Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/YODhStNLBKSfjwKGfx3CEbj811Q.roa
File: YODhStNLBKSfjwKGfx3CEbj811Q.roa (raw, json)
Hash identifier: 1Qvc5IbmpnX1u4NGi4HT/WB3wJXRxetVT1B3/dLeJno=
Subject key identifier: 60:E0:E1:4A:D3:4B:04:A4:9F:8F:02:86:7F:1D:C2:11:B8:FC:D7:54
Certificate issuer: /CN=9d8f393483d489c429fc18b09342d76d0afe4244
Certificate serial: 01856EF42339D9E2D0B742025B893E5C00AC
Authority key identifier: 9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/YODhStNLBKSfjwKGfx3CEbj811Q.roa
Signing time: Sun 01 Jan 2023 20:09:31 +0000
ROA not before: Sun 01 Jan 2023 20:09:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197219
IP address blocks: 93.174.200.0/21 maxlen: 21
2a02:1720::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:23:39:d9:e2:d0:b7:42:02:5b:89:3e:5c:00:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8f393483d489c429fc18b09342d76d0afe4244
Validity
Not Before: Jan 1 20:09:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60e0e14ad34b04a49f8f02867f1dc211b8fcd754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:db:86:43:3e:4f:3a:7b:25:14:3e:18:8f:e3:
cb:94:64:ed:74:26:6d:7d:bb:63:c3:dc:bb:9e:70:
09:d7:6a:13:40:ca:f4:0e:1e:2b:19:ee:e1:14:c2:
cd:56:15:0e:dc:5d:13:44:7f:08:5e:cd:e8:fa:e2:
24:2b:76:7b:b3:72:39:eb:97:ca:c6:96:8f:9c:6b:
ba:37:4d:9c:d0:20:01:c5:4e:0f:f9:55:ef:7d:d8:
a5:56:a2:e7:aa:bd:46:b0:3f:4b:40:c7:6b:4f:5b:
3b:3a:58:50:b0:07:6b:f4:e4:53:cf:78:72:f5:90:
54:bb:1f:c5:40:c8:4d:fd:39:f8:63:74:59:bb:bc:
48:61:61:57:4d:34:12:5e:45:4c:9a:15:50:c9:2a:
87:1e:af:e0:ec:70:65:02:39:d3:17:2b:8c:11:bd:
7d:42:1d:5a:03:03:dc:a6:fe:0f:08:bc:06:e4:f7:
19:83:36:14:97:6c:14:00:e9:81:62:97:cc:8d:63:
a1:cd:0a:68:d7:88:44:9c:cb:1e:1c:49:2d:2b:bc:
b7:0f:19:b3:73:8e:4e:b2:16:f5:24:d7:0f:a7:68:
17:97:9b:9d:c6:54:e9:17:9d:b0:37:9f:c0:57:78:
c1:42:76:fc:fe:36:c4:70:f9:f1:e1:ce:a7:b8:1f:
0d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E0:E1:4A:D3:4B:04:A4:9F:8F:02:86:7F:1D:C2:11:B8:FC:D7:54
X509v3 Authority Key Identifier:
keyid:9D:8F:39:34:83:D4:89:C4:29:FC:18:B0:93:42:D7:6D:0A:FE:42:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nY85NIPUicQp_Biwk0LXbQr-QkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/YODhStNLBKSfjwKGfx3CEbj811Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9e8166-160f-4ce2-9017-1e151aa1afdc/1/nY85NIPUicQp_Biwk0LXbQr-QkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.174.200.0/21
IPv6:
2a02:1720::/32
Signature Algorithm: sha256WithRSAEncryption
36:3b:ae:18:48:67:24:21:62:ad:e5:7c:55:dd:48:2d:c4:e9:
08:a1:1a:e8:d2:65:20:76:a3:e7:6c:25:92:38:ab:df:88:36:
b5:a1:74:1b:2e:31:31:be:50:27:5f:7d:84:89:b2:e3:9c:b2:
40:bc:5e:20:9e:89:6f:27:68:16:76:b6:a0:c2:bf:03:3b:f8:
3d:96:64:1e:46:ae:c8:0a:05:d6:2a:e1:96:7a:ce:c7:95:14:
67:54:28:3f:3f:1b:eb:a6:a8:f3:57:e6:2b:7a:e6:c1:34:9a:
8a:36:39:d3:32:6d:51:eb:94:32:8f:34:59:73:04:bc:3b:f3:
8c:fd:d9:2a:7a:0a:23:30:7c:00:25:0e:c2:ce:7a:3f:5f:a2:
38:5e:c7:ae:9a:b5:44:ac:f1:f2:90:3e:88:f8:26:cc:65:bd:
4a:e7:fe:d0:11:e3:c7:db:77:28:61:be:58:aa:3a:46:1e:c2:
b4:7c:a1:df:bc:a2:d1:f7:25:fe:3a:2c:a0:6e:d6:53:e2:47:
70:8d:71:77:fe:58:d5:dd:98:85:78:01:d0:c6:a7:5c:fb:bf:
38:88:d0:ab:e9:22:a9:7a:5f:39:eb:ec:72:e9:b6:f6:a0:bf:
b5:e4:3f:a6:a6:23:a0:bf:7d:f2:b8:a4:80:d5:8b:aa:ea:67:
3a:58:64:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu9CM52eLQt0ICW4k+XACsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGYzOTM0ODNkNDg5YzQyOWZjMThiMDkzNDJkNzZkMGFm
ZTQyNDQwHhcNMjMwMTAxMjAwOTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUwZTE0YWQzNGIwNGE0OWY4ZjAyODY3ZjFkYzIxMWI4ZmNkNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgduGQz5POnslFD4Yj+PLlGTtdCZt
fbtjw9y7nnAJ12oTQMr0Dh4rGe7hFMLNVhUO3F0TRH8IXs3o+uIkK3Z7s3I565fK
xpaPnGu6N02c0CABxU4P+VXvfdilVqLnqr1GsD9LQMdrT1s7OlhQsAdr9ORTz3hy
9ZBUux/FQMhN/Tn4Y3RZu7xIYWFXTTQSXkVMmhVQySqHHq/g7HBlAjnTFyuMEb19
Qh1aAwPcpv4PCLwG5PcZgzYUl2wUAOmBYpfMjWOhzQpo14hEnMseHEktK7y3Dxmz
c45Oshb1JNcPp2gXl5udxlTpF52wN5/AV3jBQnb8/jbEcPnx4c6nuB8NpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDg4UrTSwSkn48Chn8dwhG4/NdUMB8GA1UdIwQY
MBaAFJ2POTSD1InEKfwYsJNC120K/kJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTct
MWUxNTFhYTFhZmRjLzEvWU9EaFN0TkxCS1NmandLR2Z4M0NFYmo4MTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZTgxNjYtMTYwZi00Y2UyLTkwMTctMWUxNTFhYTFhZmRj
LzEvblk4NU5JUFVpY1FwX0Jpd2swTFhiUXItUWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXa7IMA0E
AgACMAcDBQAqAhcgMA0GCSqGSIb3DQEBCwUAA4IBAQA2O64YSGckIWKt5XxV3Ugt
xOkIoRro0mUgdqPnbCWSOKvfiDa1oXQbLjExvlAnX32EibLjnLJAvF4gnolvJ2gW
dragwr8DO/g9lmQeRq7ICgXWKuGWes7HlRRnVCg/PxvrpqjzV+YreubBNJqKNjnT
Mm1R65QyjzRZcwS8O/OM/dkqegojMHwAJQ7Czno/X6I4XseumrVErPHykD6I+CbM
Zb1K5/7QEePH23coYb5YqjpGHsK0fKHfvKLR9yX+OiygbtZT4kdwjXF3/ljV3ZiF
eAHQxqdc+784iNCr6SKpel856+xy6bb2oL+15D+mpiOgv33yuKSA1Yuq6mc6WGQz
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:49 2024 by rpki-client on console-fra.rpki-client.org