Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa
File: YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa (raw, json)
Hash identifier: smQzpowpTkqI/MMnfeeJXFl0HaxkPjTffxGL/oVO2qs=
Subject key identifier: 61:DB:D1:8D:DF:1C:51:11:23:40:AD:29:13:A2:70:16:37:13:B9:44
Certificate issuer: /CN=b780b3b9e096221629fe47e102ac522da03979c4
Certificate serial: 01856D3870FABD3E91FA5A8906E95956A96E
Authority key identifier: B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa
Signing time: Sun 01 Jan 2023 12:04:53 +0000
ROA not before: Sun 01 Jan 2023 12:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205617
IP address blocks: 37.208.112.0/21 maxlen: 21
185.150.208.0/22 maxlen: 22
2a00:c7c0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:70:fa:bd:3e:91:fa:5a:89:06:e9:59:56:a9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b780b3b9e096221629fe47e102ac522da03979c4
Validity
Not Before: Jan 1 12:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61dbd18ddf1c51112340ad2913a270163713b944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:8a:1d:68:cb:be:eb:97:ee:dd:f9:9b:fc:
8a:3d:ed:c4:d9:6d:79:4a:1e:8e:a6:4e:2f:d0:9d:
75:be:75:30:fa:be:7b:58:05:28:a4:40:a3:0e:fc:
ed:a3:d1:13:77:0f:be:e4:e6:12:90:bd:7c:27:4f:
2d:24:fe:b0:09:57:6b:15:fb:87:1c:05:d6:53:ac:
59:de:e0:65:c8:5e:0d:d9:9b:41:7a:9f:69:bf:e9:
15:54:11:05:4f:cf:79:0f:cd:c0:7a:ea:45:a1:db:
a0:34:91:95:04:aa:bc:21:7d:39:84:88:74:ce:d0:
fe:0d:19:f1:b7:fb:45:7e:64:c2:ad:bb:6d:50:80:
0a:f2:15:3e:6a:b3:c1:78:31:64:28:af:5e:70:ef:
f7:cf:ce:e4:7e:1d:eb:df:37:d5:c0:8b:9a:4e:b7:
26:2a:56:68:2b:c3:e6:a7:f3:66:58:3b:82:fc:60:
1d:88:31:db:45:3f:1a:9d:84:f2:3f:7e:50:b8:b4:
65:57:57:78:06:63:e1:e7:02:56:77:7e:49:a4:5e:
27:57:89:5f:3d:fa:2d:dd:ea:b3:6f:58:16:51:71:
67:90:5e:3f:bd:99:fe:7a:36:13:7d:51:5f:5f:2c:
e4:fd:d6:11:0a:87:79:59:2a:2e:0f:d2:5d:84:54:
1a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DB:D1:8D:DF:1C:51:11:23:40:AD:29:13:A2:70:16:37:13:B9:44
X509v3 Authority Key Identifier:
keyid:B7:80:B3:B9:E0:96:22:16:29:FE:47:E1:02:AC:52:2D:A0:39:79:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4CzueCWIhYp_kfhAqxSLaA5ecQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/YdvRjd8cUREjQK0pE6JwFjcTuUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1f3117-f2a1-4322-b63d-f7edb2688652/1/t4CzueCWIhYp_kfhAqxSLaA5ecQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.112.0/21
185.150.208.0/22
IPv6:
2a00:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
58:6d:67:93:d8:7e:ae:4a:30:e0:31:e0:04:7f:2a:ff:68:18:
30:97:02:c3:fc:a3:eb:89:6e:40:ee:1d:32:11:57:ba:5a:84:
8b:f7:0e:f7:55:8a:58:0f:80:c2:78:06:ff:0d:c9:c1:7a:9a:
44:66:91:fd:5e:96:74:70:82:d7:c7:dd:f9:79:03:b2:2a:86:
ff:26:41:d9:45:a8:4d:1c:f5:40:1d:4c:f9:4a:b0:34:f8:97:
65:52:90:89:06:78:f1:98:69:fd:26:52:07:6f:f8:fa:a0:01:
f4:c3:db:03:ed:47:05:93:33:61:e2:be:db:63:49:84:7d:c6:
ed:65:6c:3c:57:c2:84:91:33:e1:af:4a:69:a2:91:a7:7b:c4:
8d:64:1b:55:74:73:a9:e7:81:11:24:c5:fc:f9:a5:75:51:a0:
89:78:39:ad:9a:50:4b:fa:3f:93:b2:65:35:14:6e:51:7a:10:
80:e4:95:01:c1:aa:94:00:50:3f:b0:46:2b:6c:23:3e:98:b0:
3e:ad:b4:66:a4:b9:7d:35:81:8f:4f:de:df:b8:4a:f1:c4:a0:
12:95:bb:4c:95:06:62:de:7c:0d:e9:2c:f9:52:97:87:94:51:
4c:43:ce:f5:34:f4:97:6a:6a:c1:31:76:ad:b6:4c:d6:7b:af:
a3:9a:33:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtOHD6vT6R+lqJBulZVqluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODBiM2I5ZTA5NjIyMTYyOWZlNDdlMTAyYWM1MjJkYTAz
OTc5YzQwHhcNMjMwMTAxMTIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRiZDE4ZGRmMWM1MTExMjM0MGFkMjkxM2EyNzAxNjM3MTNiOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzGKHWjLvuuX7t35m/yKPe3E2W15
Sh6Opk4v0J11vnUw+r57WAUopECjDvzto9ETdw++5OYSkL18J08tJP6wCVdrFfuH
HAXWU6xZ3uBlyF4N2ZtBep9pv+kVVBEFT895D83AeupFodugNJGVBKq8IX05hIh0
ztD+DRnxt/tFfmTCrbttUIAK8hU+arPBeDFkKK9ecO/3z87kfh3r3zfVwIuaTrcm
KlZoK8Pmp/NmWDuC/GAdiDHbRT8anYTyP35QuLRlV1d4BmPh5wJWd35JpF4nV4lf
Pfot3eqzb1gWUXFnkF4/vZn+ejYTfVFfXyzk/dYRCod5WSouD9JdhFQaEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGHb0Y3fHFERI0CtKROicBY3E7lEMB8GA1UdIwQY
MBaAFLeAs7ngliIWKf5H4QKsUi2gOXnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2Qt
ZjdlZGIyNjg4NjUyLzEvWWR2UmpkOGNVUkVqUUswcEU2SndGamNUdVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xZjMxMTctZjJhMS00MzIyLWI2M2QtZjdlZGIyNjg4NjUy
LzEvdDRDenVlQ1dJaFlwX2tmaEFxeFNMYUE1ZWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJdBwAwQC
uZbQMA0EAgACMAcDBQMqAMfAMA0GCSqGSIb3DQEBCwUAA4IBAQBYbWeT2H6uSjDg
MeAEfyr/aBgwlwLD/KPriW5A7h0yEVe6WoSL9w73VYpYD4DCeAb/DcnBeppEZpH9
XpZ0cILXx935eQOyKob/JkHZRahNHPVAHUz5SrA0+JdlUpCJBnjxmGn9JlIHb/j6
oAH0w9sD7UcFkzNh4r7bY0mEfcbtZWw8V8KEkTPhr0ppopGne8SNZBtVdHOp54ER
JMX8+aV1UaCJeDmtmlBL+j+TsmU1FG5RehCA5JUBwaqUAFA/sEYrbCM+mLA+rbRm
pLl9NYGPT97fuErxxKASlbtMlQZi3nwN6Sz5UpeHlFFMQ871NPSXamrBMXattkzW
e6+jmjMJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:32 2024 by rpki-client on console-fra.rpki-client.org