Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/yIFxMkRogHONQbILlPr-w3Rd97s.roa
File: yIFxMkRogHONQbILlPr-w3Rd97s.roa (raw, json)
Hash identifier: YMBg7fwSc2JiZ1I7/AB5JsNxnFB7GF8/6kSdNotdcPQ=
Subject key identifier: C8:81:71:32:44:68:80:73:8D:41:B2:0B:94:FA:FE:C3:74:5D:F7:BB
Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Certificate serial: 01876F9CF0B5ACAE70EDB47CC5BD57C6B1AB
Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/yIFxMkRogHONQbILlPr-w3Rd97s.roa
Signing time: Tue 11 Apr 2023 09:19:28 +0000
ROA not before: Tue 11 Apr 2023 09:19:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20847
IP address blocks: 195.211.72.0/22 maxlen: 24
141.138.168.0/22 maxlen: 24
141.138.168.0/21 maxlen: 24
2a03:3c00::/33 maxlen: 33
2a03:3c00:8000::/34 maxlen: 34
Validation: Failed, certificate revoked on Fri 14 Apr 2023 07:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:9c:f0:b5:ac:ae:70:ed:b4:7c:c5:bd:57:c6:b1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c
Validity
Not Before: Apr 11 09:19:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8817132446880738d41b20b94fafec3745df7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:2e:9d:ff:21:e4:87:7b:c5:73:8e:f6:23:
28:ab:08:be:22:80:21:d0:dd:50:6b:ae:75:99:ea:
b3:e6:e1:b1:cb:5c:dc:c0:c1:ff:06:82:ab:ea:59:
47:48:01:bf:a7:09:a7:7d:2b:28:56:aa:dd:08:ed:
49:2e:c4:f3:e7:77:4e:d9:1d:c0:7e:0e:39:ed:fc:
5d:b1:59:61:70:3e:90:b4:e4:b1:c8:6f:35:15:05:
28:08:e3:7f:68:a9:c7:31:38:33:27:60:44:83:39:
49:09:5b:a3:a1:a8:1f:b2:f1:c8:13:cc:5b:fc:44:
a7:8e:ba:16:ac:59:0b:6a:37:8b:0b:37:9a:b5:7f:
ae:3d:8f:39:75:01:41:76:c3:92:79:b0:f1:93:18:
d2:a0:dd:56:42:b6:e9:0c:81:63:b9:2a:38:e4:8b:
53:fb:76:a5:cf:7b:47:4a:f0:15:49:39:5e:93:00:
aa:e6:30:8b:2a:97:5b:37:5e:c3:1f:5b:44:94:12:
07:3a:2d:82:e5:01:5b:52:ad:3a:bb:9d:7f:3f:b9:
01:04:02:8d:2c:78:da:ed:f3:b4:29:29:bd:a6:96:
27:94:f8:1d:da:ab:1e:5a:35:84:0a:3b:7a:ca:14:
e2:62:a0:42:79:d0:13:08:76:57:c8:24:c9:15:14:
93:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:81:71:32:44:68:80:73:8D:41:B2:0B:94:FA:FE:C3:74:5D:F7:BB
X509v3 Authority Key Identifier:
keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/yIFxMkRogHONQbILlPr-w3Rd97s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.168.0/21
195.211.72.0/22
IPv6:
2a03:3c00::-2a03:3c00:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b2:2e:a7:dd:9c:6f:20:aa:12:ad:7e:4a:8e:d8:50:05:4c:b0:
c8:65:b9:fb:ba:7d:da:d1:75:cf:f4:12:3e:29:b7:76:0f:35:
b1:b9:b7:61:99:cf:f8:ac:d8:d9:a2:47:bd:81:ea:68:fc:98:
9e:47:ac:fe:af:75:39:92:da:17:64:06:98:a6:02:fc:0b:1f:
ee:d4:2f:4b:8f:55:71:5d:5c:55:c2:2f:71:37:8d:7b:02:c5:
c6:ec:97:5c:52:af:65:70:a0:96:2c:1a:f7:c0:54:30:17:4f:
3e:5f:03:93:c4:bd:d7:ef:80:8b:37:3f:58:18:9a:a2:c1:e2:
27:5b:23:0b:8d:e9:78:24:da:bd:e2:4e:d6:5f:93:e7:5a:79:
e7:44:e8:ca:ba:4d:4e:50:5f:93:22:d8:f4:04:bc:94:00:fb:
49:8b:1c:a2:b6:1b:e5:a5:da:c4:5e:8b:89:32:55:71:4e:8a:
7e:6a:5a:53:ec:0e:56:98:54:fc:93:de:4c:d7:d0:18:a8:4c:
f4:ae:15:34:f7:89:fa:93:b1:6a:1c:90:84:24:09:66:1c:3d:
3b:9c:bb:4d:bc:f5:99:33:18:55:60:99:05:38:0d:9e:18:fa:
ba:0e:c6:f6:62:63:f9:42:28:28:ec:5d:34:a3:54:7e:80:d2:
78:c6:34:7f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdvnPC1rK5w7bR8xb1XxrGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi
MGQ3NmMwHhcNMjMwNDExMDkxOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODgxNzEzMjQ0Njg4MDczOGQ0MWIyMGI5NGZhZmVjMzc0NWRmN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwkunf8h5Id7xXOO9iMoqwi+IoAh
0N1Qa651meqz5uGxy1zcwMH/BoKr6llHSAG/pwmnfSsoVqrdCO1JLsTz53dO2R3A
fg457fxdsVlhcD6QtOSxyG81FQUoCON/aKnHMTgzJ2BEgzlJCVujoagfsvHIE8xb
/ESnjroWrFkLajeLCzeatX+uPY85dQFBdsOSebDxkxjSoN1WQrbpDIFjuSo45ItT
+3alz3tHSvAVSTlekwCq5jCLKpdbN17DH1tElBIHOi2C5QFbUq06u51/P7kBBAKN
LHja7fO0KSm9ppYnlPgd2qseWjWECjt6yhTiYqBCedATCHZXyCTJFRSTVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMiBcTJEaIBzjUGyC5T6/sN0Xfe7MB8GA1UdIwQY
MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt
MWUxZGU5MWE5ODdjLzEveUlGeE1rUm9nSE9OUWJJTGxQci13M1JkOTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj
LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDjYqoAwQC
w9NIMBYEAgACMBAwDgMEAioDPAMGBioDPACAMA0GCSqGSIb3DQEBCwUAA4IBAQCy
LqfdnG8gqhKtfkqO2FAFTLDIZbn7un3a0XXP9BI+Kbd2DzWxubdhmc/4rNjZoke9
gepo/JieR6z+r3U5ktoXZAaYpgL8Cx/u1C9Lj1VxXVxVwi9xN417AsXG7JdcUq9l
cKCWLBr3wFQwF08+XwOTxL3X74CLNz9YGJqiweInWyMLjel4JNq94k7WX5PnWnnn
ROjKuk1OUF+TItj0BLyUAPtJixyithvlpdrEXouJMlVxTop+alpT7A5WmFT8k95M
19AYqEz0rhU094n6k7FqHJCEJAlmHD07nLtNvPWZMxhVYJkFOA2eGPq6Dsb2YmP5
Qigo7F00o1R+gNJ4xjR/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:28 2024 by rpki-client on console-ams.rpki-client.org