Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yHsKhSKyhc4m77_8ZK7LHnVjF14.roa
File: yHsKhSKyhc4m77_8ZK7LHnVjF14.roa (raw, json)
Hash identifier: goqemPxDPxxgUngFq7vaPdI0WC0G2Z59Ykx4fHfQ6JA=
Subject key identifier: C8:7B:0A:85:22:B2:85:CE:26:EF:BF:FC:64:AE:CB:1E:75:63:17:5E
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 01856F2FE23D827958687125FCA81567AC37
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yHsKhSKyhc4m77_8ZK7LHnVjF14.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13119
IP address blocks: 213.155.160.0/19 maxlen: 19
212.14.48.0/20 maxlen: 20
80.94.16.0/20 maxlen: 20
2001:4c5c::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e2:3d:82:79:58:68:71:25:fc:a8:15:67:ac:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c87b0a8522b285ce26efbffc64aecb1e7563175e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5d:12:6f:19:b4:f0:3e:97:a3:29:66:a8:dd:
d2:c8:2b:26:f8:e7:8a:1c:71:47:f5:db:b9:5f:48:
67:a9:78:5a:36:ed:5a:a6:48:c6:d6:0b:8f:3f:84:
23:98:cb:ab:be:55:2a:e4:10:e2:1d:98:5b:3c:b2:
0b:1c:2f:85:95:49:a4:72:81:74:fe:a0:09:70:05:
4b:21:d3:39:e1:45:13:4b:30:a9:bd:5f:48:99:9e:
4a:76:68:94:0d:d7:76:d7:18:2f:16:0b:51:e4:15:
86:63:54:7d:37:17:b9:e4:bc:27:54:34:61:ab:19:
3b:9d:b3:95:e5:21:58:de:ce:d7:ac:a4:71:6b:d2:
44:49:93:24:b0:09:1e:04:96:27:ca:c8:9b:9f:23:
eb:18:ea:18:ff:e1:4c:d6:29:c5:72:67:26:6a:6d:
52:09:20:4e:55:f2:bd:89:68:67:9c:54:43:98:c2:
b3:6d:dc:71:ff:e0:e1:68:49:9a:9e:ab:64:e3:91:
dc:35:07:da:3b:cf:ca:59:74:1a:06:d5:ff:ad:86:
eb:0a:f9:50:bf:78:17:92:2a:b5:bb:86:9b:d5:38:
d2:e4:64:73:44:a5:b7:8e:fb:9d:b9:9e:78:56:9a:
92:ac:63:ea:3c:5d:7c:31:d5:83:1c:7d:ab:69:e2:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7B:0A:85:22:B2:85:CE:26:EF:BF:FC:64:AE:CB:1E:75:63:17:5E
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/yHsKhSKyhc4m77_8ZK7LHnVjF14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.16.0/20
212.14.48.0/20
213.155.160.0/19
IPv6:
2001:4c5c::/30
Signature Algorithm: sha256WithRSAEncryption
3f:97:48:cb:db:0c:d1:ae:04:cc:47:4a:5d:75:8b:e3:bb:3e:
41:22:de:0a:79:28:03:36:39:af:cc:e4:f3:d6:13:b7:45:0a:
80:a8:41:b3:04:87:3f:65:a9:71:f4:52:80:a4:fe:92:e2:fe:
13:62:ab:d5:af:a8:b9:bf:1e:d1:2b:98:d2:1a:33:ad:06:dd:
2a:6c:5d:cc:2a:42:89:94:53:c9:3d:61:34:00:59:0e:df:b2:
e0:c9:6c:b4:6b:65:ff:8d:9c:42:ca:4a:0d:35:38:28:f2:04:
3a:c4:d2:7f:5b:91:47:e7:c7:c8:3d:16:fb:c6:a6:2d:8d:c3:
59:ef:ef:70:2d:59:d7:39:ba:4b:89:dd:23:56:95:7a:59:35:
d9:6a:19:3d:73:5a:04:4e:d9:25:e9:07:d4:ac:be:bd:bf:4b:
b7:0f:79:b5:52:75:76:3c:a4:55:b2:1b:5e:38:36:d2:6d:1a:
60:84:89:c3:46:87:2c:97:8f:86:5f:a8:2a:7c:bb:50:b5:2e:
95:bf:c1:4c:70:83:20:21:34:fd:9a:64:97:f4:0b:29:cd:dd:
7b:b9:7b:50:16:bb:24:6e:c8:9a:84:c6:98:ec:fb:41:5f:e3:
78:47:09:68:c2:74:da:2a:36:76:f6:2a:3e:58:3d:c7:a6:b3:
4d:f7:d3:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvL+I9gnlYaHEl/KgVZ6w3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdiMGE4NTIyYjI4NWNlMjZlZmJmZmM2NGFlY2IxZTc1NjMxNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV0Sbxm08D6XoylmqN3SyCsm+OeK
HHFH9du5X0hnqXhaNu1apkjG1guPP4QjmMurvlUq5BDiHZhbPLILHC+FlUmkcoF0
/qAJcAVLIdM54UUTSzCpvV9ImZ5KdmiUDdd21xgvFgtR5BWGY1R9Nxe55LwnVDRh
qxk7nbOV5SFY3s7XrKRxa9JESZMksAkeBJYnysibnyPrGOoY/+FM1inFcmcmam1S
CSBOVfK9iWhnnFRDmMKzbdxx/+DhaEmanqtk45HcNQfaO8/KWXQaBtX/rYbrCvlQ
v3gXkiq1u4ab1TjS5GRzRKW3jvuduZ54VpqSrGPqPF18MdWDHH2raeJTlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMh7CoUisoXOJu+//GSuyx51YxdeMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEveUhzS2hTS3loYzRtNzdfOFpLN0xIblZqRjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUF4QAwQE
1A4wAwQF1ZugMA0EAgACMAcDBQIgAUxcMA0GCSqGSIb3DQEBCwUAA4IBAQA/l0jL
2wzRrgTMR0pddYvjuz5BIt4KeSgDNjmvzOTz1hO3RQqAqEGzBIc/Zalx9FKApP6S
4v4TYqvVr6i5vx7RK5jSGjOtBt0qbF3MKkKJlFPJPWE0AFkO37LgyWy0a2X/jZxC
ykoNNTgo8gQ6xNJ/W5FH58fIPRb7xqYtjcNZ7+9wLVnXObpLid0jVpV6WTXZahk9
c1oETtkl6QfUrL69v0u3D3m1UnV2PKRVshteODbSbRpghInDRocsl4+GX6gqfLtQ
tS6Vv8FMcIMgITT9mmSX9Aspzd17uXtQFrskbsiahMaY7PtBX+N4RwlownTaKjZ2
9io+WD3HprNN99Na
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:31 2024 by rpki-client on console-ams.rpki-client.org