA:33:94:F6:91:AC:DE:64:08:1E:9D:52:9A:CA:A9:9F:1C:70:29:D1
Certificate issuer: /CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Certificate serial: 01856F1DA90224DB04190ED7E461B51CAAF6
Authority key identifier: 18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/yjOU9pGs3mQIHp1SmsqpnxxwKdE.roa
Signing time: Sun 01 Jan 2023 20:54:52 +0000
ROA not before: Sun 01 Jan 2023 20:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.208.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:a9:02:24:db:04:19:0e:d7:e4:61:b5:1c:aa:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Validity
Not Before: Jan 1 20:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca3394f691acde64081e9d529acaa99f1c7029d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:27:32:dd:f2:36:4c:fb:d5:a4:18:12:78:06:
ea:67:48:45:68:a8:ff:5a:cf:27:b8:ac:06:d5:a2:
4c:c7:32:94:43:80:79:7a:62:fe:3d:3d:69:97:b4:
a3:54:e6:fe:83:56:3b:2e:a3:f1:e3:30:6c:8d:56:
06:9b:ac:7d:c9:5c:0c:95:9e:ba:c2:99:45:2c:13:
61:7e:98:a4:4b:36:9c:81:3c:d3:7c:51:df:25:f4:
4f:35:c1:71:50:52:e8:c2:a6:e9:d5:4e:de:24:fe:
07:70:bb:31:5e:ca:58:a0:4c:ff:f9:f2:1b:7b:86:
21:2e:39:68:65:10:5d:24:fe:51:12:ac:ef:83:b4:
77:87:a0:ac:b1:4e:1c:3c:c5:25:eb:7e:37:0a:3b:
d1:5f:4b:9f:80:2e:fc:cd:9d:12:54:3d:71:d5:3f:
fb:8c:e6:64:98:d2:4b:c8:de:34:fa:9d:da:8b:75:
23:01:b5:5c:a4:32:88:49:3a:b5:37:62:7d:ec:33:
77:b7:1d:f6:ff:d9:b5:23:9e:6d:d4:46:06:0c:89:
6b:34:a9:d5:40:e3:c1:2d:80:97:ad:ff:60:bb:cf:
ad:bb:01:4f:f8:63:90:4d:1f:79:71:62:84:ca:56:
e7:57:d5:87:03:a6:9a:7b:cd:f6:11:5b:0a:50:93:
69:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:33:94:F6:91:AC:DE:64:08:1E:9D:52:9A:CA:A9:9F:1C:70:29:D1
X509v3 Authority Key Identifier:
keyid:18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/yjOU9pGs3mQIHp1SmsqpnxxwKdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/GKhKjkdfZgbnoS-SszDWPY-IC-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.9.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9d:88:6d:7e:f9:e7:b7:24:5d:51:3d:24:ce:bc:4b:06:a1:
61:4b:2c:25:c5:35:54:a2:90:82:2e:b3:17:f7:4f:6d:2d:b7:
b6:29:e3:3c:6a:3a:3a:96:39:3a:6b:d0:7d:16:ef:00:39:ad:
16:fe:9e:62:82:f8:da:d2:30:6f:0a:f6:c2:05:69:66:45:79:
ca:e8:f0:8f:b9:aa:e8:67:b2:67:2e:37:f5:3e:d5:14:63:ea:
a4:76:cf:89:9b:d1:6b:ed:0e:24:b3:63:16:7c:49:08:59:9b:
36:2d:2e:cd:75:62:15:b7:c8:78:e3:35:a1:7a:c3:41:eb:80:
3a:d3:e6:3e:10:ba:52:86:90:9e:11:2c:5f:c4:f2:4a:63:65:
77:27:21:d9:fd:69:47:23:48:10:c0:07:cf:bc:68:84:19:4c:
9d:54:cd:ba:60:ec:46:6d:54:d2:40:bf:f6:a3:68:2c:72:7a:
ba:c9:fa:18:dd:e2:67:6d:cf:34:54:01:67:e7:11:bb:0f:c7:
6b:90:ea:c5:bd:42:fd:b8:bc:7c:b3:ea:c7:b5:46:5a:77:85:
e0:80:2c:ee:ca:c2:71:52:35:35:88:e6:aa:ff:a9:bb:c4:86:
68:64:02:3a:d1:10:b5:be:52:b9:58:7d:2a:2f:88:84:2d:d2:
fc:ce:85:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHakCJNsEGQ7X5GG1HKr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YTg0YThlNDc1ZjY2MDZlN2ExMmY5MmIzMzBkNjNkOGY4
ODBiZTAwHhcNMjMwMTAxMjA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMzOTRmNjkxYWNkZTY0MDgxZTlkNTI5YWNhYTk5ZjFjNzAyOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyycy3fI2TPvVpBgSeAbqZ0hFaKj/
Ws8nuKwG1aJMxzKUQ4B5emL+PT1pl7SjVOb+g1Y7LqPx4zBsjVYGm6x9yVwMlZ66
wplFLBNhfpikSzacgTzTfFHfJfRPNcFxUFLowqbp1U7eJP4HcLsxXspYoEz/+fIb
e4YhLjloZRBdJP5REqzvg7R3h6CssU4cPMUl6343CjvRX0ufgC78zZ0SVD1x1T/7
jOZkmNJLyN40+p3ai3UjAbVcpDKISTq1N2J97DN3tx32/9m1I55t1EYGDIlrNKnV
QOPBLYCXrf9gu8+tuwFP+GOQTR95cWKEylbnV9WHA6aae832EVsKUJNppwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMozlPaRrN5kCB6dUprKqZ8ccCnRMB8GA1UdIwQY
MBaAFBioSo5HX2YG56EvkrMw1j2PiAvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEt
ODdmNWI2NDc5ZDFlLzEveWpPVTlwR3MzbVFJSHAxU21zcXBueHh3S2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEtODdmNWI2NDc5ZDFl
LzEvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudAJMA0G
CSqGSIb3DQEBCwUAA4IBAQBNnYhtfvnntyRdUT0kzrxLBqFhSywlxTVUopCCLrMX
909tLbe2KeM8ajo6ljk6a9B9Fu8AOa0W/p5igvja0jBvCvbCBWlmRXnK6PCPuaro
Z7JnLjf1PtUUY+qkds+Jm9Fr7Q4ks2MWfEkIWZs2LS7NdWIVt8h44zWhesNB64A6
0+Y+ELpShpCeESxfxPJKY2V3JyHZ/WlHI0gQwAfPvGiEGUydVM26YOxGbVTSQL/2
o2gscnq6yfoY3eJnbc80VAFn5xG7D8drkOrFvUL9uLx8s+rHtUZad4XggCzuysJx
UjU1iOaq/6m7xIZoZAI60RC1vlK5WH0qL4iELdL8zoVX
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:46 2024 by rpki-client on console-fra.rpki-client.org