Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/YnE6iAAHXNjeG4fgp7l2LgNnqSQ.roa
File: YnE6iAAHXNjeG4fgp7l2LgNnqSQ.roa (raw, json)
Hash identifier: ELMIRc8yd31Y5jfxDMpp/tHddCx/lK84vCiJ4nebw/0=
Subject key identifier: 62:71:3A:88:00:07:5C:D8:DE:1B:87:E0:A7:B9:76:2E:03:67:A9:24
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B811A842A2859E0B47C019AB1372A11
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/YnE6iAAHXNjeG4fgp7l2LgNnqSQ.roa
Signing time: Sun 01 Jan 2023 04:05:01 +0000
ROA not before: Sun 01 Jan 2023 04:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47748
IP address blocks: 94.155.47.0/24 maxlen: 24
94.155.48.0/24 maxlen: 24
94.155.49.0/24 maxlen: 24
94.155.55.0/24 maxlen: 24
94.155.93.0/24 maxlen: 24
2a02:4c8:af::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:1a:84:2a:28:59:e0:b4:7c:01:9a:b1:37:2a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62713a8800075cd8de1b87e0a7b9762e0367a924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:7c:da:a2:59:d2:1b:1f:3e:62:18:d1:37:
53:60:74:99:a5:8d:7c:dc:ad:30:f1:b2:fe:0f:e3:
4c:3d:67:67:11:f8:81:4e:ec:57:35:4d:2b:db:88:
4e:ff:e1:06:bb:cb:0b:85:97:be:56:aa:7e:fe:08:
41:7e:12:e2:82:63:f4:66:f3:14:ff:f4:35:41:7a:
f8:4c:eb:32:78:b9:65:cc:f6:6d:ac:4d:07:d5:49:
a6:7c:c5:08:b6:ea:2d:28:62:fe:a8:b7:fd:5e:78:
74:db:9c:6e:1f:8c:cb:61:00:e8:3c:39:6b:bc:5f:
71:fa:5a:a2:a9:ae:04:58:ea:ed:2e:16:d1:89:99:
4f:f7:fd:62:25:e1:77:fe:0d:c4:c2:de:47:bf:7d:
43:38:7c:11:5a:76:86:6d:26:dc:92:92:76:bd:86:
c1:82:c7:8c:a2:57:da:cf:37:19:5a:39:29:09:6c:
af:59:3f:ff:17:8c:8c:c3:34:c0:00:45:4b:57:65:
81:32:ad:08:a5:3b:a0:23:bd:9a:29:4b:aa:3a:9f:
f8:6c:be:8d:6d:fc:1a:57:fd:b4:c0:81:d4:34:b5:
03:a8:15:4b:4b:b1:2b:f4:47:ed:49:7c:1c:d3:45:
0a:a5:f3:67:d4:68:6c:13:bd:20:fd:3b:67:94:01:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:71:3A:88:00:07:5C:D8:DE:1B:87:E0:A7:B9:76:2E:03:67:A9:24
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/YnE6iAAHXNjeG4fgp7l2LgNnqSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.155.47.0-94.155.49.255
94.155.55.0/24
94.155.93.0/24
IPv6:
2a02:4c8:af::/48
Signature Algorithm: sha256WithRSAEncryption
53:f7:54:b4:2a:2d:a4:29:c5:55:96:09:3e:2f:0a:96:89:db:
d6:51:0d:ae:64:71:f0:16:fb:96:52:0d:8d:51:54:6e:9f:9e:
48:d7:04:8e:61:70:47:87:ba:18:df:11:21:ab:c9:29:2e:7e:
e2:24:c1:42:bd:92:88:0d:c1:e9:72:7e:74:d4:c0:6e:a9:9c:
82:aa:a9:f0:c4:21:57:de:8c:90:4b:12:d2:ac:ce:48:12:84:
2d:ce:28:bb:51:9f:c3:49:ff:08:ee:89:49:db:c3:bd:45:ee:
a9:85:5f:06:0f:df:ef:44:fd:99:68:58:ba:eb:a0:bd:13:b4:
30:f4:d2:85:5d:53:6b:84:77:d3:53:39:b3:a5:12:6a:af:b4:
a3:e6:d9:79:bd:75:c9:9e:54:87:29:ec:aa:a1:bf:7c:ef:08:
0f:05:ea:d5:9e:4f:69:c5:0a:0d:86:aa:db:6c:fb:82:ba:6d:
c9:fc:a3:12:19:f9:06:1f:a1:0e:02:0a:b9:e5:8b:62:d2:41:
42:0c:6f:f6:ff:34:4b:91:59:3a:19:25:6a:0f:04:50:1c:00:
c4:35:68:a4:3b:70:40:66:2d:80:c9:1f:d9:a6:29:21:d9:2d:
89:84:0a:a8:54:de:88:d3:19:2b:16:ee:ed:87:b9:af:5c:df:
f7:b3:32:8a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVrgRqEKihZ4LR8AZqxNyoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjcxM2E4ODAwMDc1Y2Q4ZGUxYjg3ZTBhN2I5NzYyZTAzNjdhOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2B82qJZ0hsfPmIY0TdTYHSZpY18
3K0w8bL+D+NMPWdnEfiBTuxXNU0r24hO/+EGu8sLhZe+Vqp+/ghBfhLigmP0ZvMU
//Q1QXr4TOsyeLllzPZtrE0H1UmmfMUItuotKGL+qLf9Xnh025xuH4zLYQDoPDlr
vF9x+lqiqa4EWOrtLhbRiZlP9/1iJeF3/g3Ewt5Hv31DOHwRWnaGbSbckpJ2vYbB
gseMolfazzcZWjkpCWyvWT//F4yMwzTAAEVLV2WBMq0IpTugI72aKUuqOp/4bL6N
bfwaV/20wIHUNLUDqBVLS7Er9EftSXwc00UKpfNn1GhsE70g/TtnlAE5QwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFGJxOogAB1zY3huH4Ke5di4DZ6kkMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvWW5FNmlBQUhYTmplRzRmZ3A3bDJMZ05ucVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBABemy8D
BAFemzADBABemzcDBABem10wDwQCAAIwCQMHACoCBMgArzANBgkqhkiG9w0BAQsF
AAOCAQEAU/dUtCotpCnFVZYJPi8Klonb1lENrmRx8Bb7llINjVFUbp+eSNcEjmFw
R4e6GN8RIavJKS5+4iTBQr2SiA3B6XJ+dNTAbqmcgqqp8MQhV96MkEsS0qzOSBKE
Lc4ou1Gfw0n/CO6JSdvDvUXuqYVfBg/f70T9mWhYuuugvRO0MPTShV1Ta4R301M5
s6USaq+0o+bZeb11yZ5UhynsqqG/fO8IDwXq1Z5PacUKDYaq22z7grptyfyjEhn5
Bh+hDgIKueWLYtJBQgxv9v80S5FZOhklag8EUBwAxDVopDtwQGYtgMkf2aYpIdkt
iYQKqFTeiNMZKxbu7Ye5r1zf97Myig==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:16:23 2024 by rpki-client on console.sobornost.net