Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yrJeQons2kyAIo3pxMK3aUdTeWo.roa
File: yrJeQons2kyAIo3pxMK3aUdTeWo.roa (raw, json)
Hash identifier: 9mBe62je/+vKOSiOaDN+XnGfxZ+7nALgdRYhwAUinmQ=
Subject key identifier: CA:B2:5E:42:89:EC:DA:4C:80:22:8D:E9:C4:C2:B7:69:47:53:79:6A
Certificate issuer: /CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Certificate serial: 018570C2B655E62785AD4D6934C03FEC028D
Authority key identifier: C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yrJeQons2kyAIo3pxMK3aUdTeWo.roa
Signing time: Mon 02 Jan 2023 04:34:46 +0000
ROA not before: Mon 02 Jan 2023 04:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42703
IP address blocks: 185.106.225.0/24 maxlen: 24
185.106.224.0/24 maxlen: 24
185.106.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 13:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:b6:55:e6:27:85:ad:4d:69:34:c0:3f:ec:02:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Validity
Not Before: Jan 2 04:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab25e4289ecda4c80228de9c4c2b7694753796a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dd:8b:14:5b:30:db:5f:95:03:e9:a4:a3:63:
ea:69:78:37:93:d0:bd:71:83:fa:7d:3c:ac:db:fb:
2f:37:c7:42:6b:5f:a2:ec:eb:2c:d6:3b:14:3c:a0:
36:2b:dd:d1:08:49:e5:ce:da:71:3b:e9:c6:de:c8:
ed:d5:d0:29:44:ad:fd:c2:10:e9:47:7f:e7:d7:78:
8e:6f:af:0c:16:7d:0b:b4:60:32:2f:0c:fa:1c:58:
bd:a1:44:bc:9a:d6:41:57:a8:3b:fd:c6:2f:44:04:
75:0b:d5:2c:dd:ed:13:d6:3b:5f:02:f6:ff:d4:e3:
06:4c:2e:41:d1:1a:fd:35:2f:96:c1:be:b6:66:9f:
9d:8c:b3:e4:8e:69:43:dc:29:51:28:96:31:10:16:
09:06:b4:ae:c8:97:54:45:58:16:a1:e5:21:b3:73:
07:00:fd:bd:8d:7b:83:12:28:8d:f8:a4:56:03:3a:
17:52:5b:a1:c9:6f:72:90:68:cf:be:d2:3d:ce:9d:
03:df:1d:24:f3:42:31:c2:37:25:4b:47:16:56:78:
c5:d9:fb:90:86:49:89:4e:f4:72:5f:c0:4e:f0:36:
21:f5:41:2b:3f:3c:ce:51:68:20:a3:0d:f4:9a:34:
68:1f:11:a7:d8:3e:ea:c3:b5:70:96:1b:a5:93:0d:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B2:5E:42:89:EC:DA:4C:80:22:8D:E9:C4:C2:B7:69:47:53:79:6A
X509v3 Authority Key Identifier:
keyid:C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yrJeQons2kyAIo3pxMK3aUdTeWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.224.0/23
185.106.227.0/24
Signature Algorithm: sha256WithRSAEncryption
39:8c:d2:5e:b0:2a:30:ef:1d:fe:32:32:6b:53:93:4f:f1:c1:
82:05:9e:35:ad:59:1f:58:20:25:4a:fe:6b:0e:34:13:25:bf:
ec:46:b2:44:0e:4f:81:57:9c:c5:e3:1d:1c:04:be:15:b8:3c:
12:3e:53:b7:e2:42:e5:10:2d:1b:7b:f3:ec:9d:b2:d7:67:41:
2b:b8:ac:eb:75:0d:c7:09:f4:f9:18:23:ed:06:91:56:5c:ad:
1c:72:bb:6f:e7:a6:4e:dc:85:70:03:cc:9f:54:d8:56:69:dd:
1b:26:e6:95:43:e0:e0:f2:17:31:2e:b9:94:5b:04:a6:37:79:
e2:4d:a0:aa:51:65:23:8c:8f:89:62:c2:d5:09:55:6d:77:bf:
f7:99:a3:de:aa:4c:c1:e5:b8:38:f3:2f:a6:0a:6c:66:3e:9b:
bb:84:37:f2:65:8f:87:e5:88:b3:dc:f7:cc:91:17:82:0b:ce:
40:30:40:28:26:46:2b:35:83:6c:13:03:06:f7:f2:eb:25:b9:
f1:88:c7:66:bd:ce:d3:3f:60:6b:7c:bc:44:4f:51:c7:7b:2b:
98:6b:1c:20:87:59:f5:b2:6f:13:fd:cc:5d:8e:a2:66:14:54:
64:9e:e2:84:9d:b0:fa:07:c2:41:29:77:9b:86:11:20:5b:7d:
48:95:3b:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwwrZV5ieFrU1pNMA/7AKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGExODZlOGVlYjg3MTRlZGNhNWIwZDcxNmU1MWQ2NmMx
NjhjZTEwHhcNMjMwMTAyMDQzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIyNWU0Mjg5ZWNkYTRjODAyMjhkZTljNGMyYjc2OTQ3NTM3OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN2LFFsw21+VA+mko2PqaXg3k9C9
cYP6fTys2/svN8dCa1+i7Oss1jsUPKA2K93RCEnlztpxO+nG3sjt1dApRK39whDp
R3/n13iOb68MFn0LtGAyLwz6HFi9oUS8mtZBV6g7/cYvRAR1C9Us3e0T1jtfAvb/
1OMGTC5B0Rr9NS+Wwb62Zp+djLPkjmlD3ClRKJYxEBYJBrSuyJdURVgWoeUhs3MH
AP29jXuDEiiN+KRWAzoXUluhyW9ykGjPvtI9zp0D3x0k80IxwjclS0cWVnjF2fuQ
hkmJTvRyX8BO8DYh9UErPzzOUWggow30mjRoHxGn2D7qw7Vwlhulkw17kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqyXkKJ7NpMgCKN6cTCt2lHU3lqMB8GA1UdIwQY
MBaAFMmKGG6O64cU7cpbDXFuUdZsFozhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTkt
N2E1YThkMDk2N2M4LzEveXJKZVFvbnMya3lBSW8zcHhNSzNhVWRUZVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTktN2E1YThkMDk2N2M4
LzEveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuWrgAwQA
uWrjMA0GCSqGSIb3DQEBCwUAA4IBAQA5jNJesCow7x3+MjJrU5NP8cGCBZ41rVkf
WCAlSv5rDjQTJb/sRrJEDk+BV5zF4x0cBL4VuDwSPlO34kLlEC0be/PsnbLXZ0Er
uKzrdQ3HCfT5GCPtBpFWXK0ccrtv56ZO3IVwA8yfVNhWad0bJuaVQ+Dg8hcxLrmU
WwSmN3niTaCqUWUjjI+JYsLVCVVtd7/3maPeqkzB5bg48y+mCmxmPpu7hDfyZY+H
5Yiz3PfMkReCC85AMEAoJkYrNYNsEwMG9/LrJbnxiMdmvc7TP2BrfLxET1HHeyuY
axwgh1n1sm8T/cxdjqJmFFRknuKEnbD6B8JBKXebhhEgW31IlTuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:43 2024 by rpki-client on console-fra.rpki-client.org