Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/YL80qXmfvK_GW32cd0P2q419jTc.roa
File: YL80qXmfvK_GW32cd0P2q419jTc.roa (raw, json)
Hash identifier: ZTGhqHu/lBYtOeWO10A3LPwR7CN9WCsWNabvdhIRnhU=
Subject key identifier: 60:BF:34:A9:79:9F:BC:AF:C6:5B:7D:9C:77:43:F6:AB:8D:7D:8D:37
Certificate issuer: /CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Certificate serial: 0185727A27FF0C81235A2B0798F41294EA48
Authority key identifier: 31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/YL80qXmfvK_GW32cd0P2q419jTc.roa
Signing time: Mon 02 Jan 2023 12:34:46 +0000
ROA not before: Mon 02 Jan 2023 12:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198285
IP address blocks: 158.255.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:27:ff:0c:81:23:5a:2b:07:98:f4:12:94:ea:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31828c99d35cb92e2d53daf128e497e841b63ab0
Validity
Not Before: Jan 2 12:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60bf34a9799fbcafc65b7d9c7743f6ab8d7d8d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ca:59:18:f6:10:bc:ab:bd:d0:e8:0c:0c:5f:
95:e0:3f:82:b7:10:46:5b:dd:fe:10:32:f9:9d:79:
eb:d7:23:ba:c9:be:86:00:76:ec:94:86:35:f3:c2:
f9:22:b7:35:64:93:0b:ba:07:e5:db:d2:47:bd:b4:
1a:5a:d7:83:12:58:fb:93:bb:1d:23:65:82:fd:c7:
28:2f:1f:4c:3a:b7:0a:1a:44:92:40:0c:17:0c:28:
4f:b4:fd:af:36:c0:87:be:e9:56:3f:0b:4d:ef:13:
f4:12:9e:52:c1:82:48:c1:60:59:ab:4a:d6:e0:59:
4e:ea:fc:cb:b3:56:33:19:89:eb:39:3b:68:d5:72:
29:4f:6d:ac:b4:fc:8d:2e:d1:54:a0:fc:8e:a6:7c:
fd:f9:de:97:e9:da:d3:67:da:ae:ce:87:ea:71:0e:
62:da:88:17:d6:63:f4:30:de:55:bd:1e:86:97:42:
74:b3:c5:3d:e1:05:23:87:e8:aa:9f:94:11:a0:fc:
74:18:8f:3c:5e:62:eb:28:58:ca:44:bb:ec:07:17:
36:0a:ed:be:50:ba:3e:1c:48:38:f1:c7:a6:16:94:
59:9f:74:ed:ea:96:9c:97:74:3d:72:fa:1c:b4:59:
45:2a:47:c5:bd:fb:d5:cf:71:00:93:74:b6:4e:85:
f2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BF:34:A9:79:9F:BC:AF:C6:5B:7D:9C:77:43:F6:AB:8D:7D:8D:37
X509v3 Authority Key Identifier:
keyid:31:82:8C:99:D3:5C:B9:2E:2D:53:DA:F1:28:E4:97:E8:41:B6:3A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYKMmdNcuS4tU9rxKOSX6EG2OrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/YL80qXmfvK_GW32cd0P2q419jTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6cba1a-5f4d-4308-bf46-eb37a85a82c5/1/MYKMmdNcuS4tU9rxKOSX6EG2OrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.56.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a3:af:48:1f:a7:14:b4:a7:9f:51:7f:92:83:57:fd:91:e1:
41:fb:10:3e:d6:f0:9d:8d:4d:0a:d7:6d:c6:28:a9:6a:7b:28:
b1:e0:7d:64:b9:25:e5:b7:0e:97:09:0e:01:eb:a5:87:2b:2e:
7f:2c:b5:a5:d9:ac:b8:33:a2:88:07:e1:e0:a1:7e:eb:04:77:
b5:eb:da:3f:e0:df:03:7b:1a:6b:01:51:b1:4d:ec:35:02:ec:
e1:a6:18:12:99:98:f2:aa:ba:e9:3e:f1:d4:d8:94:4d:3c:0b:
e3:85:a6:09:86:e7:f4:49:45:5b:de:47:6a:b1:b7:08:9f:71:
ab:ed:e1:39:94:92:35:64:8a:6b:d2:2c:e5:97:e0:14:5c:bf:
f7:3c:a5:9b:fc:fb:63:80:e3:15:1d:16:70:a2:d1:16:f4:25:
2a:9d:3a:17:29:03:fc:d5:32:7d:fb:26:77:ea:69:12:b4:15:
51:40:08:99:a1:8d:b0:f4:d1:26:42:1b:2e:fc:91:00:f2:45:
ac:5f:2d:1a:7c:5b:5b:c4:35:67:e6:7d:21:9d:1f:83:2c:f8:
42:65:63:91:a6:5d:71:75:ef:53:fb:1c:05:a2:37:a2:34:b0:
85:07:11:fe:d8:bf:de:12:03:b7:87:d3:ac:9a:71:2c:97:2e:
9f:ee:6c:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyeif/DIEjWisHmPQSlOpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODI4Yzk5ZDM1Y2I5MmUyZDUzZGFmMTI4ZTQ5N2U4NDFi
NjNhYjAwHhcNMjMwMTAyMTIzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJmMzRhOTc5OWZiY2FmYzY1YjdkOWM3NzQzZjZhYjhkN2Q4ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8pZGPYQvKu90OgMDF+V4D+CtxBG
W93+EDL5nXnr1yO6yb6GAHbslIY188L5Irc1ZJMLugfl29JHvbQaWteDElj7k7sd
I2WC/ccoLx9MOrcKGkSSQAwXDChPtP2vNsCHvulWPwtN7xP0Ep5SwYJIwWBZq0rW
4FlO6vzLs1YzGYnrOTto1XIpT22stPyNLtFUoPyOpnz9+d6X6drTZ9quzofqcQ5i
2ogX1mP0MN5VvR6Gl0J0s8U94QUjh+iqn5QRoPx0GI88XmLrKFjKRLvsBxc2Cu2+
ULo+HEg48cemFpRZn3Tt6pacl3Q9cvoctFlFKkfFvfvVz3EAk3S2ToXyIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGC/NKl5n7yvxlt9nHdD9quNfY03MB8GA1UdIwQY
MBaAFDGCjJnTXLkuLVPa8Sjkl+hBtjqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYt
ZWIzN2E4NWE4MmM1LzEvWUw4MHFYbWZ2S19HVzMyY2QwUDJxNDE5alRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Y2JhMWEtNWY0ZC00MzA4LWJmNDYtZWIzN2E4NWE4MmM1
LzEvTVlLTW1kTmN1UzR0VTlyeEtPU1g2RUcyT3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnv84MA0G
CSqGSIb3DQEBCwUAA4IBAQA5o69IH6cUtKefUX+Sg1f9keFB+xA+1vCdjU0K123G
KKlqeyix4H1kuSXltw6XCQ4B66WHKy5/LLWl2ay4M6KIB+HgoX7rBHe169o/4N8D
exprAVGxTew1AuzhphgSmZjyqrrpPvHU2JRNPAvjhaYJhuf0SUVb3kdqsbcIn3Gr
7eE5lJI1ZIpr0izll+AUXL/3PKWb/PtjgOMVHRZwotEW9CUqnToXKQP81TJ9+yZ3
6mkStBVRQAiZoY2w9NEmQhsu/JEA8kWsXy0afFtbxDVn5n0hnR+DLPhCZWORpl1x
de9T+xwFojeiNLCFBxH+2L/eEgO3h9OsmnEsly6f7myE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org