Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/YY0VtN7Aze5Vp_pux8vLZ-VxPtI.roa
File: YY0VtN7Aze5Vp_pux8vLZ-VxPtI.roa (raw, json)
Hash identifier: HEazgY3HGFMN/0QpgEUurUWsWDf0rU4+aIlnlDiR0vw=
Subject key identifier: 61:8D:15:B4:DE:C0:CD:EE:55:A7:FA:6E:C7:CB:CB:67:E5:71:3E:D2
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018991E1E7615E482D86070D3EF96C9EF9A3
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/YY0VtN7Aze5Vp_pux8vLZ-VxPtI.roa
Signing time: Wed 26 Jul 2023 11:07:28 +0000
ROA not before: Wed 26 Jul 2023 11:07:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
5.63.24.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:e1:e7:61:5e:48:2d:86:07:0d:3e:f9:6c:9e:f9:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jul 26 11:07:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=618d15b4dec0cdee55a7fa6ec7cbcb67e5713ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:74:46:b0:e8:b6:79:07:b9:b9:b3:99:4a:
89:c0:e6:2a:4a:8f:43:dc:40:62:27:7a:b7:b0:c2:
05:c6:33:12:e1:99:21:78:9a:75:d9:f9:b0:64:b1:
f4:95:5b:63:3a:85:49:04:c9:28:60:c7:67:f0:6a:
db:d6:9f:9c:c2:f6:2e:c3:b3:bf:7d:db:97:10:b3:
20:0c:3d:29:35:7a:75:2c:7e:3b:79:11:31:6d:55:
d5:08:9b:8c:e3:ee:5f:31:0c:4e:2a:0c:b6:35:64:
2f:83:c1:09:f7:13:17:36:5c:f8:21:d0:26:75:f6:
a2:45:ec:b5:1e:23:cd:b5:18:a1:fd:d2:67:b6:26:
c6:f3:52:54:29:7c:e9:c7:85:33:7b:00:98:77:91:
aa:b3:d5:df:5f:19:31:f9:58:97:5c:8f:18:3b:a1:
55:38:81:db:8b:0c:33:61:6d:18:e0:90:ea:3a:3e:
ae:81:2f:03:34:bd:15:9a:d9:f1:fc:24:fe:ee:41:
fe:26:3c:f2:b4:95:92:a8:5c:20:43:dc:e5:32:bf:
48:5c:d9:36:8f:e6:fa:ee:ba:71:7b:a1:5e:be:03:
2b:d1:63:25:a5:56:e1:ed:2e:1a:3d:73:7a:bd:b9:
aa:d8:71:54:99:0b:41:31:ce:a1:c1:06:6d:4b:52:
52:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8D:15:B4:DE:C0:CD:EE:55:A7:FA:6E:C7:CB:CB:67:E5:71:3E:D2
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/YY0VtN7Aze5Vp_pux8vLZ-VxPtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
71:21:b7:76:03:84:3e:09:c5:87:80:24:f3:a8:9f:dd:d1:b5:
ed:b4:79:6a:d6:ae:8f:2e:08:f0:6c:9f:50:62:ca:d5:25:b1:
1e:6a:55:b0:65:8e:cb:c9:b9:6c:02:8b:49:c6:83:84:b4:53:
24:7d:8b:48:f3:49:40:bc:74:58:03:05:13:12:14:c3:84:40:
98:56:ed:8b:69:2a:25:0f:ff:db:5e:5c:87:bd:11:2c:af:93:
af:06:fd:33:1a:d0:fd:22:ec:24:c6:b6:39:b7:32:d9:48:ec:
64:c9:cf:04:91:5c:b2:1a:1c:b0:67:84:aa:82:c0:b3:c3:f2:
f9:4c:15:e6:44:da:f3:fd:70:ca:45:71:52:4c:bf:ad:aa:24:
92:20:59:92:4e:1f:96:3b:e5:62:9f:d2:c1:9c:d0:d9:73:33:
1d:65:b4:1c:a9:4d:77:2b:f4:bc:69:1a:17:37:2a:02:b7:5e:
c9:09:49:6f:4d:a1:3e:9b:0b:9d:c5:07:09:7a:be:3a:1c:63:
e5:32:60:28:bc:73:de:cb:cf:9c:5b:13:b1:eb:be:36:4d:2a:
4f:15:bb:72:ce:04:55:db:45:f6:e2:59:b7:b5:e9:65:35:9c:
7f:c7:be:6c:e5:2d:20:bc:c6:46:d5:cb:48:c0:5d:81:c9:36:
27:69:31:ae
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmR4edhXkgthgcNPvlsnvmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwNzI2MTEwNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThkMTViNGRlYzBjZGVlNTVhN2ZhNmVjN2NiY2I2N2U1NzEzZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2x0RrDotnkHubmzmUqJwOYqSo9D
3EBiJ3q3sMIFxjMS4ZkheJp12fmwZLH0lVtjOoVJBMkoYMdn8Grb1p+cwvYuw7O/
fduXELMgDD0pNXp1LH47eRExbVXVCJuM4+5fMQxOKgy2NWQvg8EJ9xMXNlz4IdAm
dfaiRey1HiPNtRih/dJntibG81JUKXzpx4UzewCYd5Gqs9XfXxkx+ViXXI8YO6FV
OIHbiwwzYW0Y4JDqOj6ugS8DNL0Vmtnx/CT+7kH+JjzytJWSqFwgQ9zlMr9IXNk2
j+b67rpxe6FevgMr0WMlpVbh7S4aPXN6vbmq2HFUmQtBMc6hwQZtS1JS8wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGGNFbTewM3uVaf6bsfLy2flcT7SMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvWVkwVnRON0F6ZTVWcF9wdXg4dkxaLVZ4UHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMFPxgD
BAAFPxwDBAG5VU4wDQYJKoZIhvcNAQELBQADggEBAHEht3YDhD4JxYeAJPOon93R
te20eWrWro8uCPBsn1BiytUlsR5qVbBljsvJuWwCi0nGg4S0UyR9i0jzSUC8dFgD
BRMSFMOEQJhW7YtpKiUP/9teXIe9ESyvk68G/TMa0P0i7CTGtjm3MtlI7GTJzwSR
XLIaHLBnhKqCwLPD8vlMFeZE2vP9cMpFcVJMv62qJJIgWZJOH5Y75WKf0sGc0Nlz
Mx1ltBypTXcr9LxpGhc3KgK3XskJSW9NoT6bC53FBwl6vjocY+UyYCi8c97Lz5xb
E7HrvjZNKk8Vu3LOBFXbRfbiWbe16WU1nH/HvmzlLSC8xkbVy0jAXYHJNidpMa4=
-----END CERTIFICATE-----
Generated at Thu Aug 3 13:14:45 2023 by rpki-client on console-fra.rpki-client.org