Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Yd5oonWRxdBUhOLDeet1g69nQNU.roa
File: Yd5oonWRxdBUhOLDeet1g69nQNU.roa (raw, json)
Hash identifier: ik4LuwVhCNqygCjfqAZUsB6SKHbmSwOCzAj45qLC6OQ=
Subject key identifier: 61:DE:68:A2:75:91:C5:D0:54:84:E2:C3:79:EB:75:83:AF:67:40:D5
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0187DCC1D470A0B2F1CFE1F027B6CF9AEAEE
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Yd5oonWRxdBUhOLDeet1g69nQNU.roa
Signing time: Tue 02 May 2023 13:58:23 +0000
ROA not before: Tue 02 May 2023 13:58:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.42.44.0/22 maxlen: 22
89.46.217.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jul 2023 12:44:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:c1:d4:70:a0:b2:f1:cf:e1:f0:27:b6:cf:9a:ea:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: May 2 13:58:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61de68a27591c5d05484e2c379eb7583af6740d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a7:e9:c9:af:4c:30:a7:aa:33:24:28:89:02:
e0:f4:51:f2:f6:81:dc:15:70:1a:42:c6:4c:0a:21:
fc:4d:70:a2:a1:e9:e1:4e:c1:9a:42:24:55:1a:e4:
5b:e7:d4:1a:51:d1:c9:52:46:51:a3:06:e2:83:6d:
40:97:1c:01:99:75:dd:09:8e:d2:28:1e:95:22:be:
59:ca:e7:71:3c:23:4c:9e:19:7c:fc:74:2d:94:9a:
9a:f5:67:ac:89:a9:74:50:42:8c:35:b2:61:29:a4:
68:01:d0:49:0c:bd:3f:e6:b8:03:6d:0a:ba:8b:78:
90:15:34:a4:dd:1d:43:18:4e:44:53:78:6b:a3:aa:
f6:54:8c:49:f3:90:9d:21:7e:0f:49:7f:24:29:08:
46:b5:d0:b0:a6:c3:f4:d3:9a:92:34:20:e9:32:bb:
a8:c8:12:1e:ab:7d:25:eb:95:2a:ff:16:43:a4:02:
43:90:cc:ba:27:ef:7c:9f:8a:89:d7:8a:d0:3f:61:
83:36:22:d0:87:75:4c:95:99:46:b5:d4:da:16:f9:
de:28:e4:57:f4:ea:9e:85:16:9a:6c:13:5f:94:ef:
b1:b0:a0:e8:bd:97:5d:bd:68:ec:70:5d:42:72:38:
5f:4a:70:3d:94:3a:dc:dd:15:be:17:13:a2:01:ef:
b9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DE:68:A2:75:91:C5:D0:54:84:E2:C3:79:EB:75:83:AF:67:40:D5
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Yd5oonWRxdBUhOLDeet1g69nQNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.44.0/22
89.46.217.0/24
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:13:b3:1a:dc:fa:04:83:d4:81:fb:10:27:02:df:2f:b1:4b:
32:5b:8f:d8:a4:c6:d8:0a:ef:0f:10:8d:12:5b:74:26:87:e0:
b9:c3:f2:b1:2f:c4:1d:c0:14:bd:05:65:21:cf:d6:15:77:70:
da:2c:07:f6:61:d4:4a:e4:77:f8:76:af:4a:95:81:d7:63:9e:
cc:c6:e3:14:f5:c9:75:9e:3d:6b:fb:2a:d1:00:a9:54:df:ac:
79:29:56:21:6f:3f:8e:67:31:26:74:2e:d9:a1:0e:ee:0a:43:
cd:88:d9:2e:0f:21:bd:ed:bf:cf:ce:03:e3:c1:8c:47:3f:38:
ae:8d:56:54:12:c5:1a:d5:69:66:01:61:54:02:03:3c:37:31:
f2:b5:b9:3f:19:2d:22:11:6d:fc:94:78:dd:d4:23:13:0f:5a:
64:5d:ab:51:8f:4e:c3:ea:87:7f:d9:4c:55:3d:88:b4:93:35:
df:aa:75:6a:33:21:62:b0:af:8e:55:10:b7:23:14:1f:4b:09:
4d:c2:c8:c9:88:50:38:e2:1e:10:64:31:f5:18:bc:c9:16:37:
f9:a0:04:89:39:70:2c:03:52:cf:9b:1b:44:9f:e8:1c:76:bb:
6b:f0:ee:be:99:e6:b3:c8:cf:81:86:45:7c:96:56:75:44:a7:
29:9e:7a:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfcwdRwoLLxz+HwJ7bPmuruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNTAyMTM1ODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRlNjhhMjc1OTFjNWQwNTQ4NGUyYzM3OWViNzU4M2FmNjc0MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKfpya9MMKeqMyQoiQLg9FHy9oHc
FXAaQsZMCiH8TXCioenhTsGaQiRVGuRb59QaUdHJUkZRowbig21AlxwBmXXdCY7S
KB6VIr5ZyudxPCNMnhl8/HQtlJqa9Wesial0UEKMNbJhKaRoAdBJDL0/5rgDbQq6
i3iQFTSk3R1DGE5EU3hro6r2VIxJ85CdIX4PSX8kKQhGtdCwpsP005qSNCDpMruo
yBIeq30l65Uq/xZDpAJDkMy6J+98n4qJ14rQP2GDNiLQh3VMlZlGtdTaFvneKORX
9OqehRaabBNflO+xsKDovZddvWjscF1CcjhfSnA9lDrc3RW+FxOiAe+54wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHeaKJ1kcXQVITiw3nrdYOvZ0DVMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWWQ1b29uV1J4ZEJVaE9MRGVldDFnNjluUU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSosAwQA
WS7ZAwQAvNRgMA0GCSqGSIb3DQEBCwUAA4IBAQA/E7Ma3PoEg9SB+xAnAt8vsUsy
W4/YpMbYCu8PEI0SW3Qmh+C5w/KxL8QdwBS9BWUhz9YVd3DaLAf2YdRK5Hf4dq9K
lYHXY57MxuMU9cl1nj1r+yrRAKlU36x5KVYhbz+OZzEmdC7ZoQ7uCkPNiNkuDyG9
7b/PzgPjwYxHPziujVZUEsUa1WlmAWFUAgM8NzHytbk/GS0iEW38lHjd1CMTD1pk
XatRj07D6od/2UxVPYi0kzXfqnVqMyFisK+OVRC3IxQfSwlNwsjJiFA44h4QZDH1
GLzJFjf5oASJOXAsA1LPmxtEn+gcdrtr8O6+meazyM+BhkV8llZ1RKcpnno2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org