Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-YDEMZ9FHoosEOQpuio55dGsR_w.roa
File: 1-YDEMZ9FHoosEOQpuio55dGsR_w.roa (raw, json)
Hash identifier: K+wFLZdcxoe/kC4IYFvNJoopLL4GrZt5ws3JPxQNKws=
Subject key identifier: F9:80:C4:31:9F:45:1E:8A:2C:10:E4:29:BA:2A:39:E5:D1:AC:47:FC
Certificate issuer: /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial: 01856BD37C49DF745E39B705A4E953DC1392
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-YDEMZ9FHoosEOQpuio55dGsR_w.roa
Signing time: Sun 01 Jan 2023 05:35:00 +0000
ROA not before: Sun 01 Jan 2023 05:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212413
IP address blocks: 185.235.98.0/24 maxlen: 24
185.235.98.0/23 maxlen: 23
185.235.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:7c:49:df:74:5e:39:b7:05:a4:e9:53:dc:13:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Validity
Not Before: Jan 1 05:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f980c4319f451e8a2c10e429ba2a39e5d1ac47fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:38:cf:61:1f:d3:f6:7f:0a:75:d0:a6:29:
13:c7:cb:f0:1d:49:97:54:e1:97:0b:70:92:ca:f3:
f3:61:72:94:0e:d1:e9:15:c3:f8:5d:ac:93:9d:82:
dd:e2:82:e5:0e:99:c5:1a:d5:4c:34:8f:3f:a6:26:
0b:e4:bc:39:ba:21:26:f8:9c:f9:eb:c3:7d:c4:52:
b3:82:28:35:9c:25:f3:5b:7a:46:74:c1:93:a0:a8:
87:32:16:18:a3:52:67:43:08:b4:bb:10:b9:0a:fb:
87:39:3b:e3:e3:71:d5:e2:1b:1b:74:16:f2:b6:a2:
f4:5d:fc:64:5c:a1:ca:b0:eb:7a:59:e4:d7:0a:86:
b3:10:bd:e3:06:73:5c:46:37:74:40:ba:8a:c5:47:
f3:d4:b4:92:b7:de:f7:5a:4b:4d:28:a1:6b:fe:1f:
3e:2d:b5:bd:90:b6:e4:27:61:eb:1c:b5:f1:f7:ab:
41:a2:bf:fe:f0:69:a7:a3:63:4b:98:ab:c2:dc:f9:
2e:7d:7e:40:b2:6e:24:90:7c:7a:ae:e7:bf:f8:eb:
59:be:28:66:cb:93:96:b7:f9:10:b0:61:85:d9:2a:
2c:82:ab:55:0d:7f:20:3f:89:c4:43:75:ad:0e:ee:
95:9b:e6:92:0e:e4:3e:4f:68:bc:f4:99:7e:fa:14:
d5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:80:C4:31:9F:45:1E:8A:2C:10:E4:29:BA:2A:39:E5:D1:AC:47:FC
X509v3 Authority Key Identifier:
keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/1-YDEMZ9FHoosEOQpuio55dGsR_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.98.0/23
Signature Algorithm: sha256WithRSAEncryption
17:01:bc:2f:e4:96:17:6a:2a:98:a8:3a:6b:99:f7:a8:f5:fd:
67:78:44:e0:9d:5d:69:a3:e5:8e:be:2b:20:67:15:1e:9f:84:
36:89:19:dd:94:32:58:03:2c:81:84:d6:48:0a:55:64:66:46:
13:46:a7:69:8c:5b:99:78:c1:69:1f:bc:11:65:e2:df:42:57:
bb:02:5f:12:d7:c1:02:ee:ad:8a:d3:96:12:af:a0:e6:cd:02:
b8:53:0a:fc:b2:3e:bd:99:c7:e5:4d:3c:ef:9c:e6:53:85:89:
15:e9:a1:6c:9b:86:d0:e1:fe:cf:a7:2f:b5:4e:c7:d0:4b:4c:
b6:f6:b9:49:8f:ad:51:11:43:b6:cf:68:f1:0a:8d:e6:ba:05:
8e:1c:24:ab:a3:20:15:5a:33:51:95:44:95:7f:67:4d:d3:bb:
fe:05:42:13:1b:87:79:90:e6:7c:f0:3b:c0:21:89:53:9a:23:
99:d5:3e:b9:f7:b8:ce:5a:7e:20:62:25:4c:c6:53:67:bc:9e:
9d:a1:58:aa:b0:82:2c:38:a4:2e:dc:86:54:17:f4:d8:a7:31:
4a:00:26:d9:6b:ee:6b:31:a5:bd:43:fb:1f:11:b7:a4:e4:08:
b0:27:3f:16:15:0c:c4:02:80:b9:90:e3:ee:3d:b6:43:e9:c9:
6b:ca:3b:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVr03xJ33ReObcFpOlT3BOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjMwMTAxMDUzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTgwYzQzMTlmNDUxZThhMmMxMGU0MjliYTJhMzllNWQxYWM0N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAk4z2Ef0/Z/CnXQpikTx8vwHUmX
VOGXC3CSyvPzYXKUDtHpFcP4XayTnYLd4oLlDpnFGtVMNI8/piYL5Lw5uiEm+Jz5
68N9xFKzgig1nCXzW3pGdMGToKiHMhYYo1JnQwi0uxC5CvuHOTvj43HV4hsbdBby
tqL0XfxkXKHKsOt6WeTXCoazEL3jBnNcRjd0QLqKxUfz1LSSt973WktNKKFr/h8+
LbW9kLbkJ2HrHLXx96tBor/+8Gmno2NLmKvC3PkufX5Asm4kkHx6rue/+OtZvihm
y5OWt/kQsGGF2SosgqtVDX8gP4nEQ3WtDu6Vm+aSDuQ+T2i89Jl++hTVLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmAxDGfRR6KLBDkKboqOeXRrEf8MB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvMS1ZREVNWjlGSG9vc0VPUXB1aW81NWRHc1Jfdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvZjg4ODU3LWNjMDUtNGJkYi05MWU2LWVkNGYwNjQzYmYy
NS8xL3p0TFlBTnhzTTdhZnBIS1I0dkZiTTE2allBOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnrYjAN
BgkqhkiG9w0BAQsFAAOCAQEAFwG8L+SWF2oqmKg6a5n3qPX9Z3hE4J1daaPljr4r
IGcVHp+ENokZ3ZQyWAMsgYTWSApVZGZGE0anaYxbmXjBaR+8EWXi30JXuwJfEtfB
Au6titOWEq+g5s0CuFMK/LI+vZnH5U0875zmU4WJFemhbJuG0OH+z6cvtU7H0EtM
tva5SY+tURFDts9o8QqN5roFjhwkq6MgFVozUZVElX9nTdO7/gVCExuHeZDmfPA7
wCGJU5ojmdU+ufe4zlp+IGIlTMZTZ7yenaFYqrCCLDikLtyGVBf02KcxSgAm2Wvu
azGlvUP7HxG3pOQIsCc/FhUMxAKAuZDj7j22Q+nJa8o7sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:41 2024 by rpki-client on console-fra.rpki-client.org