Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/YCXVb2WsFfCKiLR4es-iprIw1KU.roa
File: YCXVb2WsFfCKiLR4es-iprIw1KU.roa (raw, json)
Hash identifier: Rfid7zEMqm+mckRrKQaBIFMSX5x430f3DrCQ238mTwM=
Subject key identifier: 60:25:D5:6F:65:AC:15:F0:8A:88:B4:78:7A:CF:A2:A6:B2:30:D4:A5
Certificate issuer: /CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Certificate serial: 018570027120D4AC5CC692B21D15E0FB17CB
Authority key identifier: 80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/YCXVb2WsFfCKiLR4es-iprIw1KU.roa
Signing time: Mon 02 Jan 2023 01:04:46 +0000
ROA not before: Mon 02 Jan 2023 01:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203008
IP address blocks: 185.110.134.0/24 maxlen: 24
185.110.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:71:20:d4:ac:5c:c6:92:b2:1d:15:e0:fb:17:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Validity
Not Before: Jan 2 01:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6025d56f65ac15f08a88b4787acfa2a6b230d4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:03:02:55:4b:18:3b:4a:15:2f:cc:0e:35:fe:
56:4c:fc:7e:78:2e:db:20:5c:73:7c:64:1b:46:be:
ac:cd:64:8f:8b:16:25:e6:44:12:b8:18:93:79:41:
a9:19:49:8a:4d:65:c6:25:71:29:08:15:67:0b:ed:
02:b3:c5:5f:14:31:09:38:7e:2a:bb:39:b1:54:7f:
17:37:a3:8a:da:9d:f4:3b:f8:ea:08:12:56:6b:23:
2b:c2:a0:b1:0c:20:72:94:5a:d9:54:e9:43:66:79:
1c:0d:cd:bd:e8:6b:ec:16:0b:79:cd:7c:2e:9a:36:
b8:cd:28:7d:6b:4a:38:e9:de:ba:f6:ea:be:7b:1d:
f8:ec:af:78:57:78:bf:5c:95:65:12:d7:1b:a4:d2:
62:a9:84:8f:85:54:f1:3b:25:c1:d2:2a:75:aa:01:
b1:25:db:7d:5b:86:03:83:37:6e:4f:2f:67:d6:87:
5e:5e:57:55:1e:34:eb:ee:13:ad:02:11:ba:f8:03:
4a:bf:ab:64:cf:29:da:27:d7:99:14:f0:e5:c4:5b:
37:5f:9c:dd:46:3b:dc:45:1e:5d:2f:5b:07:d5:d6:
b4:15:92:3c:30:6b:aa:93:b7:74:8e:b9:bc:b0:d1:
7e:48:95:a3:a6:61:e2:69:8d:8c:b6:bf:f3:45:c4:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:D5:6F:65:AC:15:F0:8A:88:B4:78:7A:CF:A2:A6:B2:30:D4:A5
X509v3 Authority Key Identifier:
keyid:80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/YCXVb2WsFfCKiLR4es-iprIw1KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.133.0-185.110.134.255
Signature Algorithm: sha256WithRSAEncryption
90:9d:a2:15:9f:3a:11:ee:02:e2:72:df:0b:0d:7a:6d:e6:c8:
78:f0:bc:ea:93:96:31:bb:ff:75:84:a5:ff:0c:86:e5:fb:13:
e3:95:d9:1b:76:d8:18:31:81:74:6f:ab:88:d9:74:55:5b:45:
55:ac:d6:3a:59:e7:36:b8:45:8c:69:76:c9:7b:89:0d:cf:03:
a1:ee:76:3c:58:80:82:e8:58:b0:e4:19:ee:40:fe:6a:d4:bb:
28:ac:c8:e5:e4:13:4e:ca:ce:25:41:28:20:09:fc:8a:ae:fe:
8a:5c:4c:8c:c2:11:d3:d4:7a:bd:0d:fb:2e:bb:95:94:67:36:
c8:2b:9e:43:07:d7:b7:b6:23:4b:bd:b8:55:8d:00:c7:ff:d5:
b1:11:7d:2a:1a:74:eb:35:82:d5:0b:8e:ae:57:75:5b:0e:6c:
cf:89:df:87:5c:19:d9:09:97:ea:3e:d1:fe:f8:96:03:8c:cf:
eb:c2:4f:10:91:48:de:c4:04:18:d2:9f:6c:87:6e:d1:54:14:
a9:95:d3:ca:2d:45:36:84:f2:b5:15:98:12:cc:9a:f2:59:2c:
b2:9e:ee:76:00:96:65:a8:3b:2c:7e:2f:d6:ca:b5:f2:8c:fa:
5d:98:86:34:6e:2f:ad:c9:c8:9a:f7:a8:a1:60:a5:e1:3b:da:
ee:46:89:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwAnEg1KxcxpKyHRXg+xfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYmQwMDgyOTUzNmQ0Nzc0NWY0N2RhOWQxYThhNzJmNmRk
NDYyZDQwHhcNMjMwMTAyMDEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI1ZDU2ZjY1YWMxNWYwOGE4OGI0Nzg3YWNmYTJhNmIyMzBkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwMCVUsYO0oVL8wONf5WTPx+eC7b
IFxzfGQbRr6szWSPixYl5kQSuBiTeUGpGUmKTWXGJXEpCBVnC+0Cs8VfFDEJOH4q
uzmxVH8XN6OK2p30O/jqCBJWayMrwqCxDCBylFrZVOlDZnkcDc296GvsFgt5zXwu
mja4zSh9a0o46d669uq+ex347K94V3i/XJVlEtcbpNJiqYSPhVTxOyXB0ip1qgGx
Jdt9W4YDgzduTy9n1odeXldVHjTr7hOtAhG6+ANKv6tkzynaJ9eZFPDlxFs3X5zd
RjvcRR5dL1sH1da0FZI8MGuqk7d0jrm8sNF+SJWjpmHiaY2Mtr/zRcS4XQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGAl1W9lrBXwioi0eHrPoqayMNSlMB8GA1UdIwQY
MBaAFIC9AIKVNtR3RfR9qdGopy9t1GLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMt
MDliOTkyMGZlMDBmLzEvWUNYVmIyV3NGZkNLaUxSNGVzLWlwckl3MUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMtMDliOTkyMGZlMDBm
LzEvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5boUD
BAC5boYwDQYJKoZIhvcNAQELBQADggEBAJCdohWfOhHuAuJy3wsNem3myHjwvOqT
ljG7/3WEpf8MhuX7E+OV2Rt22BgxgXRvq4jZdFVbRVWs1jpZ5za4RYxpdsl7iQ3P
A6HudjxYgILoWLDkGe5A/mrUuyisyOXkE07KziVBKCAJ/Iqu/opcTIzCEdPUer0N
+y67lZRnNsgrnkMH17e2I0u9uFWNAMf/1bERfSoadOs1gtULjq5XdVsObM+J34dc
GdkJl+o+0f74lgOMz+vCTxCRSN7EBBjSn2yHbtFUFKmV08otRTaE8rUVmBLMmvJZ
LLKe7nYAlmWoOyx+L9bKtfKM+l2YhjRuL63JyJr3qKFgpeE72u5Gicg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:00 2024 by rpki-client on console.sobornost.net