Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/ymC8u098pPPpyPRSv0ciBJRxbNU.roa
File: ymC8u098pPPpyPRSv0ciBJRxbNU.roa (raw, json)
Hash identifier: dZsvu9T1n1l62n1vmfzGixVpB8ktXZTTXE51sHKDjUM=
Subject key identifier: CA:60:BC:BB:4F:7C:A4:F3:E9:C8:F4:52:BF:47:22:04:94:71:6C:D5
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 018E50B4B96CC014E5CF10F4E874BF5933E6
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/ymC8u098pPPpyPRSv0ciBJRxbNU.roa
Signing time: Mon 18 Mar 2024 08:36:44 +0000
ROA not before: Mon 18 Mar 2024 08:36:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198885
IP address blocks: 5.61.200.0/24 maxlen: 24
5.61.201.0/24 maxlen: 24
5.61.202.0/24 maxlen: 24
5.61.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 13:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:b4:b9:6c:c0:14:e5:cf:10:f4:e8:74:bf:59:33:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Mar 18 08:36:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca60bcbb4f7ca4f3e9c8f452bf47220494716cd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f2:6f:ac:fa:07:07:d7:86:0c:32:33:cd:fe:
6a:f3:96:47:36:fa:90:aa:44:32:27:87:d0:33:e8:
cf:21:16:c3:ea:e1:8f:6e:a2:67:1c:89:b1:7d:01:
a2:27:e9:41:d9:16:29:a8:a3:07:25:6f:eb:e6:b9:
c1:99:ed:5e:a1:18:09:b0:53:18:01:2a:18:dd:a0:
60:e9:61:4b:9c:d1:17:5a:65:02:10:06:a3:d7:72:
1c:17:74:3f:51:65:f2:47:de:25:7c:98:3c:00:74:
6c:50:0b:6e:e3:e2:11:17:48:9f:c8:ba:96:7b:90:
9c:7f:11:eb:77:db:c0:53:14:c5:37:77:86:5a:50:
00:f2:33:84:87:2b:c2:c0:d9:da:c1:2d:cd:7c:15:
39:75:78:55:ac:78:9b:fc:cb:6c:97:a8:8e:a4:5f:
d0:54:1a:9c:76:e2:b1:7e:7f:4b:80:e7:8c:4d:a8:
a4:de:66:8d:7f:ca:e1:5f:75:49:61:d5:f6:e3:8e:
f0:21:b8:14:a6:96:2c:47:98:79:66:4e:ab:69:cf:
9d:d5:76:1d:e8:24:47:c0:1d:e3:ea:88:05:d0:d1:
58:3c:d1:85:2f:ab:fa:86:a1:ab:61:1f:cd:1b:e8:
d2:ba:8d:be:4b:7b:60:a0:c3:da:60:a5:d5:d9:6e:
12:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:60:BC:BB:4F:7C:A4:F3:E9:C8:F4:52:BF:47:22:04:94:71:6C:D5
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/ymC8u098pPPpyPRSv0ciBJRxbNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:1b:fa:32:22:60:5d:00:9e:0b:69:5a:08:70:71:01:1d:ec:
07:22:5a:8d:61:be:37:71:a1:66:5e:41:18:1e:1c:78:9d:11:
92:e8:48:55:61:e6:bf:a4:fc:69:35:92:a8:a8:6c:73:f6:30:
60:2b:ea:51:d8:f6:bf:e2:6b:eb:c0:65:e1:6c:47:66:d9:e0:
32:a5:99:95:61:04:ab:24:e4:8f:57:00:40:99:84:32:60:81:
20:3c:bb:df:a8:8a:03:fa:58:2b:46:b4:0a:2e:67:b4:dc:06:
21:67:31:c8:e0:cc:e3:67:99:94:9f:7d:30:46:63:e4:7e:9e:
31:b0:a7:d7:28:1d:bd:4f:35:b6:4f:0e:54:9e:3e:8a:5e:d4:
a0:a9:15:31:bb:94:1b:e5:f4:cc:d4:1f:00:5c:2e:7d:a3:90:
3e:05:6c:10:c7:20:81:fb:bc:7e:57:1b:c8:2b:ce:64:6c:f2:
19:14:f9:39:7c:41:3d:68:17:a7:31:c6:72:04:1f:e1:67:b8:
dd:b3:68:d9:71:d0:fa:8e:ef:5b:49:40:75:23:f9:ee:2d:08:
7a:f4:f8:c4:fe:c0:a5:b4:a0:ab:78:30:cd:23:49:32:86:cb:
95:26:b8:6e:c7:a6:7a:5d:c7:b8:4f:ce:b4:c5:ae:58:94:be:
61:10:d8:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5QtLlswBTlzxD06HS/WTPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjQwMzE4MDgzNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYwYmNiYjRmN2NhNGYzZTljOGY0NTJiZjQ3MjIwNDk0NzE2Y2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PJvrPoHB9eGDDIzzf5q85ZHNvqQ
qkQyJ4fQM+jPIRbD6uGPbqJnHImxfQGiJ+lB2RYpqKMHJW/r5rnBme1eoRgJsFMY
ASoY3aBg6WFLnNEXWmUCEAaj13IcF3Q/UWXyR94lfJg8AHRsUAtu4+IRF0ifyLqW
e5CcfxHrd9vAUxTFN3eGWlAA8jOEhyvCwNnawS3NfBU5dXhVrHib/Mtsl6iOpF/Q
VBqcduKxfn9LgOeMTaik3maNf8rhX3VJYdX2447wIbgUppYsR5h5Zk6rac+d1XYd
6CRHwB3j6ogF0NFYPNGFL6v6hqGrYR/NG+jSuo2+S3tgoMPaYKXV2W4SMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpgvLtPfKTz6cj0Ur9HIgSUcWzVMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEveW1DOHUwOThwUFBweVBSU3YwY2lCSlJ4Yk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBT3IMA0G
CSqGSIb3DQEBCwUAA4IBAQCPG/oyImBdAJ4LaVoIcHEBHewHIlqNYb43caFmXkEY
Hhx4nRGS6EhVYea/pPxpNZKoqGxz9jBgK+pR2Pa/4mvrwGXhbEdm2eAypZmVYQSr
JOSPVwBAmYQyYIEgPLvfqIoD+lgrRrQKLme03AYhZzHI4MzjZ5mUn30wRmPkfp4x
sKfXKB29TzW2Tw5Unj6KXtSgqRUxu5Qb5fTM1B8AXC59o5A+BWwQxyCB+7x+VxvI
K85kbPIZFPk5fEE9aBenMcZyBB/hZ7jds2jZcdD6ju9bSUB1I/nuLQh69PjE/sCl
tKCreDDNI0kyhsuVJrhux6Z6Xce4T860xa5YlL5hENi5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:28 2024 by rpki-client on console-fra.rpki-client.org