Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/YVA-DufpAvSW7WtHH2zOT-U7xrk.roa
File: YVA-DufpAvSW7WtHH2zOT-U7xrk.roa (raw, json)
Hash identifier: OI1k04fSBTr6On70DKt6TDaN9UEKUfAq2eSf8eR6+Jc=
Subject key identifier: 61:50:3E:0E:E7:E9:02:F4:96:ED:6B:47:1F:6C:CE:4F:E5:3B:C6:B9
Certificate issuer: /CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Certificate serial: 01856CA5CC5526F1CD3863C7E1514B4ACDCA
Authority key identifier: 44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/YVA-DufpAvSW7WtHH2zOT-U7xrk.roa
Signing time: Sun 01 Jan 2023 09:24:43 +0000
ROA not before: Sun 01 Jan 2023 09:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44222
IP address blocks: 185.83.213.0/24 maxlen: 24
185.83.212.0/24 maxlen: 24
2a05:9f02::/31 maxlen: 31
2a05:9f06::/31 maxlen: 31
2a05:9f00::/31 maxlen: 48
2a05:9f04::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:cc:55:26:f1:cd:38:63:c7:e1:51:4b:4a:cd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44007172df9fc2d4a2ddbba934cebc9f0286d3ca
Validity
Not Before: Jan 1 09:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61503e0ee7e902f496ed6b471f6cce4fe53bc6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:53:32:0c:0b:a1:2b:6c:96:00:ff:91:cb:
c2:f6:9d:50:c2:bb:e3:0e:96:a5:d0:8a:f1:a8:08:
ab:45:18:6a:24:1c:05:03:5e:6b:6e:85:49:40:eb:
87:5a:fc:78:6d:89:7d:e9:37:ee:2a:6d:85:fb:da:
ec:a9:3e:3a:94:fa:fd:ec:71:6d:d0:a3:b7:9d:44:
df:89:c7:68:a0:38:b6:8f:14:23:9a:88:ce:7c:40:
d7:7b:a6:af:f6:0a:14:16:7b:03:78:48:76:49:c6:
f3:29:c1:69:bf:e2:1f:65:bc:ec:ba:cb:b8:83:a4:
a3:87:0c:6f:c7:6a:91:4a:94:b3:1d:e8:b0:44:94:
74:93:5e:1c:fa:15:8d:9f:1a:0e:e3:59:15:09:50:
27:70:2c:da:da:5c:24:8f:4a:1f:f0:93:e2:01:76:
c1:8c:57:56:22:03:98:85:7c:1a:9a:db:07:26:b4:
2a:4a:9c:5a:bf:1d:f5:18:56:14:41:f1:c5:4a:25:
f8:cc:ae:84:43:eb:c3:86:75:d0:d9:d0:5d:6a:97:
5d:75:ba:66:df:01:01:d5:cb:67:06:02:da:82:12:
10:ec:e8:b4:bb:a6:96:f9:70:d1:7d:c5:5b:d8:9e:
bb:33:d1:2f:60:95:94:fc:ea:9d:03:a4:e6:16:a9:
52:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:50:3E:0E:E7:E9:02:F4:96:ED:6B:47:1F:6C:CE:4F:E5:3B:C6:B9
X509v3 Authority Key Identifier:
keyid:44:00:71:72:DF:9F:C2:D4:A2:DD:BB:A9:34:CE:BC:9F:02:86:D3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RABxct-fwtSi3bupNM68nwKG08o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/YVA-DufpAvSW7WtHH2zOT-U7xrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/945dbd-2fb7-4dd1-96a6-0585de4d4ee7/1/RABxct-fwtSi3bupNM68nwKG08o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.212.0/23
IPv6:
2a05:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:f3:48:62:86:7f:88:4e:a7:d1:82:a5:74:21:72:83:6c:05:
52:15:f3:f5:4c:09:06:55:b6:60:61:ef:23:03:ff:de:8e:ae:
97:93:87:ae:a7:01:91:4e:78:b5:e4:6a:dd:1c:48:36:fa:ce:
e5:90:c5:e1:30:b3:34:03:41:17:b8:47:7c:08:c7:86:49:bb:
96:dd:ec:8a:e9:d3:08:e5:de:dc:b3:80:13:12:51:c2:7b:5d:
42:1d:a1:45:67:71:89:73:c6:db:20:03:3a:c9:5d:09:7b:ec:
0e:05:0c:04:50:37:d6:36:a0:a8:56:8d:bc:64:dd:f2:8a:b9:
bb:7e:9f:ca:3d:5d:65:06:fa:bf:f2:14:c3:3e:14:a7:b2:11:
8f:53:41:af:f5:15:2e:71:ce:2c:a3:c1:51:29:0b:ae:a1:d1:
69:f8:77:0a:1d:48:ec:7b:e1:68:fe:37:fe:99:a1:ee:62:d0:
c4:94:25:6f:a9:48:7b:83:5f:51:22:94:a2:4e:08:aa:52:ea:
04:32:61:ce:fe:75:9e:8b:9c:36:7b:c1:62:0a:2b:6e:18:80:
e5:37:1d:0f:17:2a:32:ad:2b:d7:81:82:b1:d1:38:b1:11:22:
6b:39:58:39:2c:d2:42:63:06:51:f2:56:88:f0:e9:e3:7b:69:
d9:8d:c9:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVspcxVJvHNOGPH4VFLSs3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDA3MTcyZGY5ZmMyZDRhMmRkYmJhOTM0Y2ViYzlmMDI4
NmQzY2EwHhcNMjMwMTAxMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTUwM2UwZWU3ZTkwMmY0OTZlZDZiNDcxZjZjY2U0ZmU1M2JjNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJNTMgwLoStslgD/kcvC9p1Qwrvj
Dpal0IrxqAirRRhqJBwFA15rboVJQOuHWvx4bYl96TfuKm2F+9rsqT46lPr97HFt
0KO3nUTficdooDi2jxQjmojOfEDXe6av9goUFnsDeEh2ScbzKcFpv+IfZbzsusu4
g6Sjhwxvx2qRSpSzHeiwRJR0k14c+hWNnxoO41kVCVAncCza2lwkj0of8JPiAXbB
jFdWIgOYhXwamtsHJrQqSpxavx31GFYUQfHFSiX4zK6EQ+vDhnXQ2dBdapdddbpm
3wEB1ctnBgLaghIQ7Oi0u6aW+XDRfcVb2J67M9EvYJWU/OqdA6TmFqlS7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGFQPg7n6QL0lu1rRx9szk/lO8a5MB8GA1UdIwQY
MBaAFEQAcXLfn8LUot27qTTOvJ8ChtPKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYt
MDU4NWRlNGQ0ZWU3LzEvWVZBLUR1ZnBBdlNXN1d0SEgyek9ULVU3eHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85NDVkYmQtMmZiNy00ZGQxLTk2YTYtMDU4NWRlNGQ0ZWU3
LzEvUkFCeGN0LWZ3dFNpM2J1cE5NNjhud0tHMDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuVPUMA0E
AgACMAcDBQMqBZ8AMA0GCSqGSIb3DQEBCwUAA4IBAQCa80hihn+ITqfRgqV0IXKD
bAVSFfP1TAkGVbZgYe8jA//ejq6Xk4eupwGRTni15GrdHEg2+s7lkMXhMLM0A0EX
uEd8CMeGSbuW3eyK6dMI5d7cs4ATElHCe11CHaFFZ3GJc8bbIAM6yV0Je+wOBQwE
UDfWNqCoVo28ZN3yirm7fp/KPV1lBvq/8hTDPhSnshGPU0Gv9RUucc4so8FRKQuu
odFp+HcKHUjse+Fo/jf+maHuYtDElCVvqUh7g19RIpSiTgiqUuoEMmHO/nWei5w2
e8FiCituGIDlNx0PFyoyrSvXgYKx0TixESJrOVg5LNJCYwZR8laI8Onje2nZjckQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:00 2024 by rpki-client on console-fra.rpki-client.org