Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ykLUn7aJg4aRZ3jHxM-ibAsDHrc.roa
File: ykLUn7aJg4aRZ3jHxM-ibAsDHrc.roa (raw, json)
Hash identifier: iLw29HHWxpzlgK5l9C6RnfhIM3HULZj6lt9OhRr1knU=
Subject key identifier: CA:42:D4:9F:B6:89:83:86:91:67:78:C7:C4:CF:A2:6C:0B:03:1E:B7
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01861733B420E4E49D80249C26B0A95A284E
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ykLUn7aJg4aRZ3jHxM-ibAsDHrc.roa
Signing time: Fri 03 Feb 2023 12:15:09 +0000
ROA not before: Fri 03 Feb 2023 12:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205220
IP address blocks: 46.23.99.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
109.205.212.0/24 maxlen: 24
5.10.248.0/22 maxlen: 22
188.64.12.0/22 maxlen: 22
185.81.219.0/24 maxlen: 24
185.81.216.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:33:b4:20:e4:e4:9d:80:24:9c:26:b0:a9:5a:28:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 3 12:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca42d49fb6898386916778c7c4cfa26c0b031eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:7d:53:8b:73:b4:8f:0e:fe:52:82:01:1a:
db:fa:51:52:31:50:0f:73:3f:a5:a8:35:54:11:b0:
cc:b1:55:18:ff:69:b2:74:66:e5:69:f3:a4:11:76:
19:21:17:43:d6:74:74:b1:62:4c:3f:03:66:74:9c:
da:04:dd:7b:aa:94:3a:a1:14:ad:53:be:5c:25:e3:
2e:f1:ca:69:f5:5e:b2:f4:bb:1d:78:1c:5f:47:a6:
9c:cc:fd:67:c4:c1:bc:a0:16:a1:c3:72:68:7e:32:
57:04:d5:52:f1:23:6a:51:13:b8:33:73:95:25:24:
fb:31:2c:77:4a:d8:0d:43:42:c5:bd:a5:57:6b:0e:
9f:e9:2b:95:0c:09:0a:b9:a7:3c:5f:5e:09:1d:4d:
20:c0:a2:49:01:af:54:8f:39:0d:7e:1b:f4:8d:5a:
ee:61:0a:e9:91:f5:88:bf:35:17:00:b8:19:6d:b0:
3f:c5:07:a3:2b:33:a9:08:68:d6:34:ed:be:1f:23:
10:c4:a5:2f:75:04:8d:20:ab:46:53:71:f8:8b:66:
59:dc:71:d5:98:fe:c4:c5:1c:a1:2d:62:95:3a:24:
92:d2:be:dd:1e:21:45:0f:e5:55:bd:fa:fa:5a:1f:
0e:16:2a:4a:3e:37:24:78:ab:fa:2d:54:bf:26:52:
ae:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:42:D4:9F:B6:89:83:86:91:67:78:C7:C4:CF:A2:6C:0B:03:1E:B7
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/ykLUn7aJg4aRZ3jHxM-ibAsDHrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.248.0/22
46.23.99.0-46.23.103.255
109.205.212.0/24
185.81.216.0/23
185.81.219.0/24
188.64.12.0/22
Signature Algorithm: sha256WithRSAEncryption
44:3f:d1:af:c0:67:11:12:c8:0d:22:d6:0f:71:5e:31:1c:19:
bd:94:2c:64:c0:54:3f:cd:24:3e:ca:23:8d:b4:bd:3a:e8:47:
d5:17:92:6e:e4:6c:fc:02:c9:65:51:2f:97:2c:56:28:9d:57:
ad:ab:9c:c1:46:a9:6a:c2:16:9c:4a:d9:11:f3:16:5a:e3:4f:
c0:65:77:fb:0b:9a:3d:46:99:24:1f:11:0e:26:53:1a:61:22:
4c:36:ca:1b:0e:92:77:32:6d:83:8f:13:bd:c5:d7:92:42:77:
53:c6:43:b5:98:e1:f5:d7:f2:c4:3b:cc:0f:4a:ea:1d:51:1e:
df:76:4e:20:31:55:7d:67:b4:36:c3:38:53:2f:8c:f5:ae:55:
83:e8:3f:51:28:3c:de:56:ce:b8:5b:8f:65:90:af:3f:94:7b:
3e:9c:e7:d1:fc:35:25:70:3e:56:a5:a6:bf:3d:8a:2e:ae:10:
80:ba:a1:f0:75:8e:e9:60:31:cd:d6:92:cc:a3:f5:81:21:0e:
f4:58:54:8d:d4:35:dc:69:e4:93:39:61:e0:41:58:54:48:90:
65:23:d0:e2:17:ca:63:73:9a:47:82:e0:dd:b6:4d:84:a7:e0:
ab:39:35:93:bc:39:c0:b2:94:37:30:f3:af:ba:eb:ae:1c:7b:
b8:39:b8:8a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYYXM7Qg5OSdgCScJrCpWihOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjAzMTIxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQyZDQ5ZmI2ODk4Mzg2OTE2Nzc4YzdjNGNmYTI2YzBiMDMxZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX99U4tztI8O/lKCARrb+lFSMVAP
cz+lqDVUEbDMsVUY/2mydGblafOkEXYZIRdD1nR0sWJMPwNmdJzaBN17qpQ6oRSt
U75cJeMu8cpp9V6y9LsdeBxfR6aczP1nxMG8oBahw3JofjJXBNVS8SNqURO4M3OV
JST7MSx3StgNQ0LFvaVXaw6f6SuVDAkKuac8X14JHU0gwKJJAa9UjzkNfhv0jVru
YQrpkfWIvzUXALgZbbA/xQejKzOpCGjWNO2+HyMQxKUvdQSNIKtGU3H4i2ZZ3HHV
mP7ExRyhLWKVOiSS0r7dHiFFD+VVvfr6Wh8OFipKPjckeKv6LVS/JlKufwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMpC1J+2iYOGkWd4x8TPomwLAx63MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEveWtMVW43YUpnNGFSWjNqSHhNLWliQXNESHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBQr4MAwD
BAAuF2MDBAMuF2ADBABtzdQDBAG5UdgDBAC5UdsDBAK8QAwwDQYJKoZIhvcNAQEL
BQADggEBAEQ/0a/AZxESyA0i1g9xXjEcGb2ULGTAVD/NJD7KI420vTroR9UXkm7k
bPwCyWVRL5csViidV62rnMFGqWrCFpxK2RHzFlrjT8Bld/sLmj1GmSQfEQ4mUxph
Ikw2yhsOkncybYOPE73F15JCd1PGQ7WY4fXX8sQ7zA9K6h1RHt92TiAxVX1ntDbD
OFMvjPWuVYPoP1EoPN5Wzrhbj2WQrz+Uez6c59H8NSVwPlalpr89ii6uEIC6ofB1
julgMc3Wksyj9YEhDvRYVI3UNdxp5JM5YeBBWFRIkGUj0OIXymNzmkeC4N22TYSn
4Ks5NZO8OcCylDcw86+6664ce7g5uIo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org