Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/yU6Krvksi1lPf5H08prxeSDwye8.roa
File: yU6Krvksi1lPf5H08prxeSDwye8.roa (raw, json)
Hash identifier: +AOwR0Xzlwmk6TcCV1Fv9+msu5wLmr+WpeT2tBh7Upk=
Subject key identifier: C9:4E:8A:AE:F9:2C:8B:59:4F:7F:91:F4:F2:9A:F1:79:20:F0:C9:EF
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 018997350202D8D0D5521966401B4E566336
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/yU6Krvksi1lPf5H08prxeSDwye8.roa
Signing time: Thu 27 Jul 2023 11:56:20 +0000
ROA not before: Thu 27 Jul 2023 11:56:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5459
IP address blocks: 195.66.232.0/22 maxlen: 22
195.66.240.0/22 maxlen: 22
195.66.248.0/22 maxlen: 22
2a01:40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:35:02:02:d8:d0:d5:52:19:66:40:1b:4e:56:63:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jul 27 11:56:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c94e8aaef92c8b594f7f91f4f29af17920f0c9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:fd:96:ea:d4:35:ee:30:9e:95:7f:c6:3b:
be:f8:20:6a:e1:7c:a4:9f:8e:1f:6a:ca:05:71:03:
12:1e:b4:7f:c7:cb:b1:52:7c:55:a8:fd:15:0b:af:
ba:29:27:30:0d:48:99:ba:98:fb:94:51:7a:9c:2e:
b6:12:2a:fa:5a:a3:c6:57:ff:9f:74:ea:90:b4:18:
53:02:ab:e4:fd:b9:c0:ab:1b:32:22:c6:58:19:75:
d9:b7:1e:9f:a2:1e:51:2e:8f:7e:18:f0:1b:d8:98:
03:53:1a:56:80:ee:f0:b4:9b:4a:b0:48:93:57:03:
f0:4d:50:c8:6d:16:62:0d:a9:7d:20:14:77:c9:6e:
f4:fd:ca:c2:58:8e:b1:35:79:19:1d:11:70:df:c8:
0d:46:e8:87:31:43:3a:6b:38:47:0c:7f:6f:15:92:
ed:58:5d:dc:89:7f:0c:e5:96:36:82:52:18:83:87:
e9:1d:38:5e:b5:79:89:c3:f2:49:93:c7:bd:ec:b0:
7f:58:83:e2:7c:29:eb:45:99:10:b6:48:88:47:ed:
21:c6:f5:1a:80:13:1b:a3:a2:35:7b:49:46:3d:ff:
52:f5:06:d2:5f:28:71:57:e6:cd:16:9f:be:cc:80:
a6:c4:7f:27:d3:ff:56:7c:ef:aa:a8:81:df:3a:db:
13:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4E:8A:AE:F9:2C:8B:59:4F:7F:91:F4:F2:9A:F1:79:20:F0:C9:EF
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/yU6Krvksi1lPf5H08prxeSDwye8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.232.0/22
195.66.240.0/22
195.66.248.0/22
IPv6:
2a01:40::/32
Signature Algorithm: sha256WithRSAEncryption
26:83:19:1e:39:4f:61:25:8a:c3:fa:6f:cc:29:6f:d2:e3:a8:
92:fb:b8:7e:fa:ad:97:34:2e:7c:57:fb:52:b2:a4:ae:62:9a:
d5:a1:2f:fc:78:f0:00:8a:6f:7d:2a:df:09:e7:61:46:c7:f0:
d8:5c:01:96:52:44:17:f3:a0:7d:c0:1d:d9:bd:ca:9c:d0:fe:
c8:f7:13:4b:d9:46:12:68:79:27:e5:a7:19:8d:1e:f5:71:d5:
97:c9:de:54:16:1e:ee:ac:35:dc:9c:0d:13:a3:ee:12:1b:78:
1d:b3:d8:a7:93:70:c4:e3:7b:8a:ed:77:da:63:84:c4:e9:e4:
21:2f:93:d6:ce:e4:3c:e7:90:0f:f4:92:82:81:e4:0d:ce:3c:
bb:29:d3:cd:7e:68:bf:30:b3:1b:a4:ac:e3:df:d1:e7:6f:7d:
76:52:10:06:06:46:ff:d5:2d:cb:72:4c:4d:4a:70:97:38:d0:
45:a7:ad:31:ab:dc:a1:1e:33:f4:63:a4:74:a9:15:0d:68:93:
65:29:1d:73:1e:20:04:79:6a:44:90:b5:ae:aa:19:d9:14:0f:
2e:e5:d9:10:9e:55:08:0e:b0:a9:b2:54:1f:bc:c3:cc:cf:b4:
d6:04:53:4a:fe:a4:fb:83:cd:68:19:62:e0:0e:9d:30:75:72:
80:90:f8:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYmXNQIC2NDVUhlmQBtOVmM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWFhMDBlYTc3NzA5OGIxYmYwMzY3NTZkNjQwZTlkMzFk
NjNiM2IwHhcNMjMwNzI3MTE1NjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRlOGFhZWY5MmM4YjU5NGY3ZjkxZjRmMjlhZjE3OTIwZjBjOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk039lurUNe4wnpV/xju++CBq4Xyk
n44fasoFcQMSHrR/x8uxUnxVqP0VC6+6KScwDUiZupj7lFF6nC62Eir6WqPGV/+f
dOqQtBhTAqvk/bnAqxsyIsZYGXXZtx6foh5RLo9+GPAb2JgDUxpWgO7wtJtKsEiT
VwPwTVDIbRZiDal9IBR3yW70/crCWI6xNXkZHRFw38gNRuiHMUM6azhHDH9vFZLt
WF3ciX8M5ZY2glIYg4fpHThetXmJw/JJk8e97LB/WIPifCnrRZkQtkiIR+0hxvUa
gBMbo6I1e0lGPf9S9QbSXyhxV+bNFp++zICmxH8n0/9WfO+qqIHfOtsTNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMlOiq75LItZT3+R9PKa8Xkg8MnvMB8GA1UdIwQY
MBaAFDbqoA6ndwmLG/A2dW1kDp0x1js7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQt
YmRiMjEzMTNjM2VjLzEveVU2S3J2a3NpMWxQZjVIMDhwcnhlU0R3eWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS80MTAyMzItYjFmZC00MTM3LTgzMmQtYmRiMjEzMTNjM2Vj
LzEvTnVxZ0RxZDNDWXNiOERaMWJXUU9uVEhXT3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCw0LoAwQC
w0LwAwQCw0L4MA0EAgACMAcDBQAqAQBAMA0GCSqGSIb3DQEBCwUAA4IBAQAmgxke
OU9hJYrD+m/MKW/S46iS+7h++q2XNC58V/tSsqSuYprVoS/8ePAAim99Kt8J52FG
x/DYXAGWUkQX86B9wB3Zvcqc0P7I9xNL2UYSaHkn5acZjR71cdWXyd5UFh7urDXc
nA0To+4SG3gds9ink3DE43uK7XfaY4TE6eQhL5PWzuQ855AP9JKCgeQNzjy7KdPN
fmi/MLMbpKzj39Hnb312UhAGBkb/1S3LckxNSnCXONBFp60xq9yhHjP0Y6R0qRUN
aJNlKR1zHiAEeWpEkLWuqhnZFA8u5dkQnlUIDrCpslQfvMPMz7TWBFNK/qT7g81o
GWLgDp0wdXKAkPgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:37 2024 by rpki-client on console-ams.rpki-client.org