Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6826f5-f97e-439e-b199-b7bd10e4489f/1/YntROWSiF4wTbQWPm2XtvOqxmUU.roa
File: YntROWSiF4wTbQWPm2XtvOqxmUU.roa (raw, json)
Hash identifier: 1GPrzHQHF34AUgeSWpRXhYeeRBg5oYaTR2f0qTYaDZg=
Subject key identifier: 62:7B:51:39:64:A2:17:8C:13:6D:05:8F:9B:65:ED:BC:EA:B1:99:45
Certificate issuer: /CN=045010194440ee40f5de42f0c1b2b3d371bcd863
Certificate serial: 01856DE674F8B8B6D4F73AD641CEEB3BBEB2
Authority key identifier: 04:50:10:19:44:40:EE:40:F5:DE:42:F0:C1:B2:B3:D3:71:BC:D8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BFAQGURA7kD13kLwwbKz03G82GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/6826f5-f97e-439e-b199-b7bd10e4489f/1/YntROWSiF4wTbQWPm2XtvOqxmUU.roa
Signing time: Sun 01 Jan 2023 15:14:57 +0000
ROA not before: Sun 01 Jan 2023 15:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394434
IP address blocks: 185.194.138.0/23 maxlen: 24
185.194.136.0/23 maxlen: 24
2a0a:4bc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:74:f8:b8:b6:d4:f7:3a:d6:41:ce:eb:3b:be:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=045010194440ee40f5de42f0c1b2b3d371bcd863
Validity
Not Before: Jan 1 15:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=627b513964a2178c136d058f9b65edbceab19945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:26:5b:68:92:fd:2f:42:b1:29:a3:33:86:34:
8b:08:86:1d:54:dd:60:49:e6:fd:f4:5d:47:38:8f:
c8:bf:21:6a:2f:e2:b8:ac:e4:20:f4:3f:67:bb:a1:
5f:37:31:b2:c8:cf:73:32:a2:80:f1:c9:09:4a:c3:
15:5e:6d:1c:5b:84:5c:f3:8f:81:69:34:00:ba:f7:
c3:80:73:46:17:04:79:c8:41:1e:d6:c4:dd:69:04:
27:02:88:9b:bb:e2:02:d0:3e:4c:cf:44:02:63:77:
12:6f:d2:40:52:25:50:0a:47:b9:1a:9d:40:4b:6b:
99:12:25:c6:62:3d:d3:32:82:a6:5b:74:8a:72:d7:
b5:81:fa:3d:5d:00:83:0c:91:5d:bb:0a:b1:de:c2:
45:38:6f:0d:1d:3e:a4:95:f0:52:31:eb:d2:34:c7:
b5:c9:3a:7d:5b:d7:7e:8c:05:2e:0d:c7:65:26:21:
23:b5:01:06:2b:6f:6e:ac:74:3e:b6:73:3a:1b:40:
02:7f:c9:6b:66:8a:98:f9:a7:4b:eb:14:19:5e:91:
69:ae:97:cd:75:4b:4d:10:a5:49:11:f1:19:ee:c5:
11:6a:05:82:87:90:d1:8b:7d:92:15:12:c5:b1:a3:
41:f9:96:3b:71:00:ac:63:79:22:af:7f:aa:55:69:
d1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7B:51:39:64:A2:17:8C:13:6D:05:8F:9B:65:ED:BC:EA:B1:99:45
X509v3 Authority Key Identifier:
keyid:04:50:10:19:44:40:EE:40:F5:DE:42:F0:C1:B2:B3:D3:71:BC:D8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFAQGURA7kD13kLwwbKz03G82GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6826f5-f97e-439e-b199-b7bd10e4489f/1/YntROWSiF4wTbQWPm2XtvOqxmUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6826f5-f97e-439e-b199-b7bd10e4489f/1/BFAQGURA7kD13kLwwbKz03G82GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.136.0/22
IPv6:
2a0a:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:95:51:f3:54:f7:af:0f:b6:42:bf:49:47:8c:b7:14:21:d0:
15:07:87:05:53:58:31:c3:0a:09:40:2b:9b:7d:bc:df:6e:5a:
87:c7:14:e4:43:c8:5a:82:00:db:53:f3:3e:87:f3:d3:be:b6:
77:d7:16:17:96:9a:fc:d2:d6:75:cd:34:58:2e:8b:78:8b:bf:
2f:30:91:f4:6b:66:f3:93:fc:06:93:0c:06:7b:5d:d1:ca:ef:
cb:cf:d0:c9:46:da:9e:c3:6b:ba:3a:6f:09:d6:83:24:c7:6e:
02:93:5b:89:01:21:e4:94:81:d0:c1:05:6a:dd:38:a9:d8:5f:
0a:b3:5c:d1:5e:6b:6a:20:a2:38:d7:18:d4:99:03:43:b8:66:
3b:62:e1:c8:19:24:17:bc:5c:42:8f:28:30:1a:d7:fa:8c:f9:
d3:b3:78:9a:11:74:79:6f:39:8b:18:63:52:d2:39:98:1c:b8:
d9:72:6f:d2:05:7e:66:fa:26:f7:72:18:0d:72:ce:6a:61:52:
38:29:c7:ab:2f:d7:e0:82:6d:6f:13:46:81:d7:b0:57:11:c8:
f5:a9:b2:f1:53:4e:71:9e:b7:42:e0:8d:18:17:b8:3c:fe:9a:
4d:1b:69:8e:ba:18:a3:80:ef:4e:ad:41:33:e8:0d:bc:07:2d:
c5:e9:b5:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt5nT4uLbU9zrWQc7rO76yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NTAxMDE5NDQ0MGVlNDBmNWRlNDJmMGMxYjJiM2QzNzFi
Y2Q4NjMwHhcNMjMwMTAxMTUxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdiNTEzOTY0YTIxNzhjMTM2ZDA1OGY5YjY1ZWRiY2VhYjE5OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SZbaJL9L0KxKaMzhjSLCIYdVN1g
Seb99F1HOI/IvyFqL+K4rOQg9D9nu6FfNzGyyM9zMqKA8ckJSsMVXm0cW4Rc84+B
aTQAuvfDgHNGFwR5yEEe1sTdaQQnAoibu+IC0D5Mz0QCY3cSb9JAUiVQCke5Gp1A
S2uZEiXGYj3TMoKmW3SKcte1gfo9XQCDDJFduwqx3sJFOG8NHT6klfBSMevSNMe1
yTp9W9d+jAUuDcdlJiEjtQEGK29urHQ+tnM6G0ACf8lrZoqY+adL6xQZXpFprpfN
dUtNEKVJEfEZ7sURagWCh5DRi32SFRLFsaNB+ZY7cQCsY3kir3+qVWnRewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJ7UTlkoheME20Fj5tl7bzqsZlFMB8GA1UdIwQY
MBaAFARQEBlEQO5A9d5C8MGys9NxvNhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZBUUdVUkE3a0QxM2tMd3diS3owM0c4MkdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82ODI2ZjUtZjk3ZS00MzllLWIxOTkt
YjdiZDEwZTQ0ODlmLzEvWW50Uk9XU2lGNHdUYlFXUG0yWHR2T3F4bVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82ODI2ZjUtZjk3ZS00MzllLWIxOTktYjdiZDEwZTQ0ODlm
LzEvQkZBUUdVUkE3a0QxM2tMd3diS3owM0c4MkdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucKIMA0E
AgACMAcDBQMqCkvAMA0GCSqGSIb3DQEBCwUAA4IBAQBMlVHzVPevD7ZCv0lHjLcU
IdAVB4cFU1gxwwoJQCubfbzfblqHxxTkQ8haggDbU/M+h/PTvrZ31xYXlpr80tZ1
zTRYLot4i78vMJH0a2bzk/wGkwwGe13Ryu/Lz9DJRtqew2u6Om8J1oMkx24Ck1uJ
ASHklIHQwQVq3Tip2F8Ks1zRXmtqIKI41xjUmQNDuGY7YuHIGSQXvFxCjygwGtf6
jPnTs3iaEXR5bzmLGGNS0jmYHLjZcm/SBX5m+ib3chgNcs5qYVI4KcerL9fggm1v
E0aB17BXEcj1qbLxU05xnrdC4I0YF7g8/ppNG2mOuhijgO9OrUEz6A28By3F6bXm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:26 2024 by rpki-client on console-ams.rpki-client.org