Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/y3b4UpZ4x-SVnOVd4QM9ImZJknk.roa
File: y3b4UpZ4x-SVnOVd4QM9ImZJknk.roa (raw, json)
Hash identifier: OWPFnLOIMNkGgSOIVvZAbt6e+E9PCfWlB4rp1XduqR8=
Subject key identifier: CB:76:F8:52:96:78:C7:E4:95:9C:E5:5D:E1:03:3D:22:66:49:92:79
Certificate issuer: /CN=4b20d5c78c107bcf9c715453d21444f696e44b11
Certificate serial: 018571B0E0595F0132ED2E9A725EABD1D9B4
Authority key identifier: 4B:20:D5:C7:8C:10:7B:CF:9C:71:54:53:D2:14:44:F6:96:E4:4B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyDVx4wQe8-ccVRT0hRE9pbkSxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/y3b4UpZ4x-SVnOVd4QM9ImZJknk.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59767
IP address blocks: 185.19.64.0/22 maxlen: 22
2a04:1040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e0:59:5f:01:32:ed:2e:9a:72:5e:ab:d1:d9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b20d5c78c107bcf9c715453d21444f696e44b11
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb76f8529678c7e4959ce55de1033d2266499279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d7:5c:5d:2b:ca:62:f8:62:d7:42:2d:fb:1d:
c6:db:89:29:de:05:f0:c8:3d:2d:b2:a8:b6:0d:db:
4f:14:d5:6f:c3:f9:37:d6:4b:cf:06:99:97:c6:e1:
b2:10:13:94:1c:2d:4a:a1:af:8b:b4:55:43:97:f9:
7a:c9:f1:e1:08:2b:57:a5:28:41:03:dd:af:e2:5f:
59:d5:50:7b:ab:2b:a8:a8:74:a8:16:a2:9a:90:ef:
72:c7:fb:92:08:cb:6a:2f:27:d4:15:6c:b1:22:b4:
8b:1a:4d:3e:a9:d7:cf:f3:52:77:72:c8:95:1c:67:
6e:34:62:5c:3d:59:65:87:41:c6:1a:75:7e:32:14:
0d:9d:69:69:3f:75:6f:68:ba:af:03:ae:32:1d:8a:
35:ba:a1:30:23:14:0e:2c:42:7a:6b:f7:9c:85:26:
05:7d:fb:12:fa:27:6b:04:73:9c:f5:86:c2:c9:fc:
19:f7:58:36:fe:15:90:f0:27:76:5d:66:25:a4:a2:
2d:d8:97:2b:a9:5c:b5:f5:74:98:4c:27:b3:89:33:
1c:42:c2:d1:12:b4:5a:be:36:8f:33:33:17:b1:c2:
ec:d0:7a:dc:12:48:99:be:5a:f8:3a:4e:c9:50:a8:
e5:a4:8c:0f:31:28:1e:ff:1c:9f:42:8f:fb:db:a5:
58:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:76:F8:52:96:78:C7:E4:95:9C:E5:5D:E1:03:3D:22:66:49:92:79
X509v3 Authority Key Identifier:
keyid:4B:20:D5:C7:8C:10:7B:CF:9C:71:54:53:D2:14:44:F6:96:E4:4B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyDVx4wQe8-ccVRT0hRE9pbkSxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/y3b4UpZ4x-SVnOVd4QM9ImZJknk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1e48b6-7fb0-4a12-b3e7-4b9a6058b423/1/SyDVx4wQe8-ccVRT0hRE9pbkSxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.64.0/22
IPv6:
2a04:1040::/29
Signature Algorithm: sha256WithRSAEncryption
19:0a:f7:aa:2c:d3:2e:6f:81:52:c7:8b:57:70:8e:44:dc:f9:
b4:b5:4c:a8:e1:d6:ca:28:c8:ac:23:5e:5a:67:63:50:1f:57:
bf:ec:e7:b7:39:23:a1:10:28:fd:5a:cd:ba:f9:48:0b:9f:34:
a3:d7:24:38:7e:5e:e4:68:2c:ba:90:2a:0b:15:38:fc:70:d9:
d4:92:e2:6c:a6:da:4b:69:ad:f7:2c:92:f8:ef:42:79:16:22:
4b:a4:76:6f:43:f4:b1:6d:f7:5a:45:27:b6:ef:1f:27:d8:ab:
e4:e6:9a:db:77:5c:fc:5c:2b:45:b5:45:8a:60:62:0f:84:8e:
c3:25:20:6a:3e:a4:16:40:d9:a9:0f:71:f7:42:40:b4:5d:20:
a8:8d:a9:86:8d:cc:bb:ef:1e:72:34:26:33:00:05:3d:9d:67:
e3:26:ed:29:c7:70:eb:b0:a5:9a:4c:80:eb:f4:88:40:c9:9f:
1a:d3:84:82:d8:ee:9d:77:b7:92:6a:ea:35:8e:73:02:97:32:
b0:78:21:a8:b7:ae:e3:24:11:47:47:ea:64:22:7d:f9:c3:23:
fe:69:d9:ed:19:6b:26:02:38:c5:0d:d4:33:17:49:af:a5:ea:
25:4a:93:92:a8:a8:9f:23:ff:0a:89:ec:c6:2b:14:a2:54:63:
5e:e3:0d:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsOBZXwEy7S6acl6r0dm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjBkNWM3OGMxMDdiY2Y5YzcxNTQ1M2QyMTQ0NGY2OTZl
NDRiMTEwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc2Zjg1Mjk2NzhjN2U0OTU5Y2U1NWRlMTAzM2QyMjY2NDk5Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49dcXSvKYvhi10It+x3G24kp3gXw
yD0tsqi2DdtPFNVvw/k31kvPBpmXxuGyEBOUHC1Koa+LtFVDl/l6yfHhCCtXpShB
A92v4l9Z1VB7qyuoqHSoFqKakO9yx/uSCMtqLyfUFWyxIrSLGk0+qdfP81J3csiV
HGduNGJcPVllh0HGGnV+MhQNnWlpP3VvaLqvA64yHYo1uqEwIxQOLEJ6a/echSYF
ffsS+idrBHOc9YbCyfwZ91g2/hWQ8Cd2XWYlpKIt2JcrqVy19XSYTCeziTMcQsLR
ErRavjaPMzMXscLs0HrcEkiZvlr4Ok7JUKjlpIwPMSge/xyfQo/726VYnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMt2+FKWeMfklZzlXeEDPSJmSZJ5MB8GA1UdIwQY
MBaAFEsg1ceMEHvPnHFUU9IURPaW5EsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lEVng0d1FlOC1jY1ZSVDBoUkU5cGJrU3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZTQ4YjYtN2ZiMC00YTEyLWIzZTct
NGI5YTYwNThiNDIzLzEveTNiNFVwWjR4LVNWbk9WZDRRTTlJbVpKa25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZTQ4YjYtN2ZiMC00YTEyLWIzZTctNGI5YTYwNThiNDIz
LzEvU3lEVng0d1FlOC1jY1ZSVDBoUkU5cGJrU3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRNAMA0E
AgACMAcDBQMqBBBAMA0GCSqGSIb3DQEBCwUAA4IBAQAZCveqLNMub4FSx4tXcI5E
3Pm0tUyo4dbKKMisI15aZ2NQH1e/7Oe3OSOhECj9Ws26+UgLnzSj1yQ4fl7kaCy6
kCoLFTj8cNnUkuJsptpLaa33LJL470J5FiJLpHZvQ/SxbfdaRSe27x8n2Kvk5prb
d1z8XCtFtUWKYGIPhI7DJSBqPqQWQNmpD3H3QkC0XSCojamGjcy77x5yNCYzAAU9
nWfjJu0px3DrsKWaTIDr9IhAyZ8a04SC2O6dd7eSauo1jnMClzKweCGot67jJBFH
R+pkIn35wyP+adntGWsmAjjFDdQzF0mvpeolSpOSqKifI/8KiezGKxSiVGNe4w3u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org