Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/ay9jwavk3qui5pE2MOHyawTc1do.roa
File: ay9jwavk3qui5pE2MOHyawTc1do.roa (raw, json)
Hash identifier: dfyeSl8y6Gt2+p5RQByZ7aIEGg+lgaVxfPoT2wtbyQs=
Subject key identifier: 6B:2F:63:C1:AB:E4:DE:AB:A2:E6:91:36:30:E1:F2:6B:04:DC:D5:DA
Certificate issuer: /CN=5262505b488581c2ecd7582a34ece52632e3ef96
Certificate serial: 0185715546CAF58916AC79A9EFD49B0851B4
Authority key identifier: 52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/ay9jwavk3qui5pE2MOHyawTc1do.roa
Signing time: Mon 02 Jan 2023 07:14:52 +0000
ROA not before: Mon 02 Jan 2023 07:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200780
IP address blocks: 91.233.66.0/24 maxlen: 24
185.217.200.0/22 maxlen: 22
185.62.224.0/22 maxlen: 22
2a0b:cbc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:46:ca:f5:89:16:ac:79:a9:ef:d4:9b:08:51:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5262505b488581c2ecd7582a34ece52632e3ef96
Validity
Not Before: Jan 2 07:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b2f63c1abe4deaba2e6913630e1f26b04dcd5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6f:d0:32:3a:8b:43:3b:64:92:af:50:ca:09:
7b:1a:84:f3:31:98:08:c6:51:c1:92:d9:fc:63:5d:
4c:0e:33:2f:2c:74:93:63:31:6a:c4:da:16:ed:9e:
33:a0:5c:2a:ab:97:65:b3:0c:1d:7a:c5:71:fe:b5:
45:aa:f9:b3:27:99:f5:d2:59:75:06:44:fd:75:76:
76:9f:27:29:d2:64:12:8f:b7:67:4b:1c:9e:f5:09:
97:11:d1:a4:ee:f0:32:fa:a9:57:08:d0:35:e4:1c:
ab:31:d3:cc:5b:59:f1:b0:c3:4e:56:01:86:7d:cc:
dd:b8:3a:bc:dc:f0:fb:28:85:cb:30:02:99:e0:36:
cf:6e:8e:b3:55:aa:32:e9:15:f2:6a:33:d3:f0:b0:
3f:cc:f9:0f:e0:55:95:b1:29:bd:f7:6c:2e:67:e3:
9e:7e:18:30:1c:3a:aa:40:96:57:c1:72:00:33:e5:
bd:32:a3:d6:a7:f1:9d:8a:7f:cb:2f:35:a1:42:fc:
cf:0a:59:54:b1:70:0c:b6:c0:7d:9f:40:b5:c4:a9:
18:45:c6:78:54:ad:3c:a5:85:da:81:fd:66:a8:e4:
8b:36:0c:48:2b:4c:8b:a3:63:aa:59:84:3d:76:cf:
bb:e2:79:ca:5c:72:03:9e:04:b9:95:76:73:ab:26:
f7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2F:63:C1:AB:E4:DE:AB:A2:E6:91:36:30:E1:F2:6B:04:DC:D5:DA
X509v3 Authority Key Identifier:
keyid:52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/ay9jwavk3qui5pE2MOHyawTc1do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/UmJQW0iFgcLs11gqNOzlJjLj75Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.66.0/24
185.62.224.0/22
185.217.200.0/22
IPv6:
2a0b:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
86:11:0d:2a:75:b6:31:ed:de:a1:25:f1:e0:4e:ab:39:5f:68:
84:49:8c:40:83:59:09:0b:9b:46:ef:82:7e:54:d4:2c:f1:7b:
ca:39:17:c4:2c:af:c5:49:3b:1f:01:1f:97:2d:f0:00:57:04:
3b:60:ba:a6:d9:85:73:93:4c:6a:eb:19:41:39:40:ab:98:e6:
67:64:da:79:e1:df:8e:4d:38:80:03:fd:ff:a4:dd:c3:ee:94:
41:13:a5:28:b6:7a:71:18:22:f6:51:d4:54:8a:18:a9:df:df:
c6:d9:67:19:48:78:0a:f1:da:99:5c:b4:28:f2:db:25:83:0d:
eb:d7:b3:e0:93:ac:60:93:77:49:7e:02:ed:28:a8:6b:f4:04:
5e:40:8d:2a:94:8a:af:fb:0f:47:3c:34:5b:99:09:3c:f7:90:
08:83:d1:5e:62:31:3e:a7:c2:31:11:3a:2a:c9:0b:6d:7f:b0:
9e:e6:06:27:c0:e4:04:b4:58:01:35:ea:b0:d1:af:0f:01:cd:
da:af:32:dd:36:fc:fb:b2:2e:20:f2:d9:a5:2f:0a:b0:e3:49:
c9:c0:d7:a3:4c:a0:c4:5c:30:d9:f6:41:6b:53:fe:78:66:a0:
ad:26:c1:a9:fa:81:99:d6:03:c5:ea:5e:a7:33:4e:62:8a:96:
11:d4:dc:34
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxVUbK9YkWrHmp79SbCFG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjI1MDViNDg4NTgxYzJlY2Q3NTgyYTM0ZWNlNTI2MzJl
M2VmOTYwHhcNMjMwMTAyMDcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjJmNjNjMWFiZTRkZWFiYTJlNjkxMzYzMGUxZjI2YjA0ZGNkNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW/QMjqLQztkkq9Qygl7GoTzMZgI
xlHBktn8Y11MDjMvLHSTYzFqxNoW7Z4zoFwqq5dlswwdesVx/rVFqvmzJ5n10ll1
BkT9dXZ2nycp0mQSj7dnSxye9QmXEdGk7vAy+qlXCNA15ByrMdPMW1nxsMNOVgGG
fczduDq83PD7KIXLMAKZ4DbPbo6zVaoy6RXyajPT8LA/zPkP4FWVsSm992wuZ+Oe
fhgwHDqqQJZXwXIAM+W9MqPWp/Gdin/LLzWhQvzPCllUsXAMtsB9n0C1xKkYRcZ4
VK08pYXagf1mqOSLNgxIK0yLo2OqWYQ9ds+74nnKXHIDngS5lXZzqyb3PwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGsvY8Gr5N6rouaRNjDh8msE3NXaMB8GA1UdIwQY
MBaAFFJiUFtIhYHC7NdYKjTs5SYy4++WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1KUVcwaUZnY0xzMTFncU5PemxKakxqNzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9kZmJhYTItNGEyNy00ZjNjLWI5ZmMt
ZmIwMTQzNmE2OTVmLzEvYXk5andhdmszcXVpNXBFMk1PSHlhd1RjMWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9kZmJhYTItNGEyNy00ZjNjLWI5ZmMtZmIwMTQzNmE2OTVm
LzEvVW1KUVcwaUZnY0xzMTFncU5PemxKakxqNzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+lCAwQC
uT7gAwQCudnIMA0EAgACMAcDBQMqC8vAMA0GCSqGSIb3DQEBCwUAA4IBAQCGEQ0q
dbYx7d6hJfHgTqs5X2iESYxAg1kJC5tG74J+VNQs8XvKORfELK/FSTsfAR+XLfAA
VwQ7YLqm2YVzk0xq6xlBOUCrmOZnZNp54d+OTTiAA/3/pN3D7pRBE6UotnpxGCL2
UdRUihip39/G2WcZSHgK8dqZXLQo8tslgw3r17Pgk6xgk3dJfgLtKKhr9AReQI0q
lIqv+w9HPDRbmQk895AIg9FeYjE+p8IxEToqyQttf7Ce5gYnwOQEtFgBNeqw0a8P
Ac3arzLdNvz7si4g8tmlLwqw40nJwNejTKDEXDDZ9kFrU/54ZqCtJsGp+oGZ1gPF
6l6nM05iipYR1Nw0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:54 2024 by rpki-client on console-fra.rpki-client.org