Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/yHC5wjMah99os36ES_YJKJFjiBo.roa
File: yHC5wjMah99os36ES_YJKJFjiBo.roa (raw, json)
Hash identifier: dp14I2pzoegaNmBTJECnUk+Kv0ZM86Onx1zA/CCSMkY=
Subject key identifier: C8:70:B9:C2:33:1A:87:DF:68:B3:7E:84:4B:F6:09:28:91:63:88:1A
Certificate issuer: /CN=111e0cbbe5d1c0a09465095e444fbc1c7932c683
Certificate serial: 018CC8030CF480B40E52518E6EAE2CB40644
Authority key identifier: 11:1E:0C:BB:E5:D1:C0:A0:94:65:09:5E:44:4F:BC:1C:79:32:C6:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER4Mu-XRwKCUZQleRE-8HHkyxoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/yHC5wjMah99os36ES_YJKJFjiBo.roa
Signing time: Tue 02 Jan 2024 02:31:32 +0000
ROA not before: Tue 02 Jan 2024 02:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203740
IP address blocks: 185.125.40.0/22 maxlen: 24
2a06:b7c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 09:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:0c:f4:80:b4:0e:52:51:8e:6e:ae:2c:b4:06:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111e0cbbe5d1c0a09465095e444fbc1c7932c683
Validity
Not Before: Jan 2 02:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c870b9c2331a87df68b37e844bf609289163881a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d7:13:f3:97:0a:8f:d7:af:9b:dc:91:79:a0:
ee:4f:69:e9:37:74:ea:af:f9:b1:73:99:05:83:89:
e3:d8:0a:ad:52:e0:90:ed:05:37:ab:70:56:1e:ca:
10:01:ce:62:08:88:9c:fa:36:69:84:95:e1:d7:1a:
e8:cc:4d:2c:45:f7:7a:de:dd:bd:36:f2:cf:27:01:
0a:3c:a7:86:cc:42:d6:e8:ec:f5:f3:73:af:f9:e7:
64:a9:3b:17:e5:92:5b:33:6d:29:54:76:35:02:a8:
90:e7:47:1e:93:01:f9:ec:97:64:38:b0:db:12:a4:
c9:1d:6e:9f:5a:56:a1:19:a8:df:a4:74:6c:75:87:
fe:78:b5:d5:4a:c5:94:c4:a5:e6:50:37:70:76:e9:
91:bd:7e:b4:72:de:f6:f5:69:47:ee:4c:84:8b:e9:
b0:96:ba:21:75:14:6e:f8:35:81:cb:ec:98:b0:85:
3e:1b:1f:07:4c:99:c9:4c:26:87:0d:22:40:48:e2:
e0:1c:b9:08:73:d3:ec:14:b2:62:3a:10:05:9e:87:
5f:00:9a:5c:98:bc:6e:37:10:18:01:74:a9:7d:8d:
2e:97:2f:12:e9:84:70:b7:51:9c:2d:87:31:70:0c:
fc:40:cc:65:34:64:f6:aa:ff:c9:c5:07:71:4d:5e:
cd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:70:B9:C2:33:1A:87:DF:68:B3:7E:84:4B:F6:09:28:91:63:88:1A
X509v3 Authority Key Identifier:
keyid:11:1E:0C:BB:E5:D1:C0:A0:94:65:09:5E:44:4F:BC:1C:79:32:C6:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER4Mu-XRwKCUZQleRE-8HHkyxoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/yHC5wjMah99os36ES_YJKJFjiBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/ER4Mu-XRwKCUZQleRE-8HHkyxoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.40.0/22
IPv6:
2a06:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:ca:1c:70:49:da:70:85:82:ce:d6:17:5c:51:7f:86:42:c8:
a2:f7:9f:bc:a1:23:94:aa:b6:14:1b:a8:8a:69:fc:43:aa:3e:
0d:8f:9a:b2:9f:ba:58:01:54:40:09:00:42:3d:86:7d:3d:53:
7f:e5:fe:98:fb:db:0f:7b:f6:13:9d:5b:5f:9e:89:3e:46:bd:
c3:35:11:55:0b:a6:f0:fd:5d:a4:8a:cd:1b:26:94:90:a3:04:
3d:06:b3:29:a4:17:f3:f2:12:1f:b6:d1:02:53:59:f9:87:01:
6d:45:78:79:94:a3:b5:74:50:35:24:93:e3:a0:3a:e7:e9:b1:
d0:b0:42:16:d0:bf:e5:4d:b7:17:5a:98:2e:55:19:36:39:8e:
dd:16:cb:16:3e:20:51:27:5a:79:95:69:bf:08:5a:e6:ce:a9:
72:b0:f5:54:6d:d2:80:71:c1:ad:94:77:53:f8:e4:22:f9:55:
6d:5e:2b:f8:a8:c2:ad:e7:e4:7c:fd:3f:90:86:2b:3b:9e:c8:
86:3c:4b:26:75:20:2e:73:99:f6:5e:d0:0d:36:b7:ff:fd:61:
91:81:84:92:10:25:12:30:5b:fa:12:91:81:c5:1e:0f:a3:8d:
f2:85:97:7b:99:2b:96:20:e9:bc:42:e2:84:0e:2f:c6:6c:20:
d5:37:4d:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAwz0gLQOUlGObq4stAZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWUwY2JiZTVkMWMwYTA5NDY1MDk1ZTQ0NGZiYzFjNzkz
MmM2ODMwHhcNMjQwMTAyMDIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcwYjljMjMzMWE4N2RmNjhiMzdlODQ0YmY2MDkyODkxNjM4ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dcT85cKj9evm9yReaDuT2npN3Tq
r/mxc5kFg4nj2AqtUuCQ7QU3q3BWHsoQAc5iCIic+jZphJXh1xrozE0sRfd63t29
NvLPJwEKPKeGzELW6Oz183Ov+edkqTsX5ZJbM20pVHY1AqiQ50cekwH57JdkOLDb
EqTJHW6fWlahGajfpHRsdYf+eLXVSsWUxKXmUDdwdumRvX60ct729WlH7kyEi+mw
lrohdRRu+DWBy+yYsIU+Gx8HTJnJTCaHDSJASOLgHLkIc9PsFLJiOhAFnodfAJpc
mLxuNxAYAXSpfY0uly8S6YRwt1GcLYcxcAz8QMxlNGT2qv/JxQdxTV7NqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMhwucIzGoffaLN+hEv2CSiRY4gaMB8GA1UdIwQY
MBaAFBEeDLvl0cCglGUJXkRPvBx5MsaDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVI0TXUtWFJ3S0NVWlFsZVJFLThISGt5eG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iNmM5OTEtMWZkNC00ODdmLTg3Nzgt
ZDE1ZTUxNmRjNDVjLzEveUhDNXdqTWFoOTlvczM2RVNfWUpLSkZqaUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iNmM5OTEtMWZkNC00ODdmLTg3NzgtZDE1ZTUxNmRjNDVj
LzEvRVI0TXUtWFJ3S0NVWlFsZVJFLThISGt5eG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX0oMA0E
AgACMAcDBQMqBrfAMA0GCSqGSIb3DQEBCwUAA4IBAQCjyhxwSdpwhYLO1hdcUX+G
Qsii95+8oSOUqrYUG6iKafxDqj4Nj5qyn7pYAVRACQBCPYZ9PVN/5f6Y+9sPe/YT
nVtfnok+Rr3DNRFVC6bw/V2kis0bJpSQowQ9BrMppBfz8hIfttECU1n5hwFtRXh5
lKO1dFA1JJPjoDrn6bHQsEIW0L/lTbcXWpguVRk2OY7dFssWPiBRJ1p5lWm/CFrm
zqlysPVUbdKAccGtlHdT+OQi+VVtXiv4qMKt5+R8/T+Qhis7nsiGPEsmdSAuc5n2
XtANNrf//WGRgYSSECUSMFv6EpGBxR4Po43yhZd7mSuWIOm8QuKEDi/GbCDVN01z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:11 2024 by rpki-client on console-ams.rpki-client.org