Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a2ce7e-52e4-44ab-bba3-68d29f3af9a7/1/yfl3cV2zS3PbVX2yZisZRx4XjN4.roa
File: yfl3cV2zS3PbVX2yZisZRx4XjN4.roa (raw, json)
Hash identifier: /PB1qkIVIDFZPR1BbkegtzQeeJ6INE5Dyn5dMQmo+MM=
Subject key identifier: C9:F9:77:71:5D:B3:4B:73:DB:55:7D:B2:66:2B:19:47:1E:17:8C:DE
Certificate issuer: /CN=c309f99595e6f9251944e26b794b481bf57c7f95
Certificate serial: 01856E78EAFC99BCFA935D834D89DBC613AE
Authority key identifier: C3:09:F9:95:95:E6:F9:25:19:44:E2:6B:79:4B:48:1B:F5:7C:7F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wwn5lZXm-SUZROJreUtIG_V8f5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a2ce7e-52e4-44ab-bba3-68d29f3af9a7/1/yfl3cV2zS3PbVX2yZisZRx4XjN4.roa
Signing time: Sun 01 Jan 2023 17:54:56 +0000
ROA not before: Sun 01 Jan 2023 17:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201211
IP address blocks: 45.94.104.0/22 maxlen: 22
194.110.8.0/22 maxlen: 22
2a0d:3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ea:fc:99:bc:fa:93:5d:83:4d:89:db:c6:13:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c309f99595e6f9251944e26b794b481bf57c7f95
Validity
Not Before: Jan 1 17:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f977715db34b73db557db2662b19471e178cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:94:52:c6:22:9d:81:4d:c5:c9:60:b6:8e:
5a:36:ab:64:9f:76:7c:41:17:d0:b4:8c:46:3a:4e:
54:a8:4f:e1:a3:97:dd:30:d0:83:45:fa:a9:33:b5:
24:ea:f3:27:96:a7:c2:9d:a3:b1:61:08:fe:87:59:
d2:cc:46:ff:17:41:94:74:4a:3c:5f:6c:2e:5c:18:
97:6e:70:96:fc:ff:41:61:2f:84:d9:af:1f:59:46:
b6:3b:fd:a1:d8:6f:be:fc:da:9d:de:a0:47:66:ae:
58:f0:a8:a7:b6:7b:7c:d7:19:73:68:b9:6c:57:ed:
41:44:b8:c9:cc:85:92:5c:dc:b4:1d:c2:5a:27:b9:
b0:25:6f:dd:b8:85:77:c3:49:23:55:ed:23:d0:ed:
b2:b9:ca:22:e8:1a:bf:b0:f5:78:c0:64:68:ef:b9:
23:f7:2a:f8:55:20:65:37:8d:9c:45:bd:17:a8:58:
57:b9:1b:ab:d6:47:53:8c:eb:f2:e0:66:0e:e7:9c:
f5:10:db:1d:3f:79:64:5f:8c:dd:59:d4:58:93:0c:
76:3c:a4:aa:7b:68:40:a2:03:21:05:55:0f:81:65:
67:b3:44:c9:16:fa:40:a7:bb:76:0f:58:82:53:bb:
8c:5d:6a:d4:e0:5f:72:29:e9:7f:27:48:9a:c1:03:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F9:77:71:5D:B3:4B:73:DB:55:7D:B2:66:2B:19:47:1E:17:8C:DE
X509v3 Authority Key Identifier:
keyid:C3:09:F9:95:95:E6:F9:25:19:44:E2:6B:79:4B:48:1B:F5:7C:7F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wwn5lZXm-SUZROJreUtIG_V8f5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a2ce7e-52e4-44ab-bba3-68d29f3af9a7/1/yfl3cV2zS3PbVX2yZisZRx4XjN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a2ce7e-52e4-44ab-bba3-68d29f3af9a7/1/wwn5lZXm-SUZROJreUtIG_V8f5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.104.0/22
194.110.8.0/22
IPv6:
2a0d:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:5a:ed:03:27:ca:41:a7:c7:ba:c7:1f:05:cd:aa:bd:b9:99:
53:e3:ed:84:6a:68:ae:6a:97:75:ba:e4:a5:f6:35:98:ee:e1:
ba:94:f7:8d:d1:dd:77:8f:5f:7e:a1:7c:ba:15:10:78:8f:ee:
e5:8d:3c:c6:d9:81:e8:f0:df:5c:f1:85:de:94:b3:56:6c:18:
f9:08:dc:b6:a6:16:76:98:3f:06:fd:1e:f9:16:98:18:68:18:
5a:3e:b1:c8:cf:39:aa:70:8b:40:ea:a0:09:fa:1c:c9:a2:ee:
8a:cc:0c:e5:63:8b:15:70:10:f8:43:9b:4c:f8:5a:51:9b:e2:
7e:02:1a:72:64:fe:88:00:c0:94:bc:7c:d9:4b:aa:44:82:bc:
e0:bf:03:ee:d9:32:fb:e7:a9:cd:4f:45:b9:2f:8a:cc:d6:a1:
2e:88:2a:4a:78:22:6c:7e:6a:72:60:ce:91:e5:c0:c3:4f:b0:
62:2d:a0:47:90:fd:34:11:5d:0d:70:17:19:54:f4:f5:22:03:
2f:eb:31:c5:e7:d7:ca:f3:a7:30:50:07:36:75:00:db:9c:06:
fe:f1:1a:4e:70:1c:e6:91:ba:57:e6:ff:59:e6:10:66:95:3c:
d7:b8:94:9b:3e:4b:28:4c:ed:ce:75:12:c4:d5:25:8e:a7:de:
d4:93:80:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVueOr8mbz6k12DTYnbxhOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMDlmOTk1OTVlNmY5MjUxOTQ0ZTI2Yjc5NGI0ODFiZjU3
YzdmOTUwHhcNMjMwMTAxMTc1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY5Nzc3MTVkYjM0YjczZGI1NTdkYjI2NjJiMTk0NzFlMTc4Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzqUUsYinYFNxclgto5aNqtkn3Z8
QRfQtIxGOk5UqE/ho5fdMNCDRfqpM7Uk6vMnlqfCnaOxYQj+h1nSzEb/F0GUdEo8
X2wuXBiXbnCW/P9BYS+E2a8fWUa2O/2h2G++/Nqd3qBHZq5Y8Kintnt81xlzaLls
V+1BRLjJzIWSXNy0HcJaJ7mwJW/duIV3w0kjVe0j0O2yucoi6Bq/sPV4wGRo77kj
9yr4VSBlN42cRb0XqFhXuRur1kdTjOvy4GYO55z1ENsdP3lkX4zdWdRYkwx2PKSq
e2hAogMhBVUPgWVns0TJFvpAp7t2D1iCU7uMXWrU4F9yKel/J0iawQMQMQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMn5d3Fds0tz21V9smYrGUceF4zeMB8GA1UdIwQY
MBaAFMMJ+ZWV5vklGUTia3lLSBv1fH+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3duNWxaWG0tU1VaUk9KcmVVdElHX1Y4ZjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMmNlN2UtNTJlNC00NGFiLWJiYTMt
NjhkMjlmM2FmOWE3LzEveWZsM2NWMnpTM1BiVlgyeVppc1pSeDRYak40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMmNlN2UtNTJlNC00NGFiLWJiYTMtNjhkMjlmM2FmOWE3
LzEvd3duNWxaWG0tU1VaUk9KcmVVdElHX1Y4ZjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLV5oAwQC
wm4IMA0EAgACMAcDBQMqDQPAMA0GCSqGSIb3DQEBCwUAA4IBAQBcWu0DJ8pBp8e6
xx8Fzaq9uZlT4+2Eamiuapd1uuSl9jWY7uG6lPeN0d13j19+oXy6FRB4j+7ljTzG
2YHo8N9c8YXelLNWbBj5CNy2phZ2mD8G/R75FpgYaBhaPrHIzzmqcItA6qAJ+hzJ
ou6KzAzlY4sVcBD4Q5tM+FpRm+J+AhpyZP6IAMCUvHzZS6pEgrzgvwPu2TL756nN
T0W5L4rM1qEuiCpKeCJsfmpyYM6R5cDDT7BiLaBHkP00EV0NcBcZVPT1IgMv6zHF
59fK86cwUAc2dQDbnAb+8RpOcBzmkbpX5v9Z5hBmlTzXuJSbPksoTO3OdRLE1SWO
p97Uk4CZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:53 2024 by rpki-client on console-fra.rpki-client.org