Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/YJprYpjWJ8sRmvn-We4k4pqLbeE.roa
File: YJprYpjWJ8sRmvn-We4k4pqLbeE.roa (raw, json)
Hash identifier: 2hxZjgGmvhABvUeN1fZvObvBQV7phKBHIuqp1fBeB8o=
Subject key identifier: 60:9A:6B:62:98:D6:27:CB:11:9A:F9:FE:59:EE:24:E2:9A:8B:6D:E1
Certificate issuer: /CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Certificate serial: 01856F0B55E7321D266988A5B4AF025EE85A
Authority key identifier: 3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/YJprYpjWJ8sRmvn-We4k4pqLbeE.roa
Signing time: Sun 01 Jan 2023 20:34:51 +0000
ROA not before: Sun 01 Jan 2023 20:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57581
IP address blocks: 185.27.78.0/24 maxlen: 24
185.27.77.0/24 maxlen: 24
185.27.76.0/22 maxlen: 22
185.27.76.0/24 maxlen: 24
194.114.145.0/24 maxlen: 24
2a00:92a0::/32 maxlen: 32
2a00:92a0:20::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:55:e7:32:1d:26:69:88:a5:b4:af:02:5e:e8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae0096247a8c54e5de8c1b0daf1054aec8cc450
Validity
Not Before: Jan 1 20:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=609a6b6298d627cb119af9fe59ee24e29a8b6de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:22:2b:d6:1d:d0:b9:7e:ad:6a:9f:d7:dd:5f:
df:31:d1:b5:26:a5:30:b9:f0:14:3b:09:ba:7c:67:
33:a1:4e:a8:c4:fd:6e:51:ff:4f:fb:f1:3e:41:9e:
c9:af:ac:46:d4:9c:c5:37:94:2c:42:b2:8b:68:28:
dd:09:55:49:9a:d8:79:2f:e9:25:5f:71:43:5a:94:
95:e0:70:42:22:8f:42:4a:5e:23:87:5e:f7:77:8f:
dd:7f:75:b4:5e:d9:11:f2:1c:e6:27:e7:3a:6f:75:
a1:9c:6c:81:fb:3c:89:a1:0f:c4:a5:23:9c:92:d5:
bf:3c:10:14:2c:04:38:27:1d:c2:29:7c:44:28:ae:
1b:5a:6d:58:6d:0c:a7:c8:ec:89:6d:6a:68:3d:84:
93:8b:ab:c6:66:11:f5:ce:3c:91:83:29:7f:a4:2d:
24:12:01:b6:64:37:4a:52:26:60:2e:81:22:0d:97:
02:74:cd:bf:84:e6:f3:81:58:e9:77:7c:ff:6a:27:
f5:2f:f7:20:54:9c:c4:f7:d5:a1:55:ae:53:9a:31:
a0:ea:00:2b:60:bd:1a:1c:90:8e:cf:fb:cb:0e:7b:
9c:28:b8:af:ea:38:8f:e2:6f:53:96:ad:38:48:cb:
7e:5e:4d:ec:8f:4a:e1:69:52:6b:00:4b:92:ce:75:
51:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9A:6B:62:98:D6:27:CB:11:9A:F9:FE:59:EE:24:E2:9A:8B:6D:E1
X509v3 Authority Key Identifier:
keyid:3A:E0:09:62:47:A8:C5:4E:5D:E8:C1:B0:DA:F1:05:4A:EC:8C:C4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuAJYkeoxU5d6MGw2vEFSuyMxFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/YJprYpjWJ8sRmvn-We4k4pqLbeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/0aa494-9308-47ee-a808-b9722144513f/1/OuAJYkeoxU5d6MGw2vEFSuyMxFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.76.0/22
194.114.145.0/24
IPv6:
2a00:92a0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:80:a4:27:5f:e3:35:74:dc:3f:6f:e7:64:dc:3e:11:c7:71:
7f:a4:c0:b6:3a:89:b5:e2:fd:6e:30:9c:84:de:a7:7a:f8:c4:
69:d8:18:6b:13:1f:e0:4a:c1:e0:17:b1:02:9a:6a:da:ef:57:
b0:e7:5a:f3:b7:88:03:d8:e3:8e:bf:64:f0:24:d4:80:d4:28:
c5:c3:d6:04:78:1a:89:9d:82:e5:68:31:fb:22:20:14:3d:6e:
26:04:8e:68:e5:9b:1d:34:7a:55:5b:04:5a:80:d6:a4:b6:e9:
ea:d7:af:1a:24:ba:86:c2:06:9b:65:95:cc:4e:15:51:21:e0:
fd:36:8a:ce:57:1e:f0:49:52:4d:ba:d4:2d:21:bb:8d:4d:e8:
2f:be:4e:23:00:84:2f:18:e6:4a:fa:3b:47:d4:73:d5:e1:83:
70:b6:d1:0f:a3:2b:5e:92:e4:96:2a:d0:6d:a6:ee:ca:58:f8:
30:8b:8a:7b:c6:12:06:08:ef:83:37:67:55:67:11:80:65:87:
2b:5c:f4:67:07:ff:e8:d8:db:5f:98:bb:9b:66:cf:fb:6f:0a:
bd:61:9e:2b:45:7b:d7:18:d2:58:f8:2b:0b:ab:16:c1:c9:94:
3e:52:40:7d:57:16:f8:61:9f:b6:54:bf:51:6a:0e:35:7e:f3:
39:e9:22:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvC1XnMh0maYiltK8CXuhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTAwOTYyNDdhOGM1NGU1ZGU4YzFiMGRhZjEwNTRhZWM4
Y2M0NTAwHhcNMjMwMTAxMjAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDlhNmI2Mjk4ZDYyN2NiMTE5YWY5ZmU1OWVlMjRlMjlhOGI2ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSIr1h3QuX6tap/X3V/fMdG1JqUw
ufAUOwm6fGczoU6oxP1uUf9P+/E+QZ7Jr6xG1JzFN5QsQrKLaCjdCVVJmth5L+kl
X3FDWpSV4HBCIo9CSl4jh173d4/df3W0XtkR8hzmJ+c6b3WhnGyB+zyJoQ/EpSOc
ktW/PBAULAQ4Jx3CKXxEKK4bWm1YbQynyOyJbWpoPYSTi6vGZhH1zjyRgyl/pC0k
EgG2ZDdKUiZgLoEiDZcCdM2/hObzgVjpd3z/aif1L/cgVJzE99WhVa5TmjGg6gAr
YL0aHJCOz/vLDnucKLiv6jiP4m9Tlq04SMt+Xk3sj0rhaVJrAEuSznVR2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGCaa2KY1ifLEZr5/lnuJOKai23hMB8GA1UdIwQY
MBaAFDrgCWJHqMVOXejBsNrxBUrsjMRQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgt
Yjk3MjIxNDQ1MTNmLzEvWUpwcllwaldKOHNSbXZuLVdlNGs0cHFMYmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8wYWE0OTQtOTMwOC00N2VlLWE4MDgtYjk3MjIxNDQ1MTNm
LzEvT3VBSllrZW94VTVkNk1HdzJ2RUZTdXlNeEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRtMAwQA
wnKRMA0EAgACMAcDBQAqAJKgMA0GCSqGSIb3DQEBCwUAA4IBAQB+gKQnX+M1dNw/
b+dk3D4Rx3F/pMC2Oom14v1uMJyE3qd6+MRp2BhrEx/gSsHgF7ECmmra71ew51rz
t4gD2OOOv2TwJNSA1CjFw9YEeBqJnYLlaDH7IiAUPW4mBI5o5ZsdNHpVWwRagNak
tunq168aJLqGwgabZZXMThVRIeD9NorOVx7wSVJNutQtIbuNTegvvk4jAIQvGOZK
+jtH1HPV4YNwttEPoytekuSWKtBtpu7KWPgwi4p7xhIGCO+DN2dVZxGAZYcrXPRn
B//o2NtfmLubZs/7bwq9YZ4rRXvXGNJY+CsLqxbByZQ+UkB9Vxb4YZ+2VL9Rag41
fvM56SIx
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:31 2024 by rpki-client on console-ams.rpki-client.org