Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Y_Jj34UjHwoh7Am_Og_zcDpFLQQ.roa
File: Y_Jj34UjHwoh7Am_Og_zcDpFLQQ.roa (raw, json)
Hash identifier: s32dP8J2SgNOl/ZP0aoT5uHsv+bVx9+UepMaeIX4XVc=
Subject key identifier: 63:F2:63:DF:85:23:1F:0A:21:EC:09:BF:3A:0F:F3:70:3A:45:2D:04
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C3564BA003892762DABA6EFCC0B95342A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Y_Jj34UjHwoh7Am_Og_zcDpFLQQ.roa
Signing time: Mon 04 Dec 2023 15:14:02 +0000
ROA not before: Mon 04 Dec 2023 15:14:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209642
IP address blocks: 45.146.242.0/23 maxlen: 24
89.251.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:64:ba:00:38:92:76:2d:ab:a6:ef:cc:0b:95:34:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 4 15:14:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63f263df85231f0a21ec09bf3a0ff3703a452d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:39:35:5a:0f:38:3b:8c:04:aa:26:23:fc:
24:a5:21:1e:16:11:29:ea:6d:12:5c:ea:43:3b:55:
d3:cd:0e:53:a0:ac:1d:fd:95:af:b6:0d:ae:ac:68:
b6:60:61:7f:85:98:33:92:7b:86:67:93:db:cf:98:
f0:59:84:26:ac:c1:54:8f:c9:0f:dc:ea:1b:5b:be:
a2:ef:6c:48:97:37:8f:24:9d:3a:72:3d:f3:07:8a:
d2:56:d7:21:dd:54:40:0d:3e:63:75:42:9d:52:d7:
de:45:b7:ac:79:a8:88:9d:d6:02:3a:2d:65:61:bf:
a2:7c:81:9f:18:cc:48:ba:f3:a6:a3:7c:75:4d:88:
07:fb:5a:c0:04:21:65:a8:46:7a:29:ce:8f:ea:6d:
8f:e2:58:a6:fb:df:d0:26:0c:7e:04:05:45:0d:d3:
b1:71:f5:58:c1:ff:19:ad:12:ca:d9:a3:e0:65:8c:
38:63:0e:c1:f9:c5:d4:ea:69:32:35:88:56:fd:9b:
ef:15:5b:42:57:41:fa:92:a7:aa:6f:b9:d3:2b:37:
74:19:7e:9a:e6:79:f7:12:c5:04:d8:a7:54:19:fd:
f7:f9:f4:a2:6c:f1:7f:8b:3c:ad:2f:18:d0:5f:fe:
96:70:c6:cd:08:5f:6c:15:19:dc:cc:fc:73:47:93:
4c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F2:63:DF:85:23:1F:0A:21:EC:09:BF:3A:0F:F3:70:3A:45:2D:04
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Y_Jj34UjHwoh7Am_Og_zcDpFLQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.242.0/23
89.251.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:01:71:f6:3c:92:e3:5f:f1:14:48:9e:c3:39:e6:b0:5c:e5:
2f:30:96:33:2a:74:29:71:fb:1a:57:71:17:f7:97:0b:07:e9:
fc:83:82:b2:a0:16:59:44:d6:42:21:32:8f:47:67:19:c0:87:
cd:a2:75:83:59:9a:13:3a:69:c9:6d:1c:01:71:d9:1a:40:9a:
04:d3:6d:ba:89:e0:24:15:f3:a1:27:ac:b4:ba:f2:8f:73:9d:
87:f2:50:5f:cc:a6:6a:91:e8:bf:32:ec:a6:af:3e:bd:c8:41:
ec:42:ac:34:d2:c4:e7:0b:0a:72:3b:97:a6:8c:24:02:51:73:
db:5e:6b:5f:70:16:9b:2a:5d:a5:82:6d:9e:8b:e9:16:c2:72:
bf:c2:c1:2e:35:84:97:8b:9a:1e:3a:4f:32:b6:71:73:e4:9e:
05:3f:7e:fc:ed:10:96:c2:bf:c1:1f:67:69:0a:76:98:ea:15:
df:e2:87:c1:cc:32:50:fe:4e:e7:78:e2:a5:91:b9:d8:e3:26:
ea:ff:64:9b:f2:1c:98:c0:8b:6e:95:c3:d3:22:8c:84:4d:8c:
ef:a3:79:e7:54:36:20:29:18:4d:b9:79:15:0d:77:08:68:9b:
11:05:0e:d1:41:5a:fa:54:5b:dc:66:96:a3:71:18:63:5f:fc:
44:cc:39:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw1ZLoAOJJ2Laum78wLlTQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjA0MTUxNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2YyNjNkZjg1MjMxZjBhMjFlYzA5YmYzYTBmZjM3MDNhNDUyZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uE5NVoPODuMBKomI/wkpSEeFhEp
6m0SXOpDO1XTzQ5ToKwd/ZWvtg2urGi2YGF/hZgzknuGZ5Pbz5jwWYQmrMFUj8kP
3OobW76i72xIlzePJJ06cj3zB4rSVtch3VRADT5jdUKdUtfeRbeseaiIndYCOi1l
Yb+ifIGfGMxIuvOmo3x1TYgH+1rABCFlqEZ6Kc6P6m2P4lim+9/QJgx+BAVFDdOx
cfVYwf8ZrRLK2aPgZYw4Yw7B+cXU6mkyNYhW/ZvvFVtCV0H6kqeqb7nTKzd0GX6a
5nn3EsUE2KdUGf33+fSibPF/izytLxjQX/6WcMbNCF9sFRnczPxzR5NMYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGPyY9+FIx8KIewJvzoP83A6RS0EMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWV9KajM0VWpId29oN0FtX09nX3pjRHBGTFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZLyAwQA
WfsLMA0GCSqGSIb3DQEBCwUAA4IBAQBvAXH2PJLjX/EUSJ7DOeawXOUvMJYzKnQp
cfsaV3EX95cLB+n8g4KyoBZZRNZCITKPR2cZwIfNonWDWZoTOmnJbRwBcdkaQJoE
0226ieAkFfOhJ6y0uvKPc52H8lBfzKZqkei/Muymrz69yEHsQqw00sTnCwpyO5em
jCQCUXPbXmtfcBabKl2lgm2ei+kWwnK/wsEuNYSXi5oeOk8ytnFz5J4FP3787RCW
wr/BH2dpCnaY6hXf4ofBzDJQ/k7neOKlkbnY4ybq/2Sb8hyYwItulcPTIoyETYzv
o3nnVDYgKRhNuXkVDXcIaJsRBQ7RQVr6VFvcZpajcRhjX/xEzDlg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org