Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/yRQ63OrB_Y5aln8GJ5-Xk0jlHXk.roa
File: yRQ63OrB_Y5aln8GJ5-Xk0jlHXk.roa (raw, json)
Hash identifier: 2qolhgO4AP3Zc6wnFNtmPWcM4s7rbiAVfVRewQsz6b4=
Subject key identifier: C9:14:3A:DC:EA:C1:FD:8E:5A:96:7F:06:27:9F:97:93:48:E5:1D:79
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 01856F14CC12457F1B0B59BE755089D8F82E
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/yRQ63OrB_Y5aln8GJ5-Xk0jlHXk.roa
Signing time: Sun 01 Jan 2023 20:45:11 +0000
ROA not before: Sun 01 Jan 2023 20:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51013
IP address blocks: 213.188.152.0/22 maxlen: 22
213.188.156.0/23 maxlen: 23
2a02:250:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:cc:12:45:7f:1b:0b:59:be:75:50:89:d8:f8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 1 20:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9143adceac1fd8e5a967f06279f979348e51d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:46:86:9d:19:c5:81:8c:7e:8c:74:01:83:
ae:89:10:c8:47:78:88:9c:94:52:b7:62:8b:ed:6b:
25:61:3a:b1:81:07:5d:13:05:22:d9:6e:b9:66:a8:
4c:bd:d5:ab:24:f9:92:65:01:ca:44:32:f0:7a:c5:
2e:ec:ca:55:d5:b1:20:88:2f:24:2c:21:2a:c7:df:
08:36:73:9c:a6:28:9f:c7:b3:12:57:f0:38:3d:fe:
8f:6e:61:00:ad:9e:cd:3e:97:f5:41:44:30:ce:01:
f0:ea:83:60:9d:7d:51:a5:d4:8d:57:e2:ad:96:83:
a8:45:53:65:79:9e:b9:f8:1f:49:5e:51:68:ca:ac:
81:de:d7:ca:fc:c3:1b:ca:4f:a7:b4:05:43:50:6a:
c4:57:7b:8a:20:79:25:db:62:7c:f9:04:2f:56:71:
85:65:a8:40:af:1d:50:6c:0e:10:06:f8:af:e3:a5:
40:a6:47:c3:76:4e:ab:9c:86:d3:6d:8b:6f:fe:eb:
32:74:81:f0:f6:46:1b:c2:10:7b:b6:1a:92:f6:59:
10:10:0c:2e:9d:c1:c4:c1:3e:83:67:cd:b6:3f:37:
0d:f1:c3:e4:9e:16:a3:5c:50:5f:5b:b9:9e:2b:fb:
0e:62:1c:d8:2e:1a:e7:34:8b:80:15:2c:28:e4:98:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:14:3A:DC:EA:C1:FD:8E:5A:96:7F:06:27:9F:97:93:48:E5:1D:79
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/yRQ63OrB_Y5aln8GJ5-Xk0jlHXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.188.152.0-213.188.157.255
IPv6:
2a02:250:2::/48
Signature Algorithm: sha256WithRSAEncryption
9d:cf:ab:72:58:97:30:c5:31:89:df:a8:43:5b:a9:a7:af:d8:
37:6f:1d:0d:1d:db:5b:68:b7:c4:58:c9:f2:8e:0f:0d:af:b7:
a8:2d:27:9f:b0:f7:9d:0d:65:3d:f4:15:b4:a3:55:1e:82:4f:
79:1a:7f:c0:3c:10:42:6b:7a:90:b4:bc:6f:92:34:0a:67:7c:
9c:be:2d:94:52:c8:f2:99:4c:f8:c8:6c:fe:39:95:0b:3c:3a:
0d:e6:ba:54:9d:56:75:30:51:d4:ff:37:54:db:6c:33:c1:47:
0f:a0:57:7f:d8:7a:e0:5d:26:d2:54:13:3b:d1:8d:0f:5e:7a:
5e:f6:e5:3d:e5:57:7e:f9:50:f7:97:7b:de:a6:ba:91:ee:70:
26:a5:af:36:22:6f:a1:6c:65:aa:4c:73:cb:8c:29:61:51:b6:
08:e8:59:b2:63:a4:77:a6:2d:35:5f:e9:da:cb:b0:74:20:37:
c2:c6:ab:f2:79:52:d9:d9:03:1e:93:ce:04:44:30:45:d4:9d:
09:10:75:d0:d1:97:fd:0a:9a:01:56:a0:eb:be:44:fd:4d:00:
eb:26:27:f5:4b:58:90:92:08:2b:18:05:64:c6:98:c0:42:79:
26:f9:63:9f:bd:40:47:c4:b9:e8:d3:f7:46:08:93:6a:c7:48:
23:2a:f3:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVvFMwSRX8bC1m+dVCJ2PguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjMwMTAxMjA0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTE0M2FkY2VhYzFmZDhlNWE5NjdmMDYyNzlmOTc5MzQ4ZTUxZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbhGhp0ZxYGMfox0AYOuiRDIR3iI
nJRSt2KL7WslYTqxgQddEwUi2W65ZqhMvdWrJPmSZQHKRDLwesUu7MpV1bEgiC8k
LCEqx98INnOcpiifx7MSV/A4Pf6PbmEArZ7NPpf1QUQwzgHw6oNgnX1RpdSNV+Kt
loOoRVNleZ65+B9JXlFoyqyB3tfK/MMbyk+ntAVDUGrEV3uKIHkl22J8+QQvVnGF
ZahArx1QbA4QBviv46VApkfDdk6rnIbTbYtv/usydIHw9kYbwhB7thqS9lkQEAwu
ncHEwT6DZ822PzcN8cPknhajXFBfW7meK/sOYhzYLhrnNIuAFSwo5JjbpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkUOtzqwf2OWpZ/Biefl5NI5R15MB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEveVJRNjNPckJfWTVhbG44R0o1LVhrMGpsSFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPVvJgD
BAHVvJwwDwQCAAIwCQMHACoCAlAAAjANBgkqhkiG9w0BAQsFAAOCAQEAnc+rcliX
MMUxid+oQ1upp6/YN28dDR3bW2i3xFjJ8o4PDa+3qC0nn7D3nQ1lPfQVtKNVHoJP
eRp/wDwQQmt6kLS8b5I0Cmd8nL4tlFLI8plM+Mhs/jmVCzw6Dea6VJ1WdTBR1P83
VNtsM8FHD6BXf9h64F0m0lQTO9GND156XvblPeVXfvlQ95d73qa6ke5wJqWvNiJv
oWxlqkxzy4wpYVG2COhZsmOkd6YtNV/p2suwdCA3wsar8nlS2dkDHpPOBEQwRdSd
CRB10NGX/QqaAVag675E/U0A6yYn9UtYkJIIKxgFZMaYwEJ5Jvljn71AR8S56NP3
RgiTasdIIyrzKw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:06 2024 by rpki-client on console-fra.rpki-client.org