Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa
File: YybycYbvG1yyoN04gnd6WPUYnJc.roa (raw, json)
Hash identifier: 8Cq8sfWQSkDwRBDxOhJp/soq2+/iysOoRKfgymoBRDE=
Subject key identifier: 63:26:F2:71:86:EF:1B:5C:B2:A0:DD:38:82:77:7A:58:F5:18:9C:97
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B3137172F1E3950F3214F7D9EBC977012
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa
Signing time: Sun 15 Oct 2023 02:42:55 +0000
ROA not before: Sun 15 Oct 2023 02:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.24.0/22 maxlen: 24
62.112.0.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:31:37:17:2f:1e:39:50:f3:21:4f:7d:9e:bc:97:70:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 15 02:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6326f27186ef1b5cb2a0dd3882777a58f5189c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:f9:ab:2f:76:75:39:b0:9c:32:df:29:8d:8f:
d8:48:43:7b:d8:77:73:ca:0a:2f:c5:dc:81:91:6b:
ab:f8:4f:46:6b:e9:98:e5:b5:13:b6:8c:51:56:4a:
5c:c0:1e:b5:3d:a6:a6:5d:18:00:12:cb:86:95:8a:
99:1d:c0:69:d4:22:c7:ef:14:6b:11:6e:db:44:12:
99:34:dd:29:06:f3:a8:be:22:20:45:22:fd:4f:4f:
15:4e:8a:14:c9:d4:55:10:82:d1:d5:1c:45:1f:48:
fd:0e:82:46:dd:cb:86:c4:f5:32:b4:bb:13:d1:27:
58:0f:95:31:c2:76:0f:c1:9d:bb:b3:fe:8a:00:b3:
0d:45:24:a6:aa:37:5d:5f:4c:58:f8:23:f6:b4:d6:
d1:5f:b2:8a:c4:ec:f2:6b:88:c1:f8:66:36:25:41:
dd:ec:c1:19:cd:bb:d2:69:ba:0f:25:9a:5e:be:68:
1f:97:22:2f:34:02:2d:ce:97:af:2d:43:54:36:0b:
02:b5:43:a9:6f:62:3a:cf:54:94:e0:be:60:cd:11:
f3:0f:a0:ea:b3:71:9f:49:9c:0e:61:ab:eb:2d:d1:
dc:e9:51:84:f7:12:a9:8e:e6:c5:0e:84:e2:6c:e7:
d4:f0:86:18:fe:56:21:ae:55:bf:aa:f9:fd:2b:a6:
96:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:26:F2:71:86:EF:1B:5C:B2:A0:DD:38:82:77:7A:58:F5:18:9C:97
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/YybycYbvG1yyoN04gnd6WPUYnJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.0.0/21
62.112.12.0/23
84.234.24.0/22
89.37.216.0/23
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
195.133.208.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:e3:b4:e8:b5:8e:d1:87:21:e8:15:30:6d:b5:0e:dc:27:96:
cd:93:6b:9b:d0:c1:ab:bf:a0:b1:2c:08:a1:13:e3:96:84:71:
bb:1d:a0:4b:4f:c7:33:6a:2d:5a:13:02:fd:5d:d1:19:98:8f:
de:1d:30:4d:1b:c0:28:54:23:3d:48:24:f1:b8:89:c3:17:80:
b0:f8:e4:fa:01:64:33:8f:1d:01:d3:51:e8:f0:eb:a4:97:30:
04:67:c3:24:63:99:1e:44:db:c6:9b:7a:56:41:d1:7e:9f:9b:
be:ce:dd:df:ee:4b:93:31:49:7e:31:54:e7:57:b7:6a:d2:8a:
e8:1c:5b:e7:00:33:39:e1:b4:ea:c9:dd:b5:90:13:87:92:17:
41:58:ff:0d:ff:e9:3b:79:cd:47:c4:90:10:e3:5d:cc:b3:05:
9b:fa:93:7d:75:3e:48:32:06:71:76:ce:fb:69:78:6e:83:f4:
b6:fb:96:18:98:7d:b5:e2:d7:84:07:3a:67:c3:dd:35:da:99:
b0:42:4e:7a:8c:84:fc:0b:ba:ce:1d:6c:92:98:4b:22:62:a6:
fa:b7:bc:13:a7:cf:44:23:7b:21:6c:2c:b8:7c:f6:f5:c2:74:
6f:5a:6d:f1:93:4d:24:36:34:9d:38:a1:3c:1e:29:8c:fa:d5:
98:54:b5:0b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYsxNxcvHjlQ8yFPfZ68l3ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDE1MDI0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI2ZjI3MTg2ZWYxYjVjYjJhMGRkMzg4Mjc3N2E1OGY1MTg5Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+/mrL3Z1ObCcMt8pjY/YSEN72Hdz
ygovxdyBkWur+E9Ga+mY5bUTtoxRVkpcwB61PaamXRgAEsuGlYqZHcBp1CLH7xRr
EW7bRBKZNN0pBvOoviIgRSL9T08VTooUydRVEILR1RxFH0j9DoJG3cuGxPUytLsT
0SdYD5UxwnYPwZ27s/6KALMNRSSmqjddX0xY+CP2tNbRX7KKxOzya4jB+GY2JUHd
7MEZzbvSaboPJZpevmgflyIvNAItzpevLUNUNgsCtUOpb2I6z1SU4L5gzRHzD6Dq
s3GfSZwOYavrLdHc6VGE9xKpjubFDoTibOfU8IYY/lYhrlW/qvn9K6aWOwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGMm8nGG7xtcsqDdOIJ3elj1GJyXMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWXlieWNZYnZHMXl5b04wNGduZDZXUFVZbkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDPnAAAwQB
PnAMAwQCVOoYAwQBWSXYAwQBwjpAAwQDwlhgAwQBw4XKAwQBw4XQMA0GCSqGSIb3
DQEBCwUAA4IBAQCM47TotY7RhyHoFTBttQ7cJ5bNk2ub0MGrv6CxLAihE+OWhHG7
HaBLT8czai1aEwL9XdEZmI/eHTBNG8AoVCM9SCTxuInDF4Cw+OT6AWQzjx0B01Ho
8OuklzAEZ8MkY5keRNvGm3pWQdF+n5u+zt3f7kuTMUl+MVTnV7dq0oroHFvnADM5
4bTqyd21kBOHkhdBWP8N/+k7ec1HxJAQ413MswWb+pN9dT5IMgZxds77aXhug/S2
+5YYmH214teEBzpnw9012pmwQk56jIT8C7rOHWySmEsiYqb6t7wTp89EI3shbCy4
fPb1wnRvWm3xk00kNjSdOKE8HimM+tWYVLUL
-----END CERTIFICATE-----
Generated at Wed Nov 1 08:43:22 2023 by rpki-client on console-fra.rpki-client.org