Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/yJuw9HWFyjnFzNsV_gAZH3WaMPI.roa
File: yJuw9HWFyjnFzNsV_gAZH3WaMPI.roa (raw, json)
Hash identifier: q2dhZs7jZ1yNakUULIDC8a60xU5AGPe5vQHgyv9oQdA=
Subject key identifier: C8:9B:B0:F4:75:85:CA:39:C5:CC:DB:15:FE:00:19:1F:75:9A:30:F2
Certificate issuer: /CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Certificate serial: 01856D663D3102B1FC428AE577B196068B7F
Authority key identifier: B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/yJuw9HWFyjnFzNsV_gAZH3WaMPI.roa
Signing time: Sun 01 Jan 2023 12:54:54 +0000
ROA not before: Sun 01 Jan 2023 12:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41858
IP address blocks: 185.21.92.0/22 maxlen: 22
89.40.148.0/22 maxlen: 22
193.34.182.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:3d:31:02:b1:fc:42:8a:e5:77:b1:96:06:8b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Validity
Not Before: Jan 1 12:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c89bb0f47585ca39c5ccdb15fe00191f759a30f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:47:be:c4:52:a4:eb:84:7a:ca:11:c4:ff:8f:
f5:8c:95:c3:fc:d7:f2:59:c0:35:f9:84:09:5c:6a:
d0:2d:51:4c:2e:8b:6e:bb:2e:b6:63:0e:95:52:3f:
c9:82:76:6a:cf:11:89:10:61:7e:67:4b:69:ab:d7:
c4:3d:c1:53:89:ac:f6:93:ff:c7:a9:ff:73:e4:fa:
42:24:2e:61:81:ff:70:cd:ce:26:44:8e:39:ff:4c:
72:02:18:ff:e8:44:2b:b8:1e:87:60:a5:40:cc:77:
44:19:48:d0:e6:6b:75:b8:91:3a:20:4b:73:15:cf:
c3:86:7c:08:ee:69:a2:59:8e:17:d7:07:34:ed:1d:
5e:66:2a:aa:70:a6:cb:e0:68:3a:98:1f:89:2d:18:
2d:18:e1:26:ea:be:5b:dd:57:1d:cf:60:5f:fe:6c:
3d:ed:15:c5:0a:14:2e:87:a8:43:3b:22:82:28:ea:
27:a5:33:56:92:fc:18:67:6e:6e:67:36:a4:77:e6:
67:aa:4a:4f:97:64:bc:e6:ad:69:82:3b:13:58:c5:
3d:d8:11:98:d5:3c:7b:ac:63:cb:a2:95:5a:8e:d3:
33:6f:27:4d:02:c9:71:80:96:db:43:a2:e5:f3:48:
f2:ab:95:84:d5:3c:97:ce:16:bb:ca:d2:ab:59:e6:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9B:B0:F4:75:85:CA:39:C5:CC:DB:15:FE:00:19:1F:75:9A:30:F2
X509v3 Authority Key Identifier:
keyid:B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/yJuw9HWFyjnFzNsV_gAZH3WaMPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.148.0/22
185.21.92.0/22
193.34.182.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:8c:d0:87:60:88:a1:ef:4e:48:4e:36:2b:35:7f:85:22:e0:
c5:f9:6a:7b:1e:dd:59:a9:44:74:fe:52:8f:f6:66:a2:e1:af:
aa:a0:ee:ef:50:3a:b4:1a:c4:77:56:c7:53:f9:85:0f:05:e4:
c7:16:fa:a5:84:53:ec:53:87:fa:81:ca:1f:03:c5:5a:d4:94:
52:2d:48:03:46:cc:8b:9d:17:4f:c0:dd:f3:10:e4:0c:4c:a4:
7b:5b:7d:ab:de:da:0a:4d:77:0c:df:ae:49:70:60:91:2f:4d:
fa:f5:c7:f0:63:87:d6:0f:03:0c:0b:1f:6e:40:4b:3d:57:d8:
ef:28:fb:98:cb:90:d7:b9:ff:03:15:71:ea:0b:bb:64:7f:3e:
49:c7:d0:98:8b:8a:57:ab:7f:6c:61:a7:7e:2b:e6:ae:e0:cd:
22:4f:59:12:0d:87:e1:e8:38:6d:6e:65:bd:f9:95:34:78:32:
0e:e0:e9:b9:bc:0c:72:76:3e:8c:d7:29:17:ea:9b:c4:54:71:
b2:97:e3:c2:e0:4e:8e:a4:ea:52:72:04:33:f0:0a:88:40:4c:
30:0e:ce:b3:f2:7d:b0:5e:a4:02:e2:23:1d:2e:12:a6:b2:2e:
dc:d5:82:d3:ec:d4:c8:1a:c3:de:22:61:9e:c5:06:f5:52:e0:
62:ff:6c:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtZj0xArH8Qorld7GWBot/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDE0Y2UxOGE4ZjFkMDVhNmEzNTM5MGFmNGFlYzhjZTZj
YzU2ZWMwHhcNMjMwMTAxMTI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODliYjBmNDc1ODVjYTM5YzVjY2RiMTVmZTAwMTkxZjc1OWEzMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEe+xFKk64R6yhHE/4/1jJXD/Nfy
WcA1+YQJXGrQLVFMLotuuy62Yw6VUj/JgnZqzxGJEGF+Z0tpq9fEPcFTiaz2k//H
qf9z5PpCJC5hgf9wzc4mRI45/0xyAhj/6EQruB6HYKVAzHdEGUjQ5mt1uJE6IEtz
Fc/DhnwI7mmiWY4X1wc07R1eZiqqcKbL4Gg6mB+JLRgtGOEm6r5b3Vcdz2Bf/mw9
7RXFChQuh6hDOyKCKOonpTNWkvwYZ25uZzakd+ZnqkpPl2S85q1pgjsTWMU92BGY
1Tx7rGPLopVajtMzbydNAslxgJbbQ6Ll80jyq5WE1TyXzha7ytKrWeYRYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMibsPR1hco5xczbFf4AGR91mjDyMB8GA1UdIwQY
MBaAFLPRTOGKjx0FpqNTkK9K7IzmzFbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEt
NTJjNjk5ZDM4NmNkLzEveUp1dzlIV0Z5am5Gek5zVl9nQVpIM1dhTVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEtNTJjNjk5ZDM4NmNk
LzEvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSiUAwQC
uRVcAwQBwSK2MA0GCSqGSIb3DQEBCwUAA4IBAQAfjNCHYIih705ITjYrNX+FIuDF
+Wp7Ht1ZqUR0/lKP9mai4a+qoO7vUDq0GsR3VsdT+YUPBeTHFvqlhFPsU4f6gcof
A8Va1JRSLUgDRsyLnRdPwN3zEOQMTKR7W32r3toKTXcM365JcGCRL0369cfwY4fW
DwMMCx9uQEs9V9jvKPuYy5DXuf8DFXHqC7tkfz5Jx9CYi4pXq39sYad+K+au4M0i
T1kSDYfh6DhtbmW9+ZU0eDIO4Om5vAxydj6M1ykX6pvEVHGyl+PC4E6OpOpScgQz
8AqIQEwwDs6z8n2wXqQC4iMdLhKmsi7c1YLT7NTIGsPeImGexQb1UuBi/2zx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:28 2024 by rpki-client on console-fra.rpki-client.org