Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/yKlSoD872usO3G0n-lOAKouQ5jw.roa
File: yKlSoD872usO3G0n-lOAKouQ5jw.roa (raw, json)
Hash identifier: H+IaRGegwJat28OpvavZ9ZtNwMrzOM8I5vVahNgFRb0=
Subject key identifier: C8:A9:52:A0:3F:3B:DA:EB:0E:DC:6D:27:FA:53:80:2A:8B:90:E6:3C
Certificate issuer: /CN=04e1831c9eef1b795437fcbd43e295705a1a0547
Certificate serial: 01856F94C471EAE792A415C36970C6C04DC8
Authority key identifier: 04:E1:83:1C:9E:EF:1B:79:54:37:FC:BD:43:E2:95:70:5A:1A:05:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/yKlSoD872usO3G0n-lOAKouQ5jw.roa
Signing time: Sun 01 Jan 2023 23:04:58 +0000
ROA not before: Sun 01 Jan 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57269
IP address blocks: 185.239.200.0/22 maxlen: 24
185.105.36.0/22 maxlen: 24
91.232.81.0/24 maxlen: 24
195.135.250.0/23 maxlen: 24
195.135.248.0/23 maxlen: 24
2a0c:5a80::/29 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c4:71:ea:e7:92:a4:15:c3:69:70:c6:c0:4d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04e1831c9eef1b795437fcbd43e295705a1a0547
Validity
Not Before: Jan 1 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8a952a03f3bdaeb0edc6d27fa53802a8b90e63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fc:bd:18:8f:38:4b:eb:c4:54:68:11:54:1c:
a0:42:73:d8:59:ff:09:12:1d:f9:17:55:a1:9c:c8:
76:b3:5c:3b:4c:7b:bd:ca:8d:a9:e0:79:fc:6f:6b:
c1:80:ce:83:1d:f8:f3:12:48:73:39:e9:05:63:88:
cf:09:35:61:77:ae:79:c1:54:59:41:da:fa:ef:3c:
9a:d2:eb:68:91:12:6a:61:94:9d:4b:83:f2:61:9f:
7a:29:c9:81:f5:55:10:a9:df:00:0d:52:be:d7:c7:
65:cb:a1:5c:fa:b7:ef:36:a4:9c:cd:4e:87:00:6d:
42:d6:95:c7:86:f9:58:1b:6e:8e:92:66:07:d3:69:
79:41:3f:ba:e7:06:39:d1:36:b5:97:a6:f6:5a:e8:
a1:7f:cd:66:9b:88:69:63:59:a7:5f:c6:81:b5:51:
b2:05:ff:57:d1:e7:c9:7a:68:30:f0:15:07:c9:4a:
fd:37:c9:41:12:11:53:56:1e:8b:33:be:01:e5:25:
54:d0:34:ee:b3:0b:fb:b8:a1:15:58:26:a5:c4:f7:
ac:82:d9:0b:2b:df:b2:72:e3:f1:80:a6:42:2f:e4:
a5:82:ea:b1:6b:99:f8:40:67:1c:b4:d4:3b:c2:56:
aa:ee:53:97:7e:97:92:89:c4:6c:80:6d:12:a9:7f:
dd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A9:52:A0:3F:3B:DA:EB:0E:DC:6D:27:FA:53:80:2A:8B:90:E6:3C
X509v3 Authority Key Identifier:
keyid:04:E1:83:1C:9E:EF:1B:79:54:37:FC:BD:43:E2:95:70:5A:1A:05:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/yKlSoD872usO3G0n-lOAKouQ5jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/6a4858-46ae-4fb0-bee5-76fb20f4943d/1/BOGDHJ7vG3lUN_y9Q-KVcFoaBUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.81.0/24
185.105.36.0/22
185.239.200.0/22
195.135.248.0/22
IPv6:
2a0c:5a80::/29
Signature Algorithm: sha256WithRSAEncryption
1e:c3:91:94:bf:31:30:d0:de:4d:1c:cc:9f:5b:87:99:80:73:
d3:0e:73:f2:ee:ea:72:77:f1:54:5d:a0:25:49:be:f0:63:90:
7e:3a:c2:5a:25:d5:3d:26:05:26:c1:48:f6:09:93:1c:06:0d:
a9:27:3c:b4:b7:6b:25:a4:50:fc:19:f4:8f:44:9d:0f:10:d1:
d3:a5:35:a9:f1:d4:bc:5a:2d:fb:3f:16:5d:ad:2e:7e:16:35:
1f:e1:bf:cd:c8:f0:30:9e:e6:15:25:7f:fb:99:77:ac:7f:4a:
46:1b:2d:50:1b:06:90:73:54:5f:26:47:b3:33:df:98:53:45:
1d:fb:c4:0e:af:27:0e:99:a5:46:65:b4:e8:87:8d:3d:eb:26:
8b:95:e0:ff:0e:47:76:7c:8a:e1:7a:3c:ae:c0:e4:1c:a2:6c:
03:30:cf:56:76:b6:e6:3e:0d:64:d5:7d:06:ff:e4:7b:bc:b4:
23:e6:bb:21:50:1c:cc:7e:d8:70:ec:ba:74:e5:72:41:f0:b2:
0f:1d:b4:79:a4:a3:4d:3d:18:ef:46:21:0a:af:f9:3f:e3:09:
3c:9f:3c:de:c9:c5:1e:2c:ba:40:87:9d:11:9f:04:11:ee:22:
8b:5d:7b:f8:9b:64:ed:70:0b:66:80:ff:5c:fa:f5:08:f7:73:
4f:57:55:c4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvlMRx6ueSpBXDaXDGwE3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZTE4MzFjOWVlZjFiNzk1NDM3ZmNiZDQzZTI5NTcwNWEx
YTA1NDcwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE5NTJhMDNmM2JkYWViMGVkYzZkMjdmYTUzODAyYThiOTBlNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvy9GI84S+vEVGgRVBygQnPYWf8J
Eh35F1WhnMh2s1w7THu9yo2p4Hn8b2vBgM6DHfjzEkhzOekFY4jPCTVhd655wVRZ
Qdr67zya0utokRJqYZSdS4PyYZ96KcmB9VUQqd8ADVK+18dly6Fc+rfvNqSczU6H
AG1C1pXHhvlYG26OkmYH02l5QT+65wY50Ta1l6b2Wuihf81mm4hpY1mnX8aBtVGy
Bf9X0efJemgw8BUHyUr9N8lBEhFTVh6LM74B5SVU0DTuswv7uKEVWCalxPesgtkL
K9+ycuPxgKZCL+Slguqxa5n4QGcctNQ7wlaq7lOXfpeSicRsgG0SqX/dVQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMipUqA/O9rrDtxtJ/pTgCqLkOY8MB8GA1UdIwQY
MBaAFAThgxye7xt5VDf8vUPilXBaGgVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk9HREhKN3ZHM2xVTl95OVEtS1ZjRm9hQlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82YTQ4NTgtNDZhZS00ZmIwLWJlZTUt
NzZmYjIwZjQ5NDNkLzEveUtsU29EODcydXNPM0cwbi1sT0FLb3VRNWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82YTQ4NTgtNDZhZS00ZmIwLWJlZTUtNzZmYjIwZjQ5NDNk
LzEvQk9HREhKN3ZHM2xVTl95OVEtS1ZjRm9hQlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+hRAwQC
uWkkAwQCue/IAwQCw4f4MA0EAgACMAcDBQMqDFqAMA0GCSqGSIb3DQEBCwUAA4IB
AQAew5GUvzEw0N5NHMyfW4eZgHPTDnPy7upyd/FUXaAlSb7wY5B+OsJaJdU9JgUm
wUj2CZMcBg2pJzy0t2slpFD8GfSPRJ0PENHTpTWp8dS8Wi37PxZdrS5+FjUf4b/N
yPAwnuYVJX/7mXesf0pGGy1QGwaQc1RfJkezM9+YU0Ud+8QOrycOmaVGZbToh409
6yaLleD/Dkd2fIrhejyuwOQcomwDMM9WdrbmPg1k1X0G/+R7vLQj5rshUBzMfthw
7Lp05XJB8LIPHbR5pKNNPRjvRiEKr/k/4wk8nzzeycUeLLpAh50RnwQR7iKLXXv4
m2TtcAtmgP9c+vUI93NPV1XE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:18 2024 by rpki-client on console-ams.rpki-client.org