Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/ypG1gHPdZB5kTHXMDBAvcSgwXMg.roa
File: ypG1gHPdZB5kTHXMDBAvcSgwXMg.roa (raw, json)
Hash identifier: ZeGYWmgCFnCD2RPWPOJ34SAMpvwVU9+ljXXntBVeeAU=
Subject key identifier: CA:91:B5:80:73:DD:64:1E:64:4C:75:CC:0C:10:2F:71:28:30:5C:C8
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 01856E78B40513F45DB335AE7AEE77E6E2F8
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/ypG1gHPdZB5kTHXMDBAvcSgwXMg.roa
Signing time: Sun 01 Jan 2023 17:54:42 +0000
ROA not before: Sun 01 Jan 2023 17:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56643
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
185.241.138.0/24 maxlen: 24
185.241.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:b4:05:13:f4:5d:b3:35:ae:7a:ee:77:e6:e2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 1 17:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca91b58073dd641e644c75cc0c102f7128305cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f1:6d:6f:5f:e4:d0:23:76:1c:6b:a4:c3:33:
42:9b:5b:b4:01:ba:73:11:da:11:cf:a0:80:60:4d:
12:c5:68:0f:f6:9b:92:36:d1:84:64:d5:9e:f0:cd:
a3:28:29:72:40:13:0b:87:bf:52:67:aa:7b:09:40:
de:6d:54:4a:81:dd:eb:16:d9:71:0e:83:64:1d:54:
fd:c2:84:07:2b:40:e0:5d:c5:6f:c3:e4:c5:ea:c0:
3f:37:0a:f8:12:80:b5:95:82:5e:5c:f5:c5:62:8f:
01:69:8e:6a:f9:e0:c2:fe:97:69:5d:c4:6a:9c:11:
a1:3f:3c:7d:94:19:b3:9b:95:75:eb:01:78:5d:b4:
a9:61:d8:1e:a3:68:d5:d6:3b:4f:bd:ad:c5:b2:d0:
8b:7d:bd:0d:f4:89:ec:9a:ad:51:eb:2a:64:95:dd:
e9:e1:6c:52:88:1c:d8:06:0c:9d:e0:45:55:8b:4e:
dc:53:01:05:f9:66:33:4b:06:b9:ec:3f:3e:43:0a:
1b:ad:c6:70:0f:44:b2:08:fa:f0:62:e0:63:05:03:
f3:f9:04:73:8a:f2:fc:8a:62:db:6e:60:d1:35:e4:
8a:fc:e1:83:58:e6:25:d2:fd:64:03:65:0b:f1:c2:
fc:64:ac:b6:fb:e8:52:e4:91:e4:df:45:2c:93:da:
42:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:91:B5:80:73:DD:64:1E:64:4C:75:CC:0C:10:2F:71:28:30:5C:C8
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/ypG1gHPdZB5kTHXMDBAvcSgwXMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/22
Signature Algorithm: sha256WithRSAEncryption
29:f2:7a:b9:27:c4:52:fc:87:81:aa:36:d4:b0:cf:6e:fc:fc:
a6:52:25:1b:82:ba:bb:5d:f0:08:1b:17:d3:71:8f:33:df:27:
0e:cb:79:a3:e9:a0:84:42:ea:30:32:59:3a:d5:a2:49:11:a9:
5e:7e:32:8b:df:fc:e6:fb:cb:de:9d:95:97:42:22:94:82:f4:
f1:26:a1:9a:15:d5:98:56:65:1a:dd:be:01:22:b4:ad:e5:9a:
87:e2:3c:5e:6e:18:1a:d9:5b:e6:9f:77:f9:df:8d:7e:b7:b1:
aa:c2:b3:e4:4e:ec:d2:30:b9:93:46:c0:be:52:e5:80:a0:e3:
e9:2a:af:d3:cc:35:dc:61:c7:9d:de:f3:d1:4e:4e:33:49:53:
61:f0:bf:1e:83:0a:f1:9e:5e:da:57:64:fb:b7:f6:81:01:72:
54:b4:9d:36:b0:28:0f:1a:c4:da:51:fb:6f:4b:26:d4:b5:a9:
22:c3:fe:c0:83:5b:06:90:07:66:4d:33:6f:ae:d2:0f:b2:37:
57:ea:29:7d:c3:a1:e7:ce:71:af:60:f1:45:90:51:ce:cf:7c:
70:46:4a:87:48:3c:c1:c9:34:54:9a:4a:7a:3d:d6:42:65:bb:
38:07:14:e0:22:04:99:d7:14:d9:b1:25:d9:d1:2b:2c:b3:2f:
fd:75:c8:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVueLQFE/RdszWueu535uL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjMwMTAxMTc1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkxYjU4MDczZGQ2NDFlNjQ0Yzc1Y2MwYzEwMmY3MTI4MzA1Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Ftb1/k0CN2HGukwzNCm1u0Abpz
EdoRz6CAYE0SxWgP9puSNtGEZNWe8M2jKClyQBMLh79SZ6p7CUDebVRKgd3rFtlx
DoNkHVT9woQHK0DgXcVvw+TF6sA/Nwr4EoC1lYJeXPXFYo8BaY5q+eDC/pdpXcRq
nBGhPzx9lBmzm5V16wF4XbSpYdgeo2jV1jtPva3FstCLfb0N9Insmq1R6ypkld3p
4WxSiBzYBgyd4EVVi07cUwEF+WYzSwa57D8+QwobrcZwD0SyCPrwYuBjBQPz+QRz
ivL8imLbbmDRNeSK/OGDWOYl0v1kA2UL8cL8ZKy2++hS5JHk30Usk9pCGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMqRtYBz3WQeZEx1zAwQL3EoMFzIMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEveXBHMWdIUGRaQjVrVEhYTURCQXZjU2d3WE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQC
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQAp8nq5J8RS/IeBqjbUsM9u/PymUiUbgrq7
XfAIGxfTcY8z3ycOy3mj6aCEQuowMlk61aJJEalefjKL3/zm+8venZWXQiKUgvTx
JqGaFdWYVmUa3b4BIrSt5ZqH4jxebhga2Vvmn3f5341+t7GqwrPkTuzSMLmTRsC+
UuWAoOPpKq/TzDXcYced3vPRTk4zSVNh8L8egwrxnl7aV2T7t/aBAXJUtJ02sCgP
GsTaUftvSybUtakiw/7Ag1sGkAdmTTNvrtIPsjdX6il9w6HnznGvYPFFkFHOz3xw
RkqHSDzByTRUmkp6PdZCZbs4BxTgIgSZ1xTZsSXZ0Ssssy/9dcj0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org