Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/YcWLkLL7Liypov6mShv5qdo8rKk.roa
File: YcWLkLL7Liypov6mShv5qdo8rKk.roa (raw, json)
Hash identifier: IYDUdPKD8k+S+X0isaBdPL0k0+e7cHWURQn4Mtp+C9s=
Subject key identifier: 61:C5:8B:90:B2:FB:2E:2C:A9:A2:FE:A6:4A:1B:F9:A9:DA:3C:AC:A9
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 01856F8BA4083E220B740FCE66C29A93F573
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/YcWLkLL7Liypov6mShv5qdo8rKk.roa
Signing time: Sun 01 Jan 2023 22:55:00 +0000
ROA not before: Sun 01 Jan 2023 22:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53667
IP address blocks: 194.50.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:a4:08:3e:22:0b:74:0f:ce:66:c2:9a:93:f5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Jan 1 22:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c58b90b2fb2e2ca9a2fea64a1bf9a9da3caca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:88:eb:ac:a2:77:f5:a6:05:93:fd:40:77:a3:
df:1d:4b:b0:73:0c:c3:63:59:b1:18:42:fa:99:6a:
eb:76:88:14:10:09:77:56:a9:8f:90:7f:d0:c3:e1:
63:ea:18:36:9f:b8:23:bd:65:38:01:8b:33:15:ab:
5d:5f:52:fd:29:ee:06:4d:71:f8:78:ea:ea:d0:1b:
e7:41:e0:46:76:ba:a6:9d:8d:89:35:1d:6b:7e:71:
4d:b2:e3:06:02:b0:7d:af:13:0b:df:fc:c6:2b:24:
78:f3:a7:dd:54:f1:6b:dd:31:e3:fd:8f:03:a3:7b:
da:f1:d7:e2:56:20:51:43:1d:95:51:91:22:8a:19:
5f:55:49:b0:9a:92:a6:e0:6b:65:82:e3:be:db:f9:
63:f8:33:db:7b:ea:db:5f:e1:56:f8:5b:69:0d:22:
5a:47:48:1a:e0:dd:eb:10:8a:87:d9:ef:d5:ef:ef:
f1:92:71:9c:00:7c:74:99:eb:d4:dc:3f:0f:55:b1:
44:81:9b:4e:51:5b:91:dd:0e:8f:6b:4a:8e:bd:95:
25:3e:b5:fb:b3:43:22:cf:24:96:56:e8:b0:bc:fe:
b1:41:50:96:a3:d0:1d:09:14:23:68:80:c6:ff:7c:
44:74:68:d3:64:f9:6d:28:ab:0a:96:02:be:8b:ce:
ba:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C5:8B:90:B2:FB:2E:2C:A9:A2:FE:A6:4A:1B:F9:A9:DA:3C:AC:A9
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/YcWLkLL7Liypov6mShv5qdo8rKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.197.0/24
Signature Algorithm: sha256WithRSAEncryption
05:2d:b5:c7:e7:43:dc:78:07:f1:5e:b9:fb:03:31:3c:cc:ac:
98:53:8e:e2:3c:bf:97:ca:7a:b3:6b:1c:d0:39:56:c3:e5:ec:
0c:69:3e:0e:dd:45:ba:c4:0c:a0:a6:47:b8:d1:1e:34:19:f3:
f3:63:a3:a3:60:1b:45:e3:58:3f:49:4e:4d:f0:14:a8:0c:d7:
33:90:4b:22:ec:2a:fd:90:08:5f:5e:b2:ca:57:fa:85:58:37:
97:17:e6:a8:5f:1e:a5:f6:31:bd:f5:3d:04:59:8f:3d:da:1e:
09:e0:77:e1:4a:e9:06:5c:c1:7e:cb:48:82:1a:ef:96:fa:69:
19:89:7c:93:e5:03:49:e2:c3:2b:ee:30:69:6c:e0:70:a9:1b:
53:8c:64:86:a1:98:30:af:b3:38:08:5d:7f:7e:8f:8f:7c:8b:
90:fe:52:6f:7d:27:dc:ad:2c:aa:e8:83:23:54:90:d1:9a:26:
2f:ba:79:c2:74:e8:ee:99:2b:e8:28:4f:e0:cf:bd:29:44:2c:
46:5e:fd:dc:9c:4a:44:9d:55:98:33:72:29:47:84:cf:3c:9c:
88:c4:e1:91:cc:bb:49:28:df:fe:8e:80:42:55:ac:e6:36:be:
f9:bc:16:e5:aa:69:be:32:1e:3e:6e:b6:d1:fe:bb:28:38:b7:
8c:e4:54:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi6QIPiILdA/OZsKak/VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjMwMTAxMjI1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM1OGI5MGIyZmIyZTJjYTlhMmZlYTY0YTFiZjlhOWRhM2NhY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64jrrKJ39aYFk/1Ad6PfHUuwcwzD
Y1mxGEL6mWrrdogUEAl3VqmPkH/Qw+Fj6hg2n7gjvWU4AYszFatdX1L9Ke4GTXH4
eOrq0BvnQeBGdrqmnY2JNR1rfnFNsuMGArB9rxML3/zGKyR486fdVPFr3THj/Y8D
o3va8dfiViBRQx2VUZEiihlfVUmwmpKm4GtlguO+2/lj+DPbe+rbX+FW+FtpDSJa
R0ga4N3rEIqH2e/V7+/xknGcAHx0mevU3D8PVbFEgZtOUVuR3Q6Pa0qOvZUlPrX7
s0MizySWVuiwvP6xQVCWo9AdCRQjaIDG/3xEdGjTZPltKKsKlgK+i866gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHFi5Cy+y4sqaL+pkob+anaPKypMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvWWNXTGtMTDdMaXlwb3Y2bVNodjVxZG84cktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjLFMA0G
CSqGSIb3DQEBCwUAA4IBAQAFLbXH50PceAfxXrn7AzE8zKyYU47iPL+XynqzaxzQ
OVbD5ewMaT4O3UW6xAygpke40R40GfPzY6OjYBtF41g/SU5N8BSoDNczkEsi7Cr9
kAhfXrLKV/qFWDeXF+aoXx6l9jG99T0EWY892h4J4HfhSukGXMF+y0iCGu+W+mkZ
iXyT5QNJ4sMr7jBpbOBwqRtTjGSGoZgwr7M4CF1/fo+PfIuQ/lJvfSfcrSyq6IMj
VJDRmiYvunnCdOjumSvoKE/gz70pRCxGXv3cnEpEnVWYM3IpR4TPPJyIxOGRzLtJ
KN/+joBCVazmNr75vBblqmm+Mh4+brbR/rsoOLeM5FSj
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:23 2024 by rpki-client on console-fra.rpki-client.org