Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/ynWY9FzfDys1OCJVlfebS_p36hE.roa
File: ynWY9FzfDys1OCJVlfebS_p36hE.roa (raw, json)
Hash identifier: B836AczD0kkTBRj0WZQjNBVpwRdYb2R1ZMaNfkJv9gw=
Subject key identifier: CA:75:98:F4:5C:DF:0F:2B:35:38:22:55:95:F7:9B:4B:FA:77:EA:11
Certificate issuer: /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial: 0191D820BA77FEF70D4A69E243DECF6D1B41
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/ynWY9FzfDys1OCJVlfebS_p36hE.roa
Signing time: Mon 09 Sep 2024 18:51:49 +0000
ROA not before: Mon 09 Sep 2024 18:51:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.150.49.0/24 maxlen: 24
185.162.177.0/24 maxlen: 24
185.162.178.0/24 maxlen: 24
185.162.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 08:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:20:ba:77:fe:f7:0d:4a:69:e2:43:de:cf:6d:1b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Validity
Not Before: Sep 9 18:51:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca7598f45cdf0f2b3538225595f79b4bfa77ea11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:ab:2d:1c:1f:8a:f0:99:28:f3:2c:40:bf:
a6:73:93:0c:a0:b1:af:a6:5f:d6:fa:20:18:ab:b8:
ce:55:1d:72:4c:9d:05:30:9b:28:02:4e:94:03:f6:
65:fe:73:72:31:8f:da:c7:fb:88:72:25:73:39:55:
1e:ec:5f:03:f9:39:73:ef:95:5b:7a:60:ec:77:76:
d3:e3:b5:44:9b:ee:4e:3a:52:25:62:e9:0f:eb:01:
85:a9:d5:6a:16:37:75:95:8e:14:85:9f:06:e3:80:
0d:58:e6:11:a0:84:dd:c0:df:e9:e5:0c:89:0b:c5:
a5:62:1e:94:8b:f2:f4:ff:8b:6f:c1:e7:1b:22:c6:
25:20:3a:81:c9:f1:b5:75:12:c7:01:70:38:85:04:
7a:8c:2a:22:5c:73:63:c9:4a:f5:d5:c7:f5:eb:6d:
f4:bb:8c:fb:73:f7:61:cd:4e:58:33:20:bc:dd:b4:
cd:2d:d1:1c:95:ff:4f:46:ea:ad:df:9d:37:a9:5c:
ed:01:5d:80:07:94:45:2a:92:31:aa:fd:57:24:8f:
3d:4d:ab:ad:93:53:97:56:74:4b:ee:3b:7f:3c:d1:
ed:01:cf:a3:82:7b:ca:ae:5f:e7:47:f5:19:9c:da:
60:83:4d:ee:ed:df:be:06:5c:ae:51:a3:5a:ef:1f:
61:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:75:98:F4:5C:DF:0F:2B:35:38:22:55:95:F7:9B:4B:FA:77:EA:11
X509v3 Authority Key Identifier:
keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/ynWY9FzfDys1OCJVlfebS_p36hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.49.0/24
185.162.177.0-185.162.179.255
Signature Algorithm: sha256WithRSAEncryption
35:cd:8a:8a:75:bd:14:2d:dd:86:4a:c0:82:ed:ee:e4:7a:0b:
76:2c:8f:83:3b:75:4f:29:4b:d8:48:68:d5:b1:c3:5f:a3:91:
a1:57:13:4b:77:bd:a5:04:08:b5:e1:71:b2:2c:a4:bc:80:9f:
8a:56:0c:15:4f:a2:d2:24:27:e5:01:67:63:b4:10:0b:12:1f:
61:ef:5c:45:1f:18:dd:e2:72:9f:ab:d2:58:be:9f:08:fd:1f:
b8:89:b0:db:f6:29:8f:ce:01:23:6c:3f:d7:3b:10:23:de:2c:
e4:fe:ee:16:df:aa:9e:cd:01:df:f2:21:ac:08:2d:cc:ee:57:
a8:ad:2c:bb:5c:b4:b7:ef:a2:0b:17:d1:23:c6:eb:fc:29:25:
66:9c:b5:f8:84:2b:13:29:e2:63:84:f4:1d:c6:f1:fb:35:19:
8f:f2:56:cd:fd:c3:e4:f8:54:f9:48:ed:a1:96:85:f9:ab:01:
74:dc:1a:52:73:25:15:1a:8a:69:19:e4:90:98:10:9c:e7:2e:
a7:38:36:1d:95:c4:37:58:65:83:44:82:73:1f:7c:aa:12:7f:
aa:21:04:ab:b9:69:f2:e3:e6:2e:2d:58:7b:5c:0c:9e:c2:3f:
3e:59:9a:80:a0:38:2e:96:b4:af:39:28:cf:de:ec:3d:14:ff:
25:cb:d1:38
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHYILp3/vcNSmniQ97PbRtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjQwOTA5MTg1MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc1OThmNDVjZGYwZjJiMzUzODIyNTU5NWY3OWI0YmZhNzdlYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl02rLRwfivCZKPMsQL+mc5MMoLGv
pl/W+iAYq7jOVR1yTJ0FMJsoAk6UA/Zl/nNyMY/ax/uIciVzOVUe7F8D+Tlz75Vb
emDsd3bT47VEm+5OOlIlYukP6wGFqdVqFjd1lY4UhZ8G44ANWOYRoITdwN/p5QyJ
C8WlYh6Ui/L0/4tvwecbIsYlIDqByfG1dRLHAXA4hQR6jCoiXHNjyUr11cf16230
u4z7c/dhzU5YMyC83bTNLdEclf9PRuqt3503qVztAV2AB5RFKpIxqv1XJI89Taut
k1OXVnRL7jt/PNHtAc+jgnvKrl/nR/UZnNpgg03u7d++BlyuUaNa7x9hYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMp1mPRc3w8rNTgiVZX3m0v6d+oRMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEveW5XWTlGemZEeXMxT0NKVmxmZWJTX3AzNmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWZYxMAwD
BAC5orEDBAK5orAwDQYJKoZIhvcNAQELBQADggEBADXNiop1vRQt3YZKwILt7uR6
C3Ysj4M7dU8pS9hIaNWxw1+jkaFXE0t3vaUECLXhcbIspLyAn4pWDBVPotIkJ+UB
Z2O0EAsSH2HvXEUfGN3icp+r0li+nwj9H7iJsNv2KY/OASNsP9c7ECPeLOT+7hbf
qp7NAd/yIawILczuV6itLLtctLfvogsX0SPG6/wpJWactfiEKxMp4mOE9B3G8fs1
GY/yVs39w+T4VPlI7aGWhfmrAXTcGlJzJRUaimkZ5JCYEJznLqc4Nh2VxDdYZYNE
gnMffKoSf6ohBKu5afLj5i4tWHtcDJ7CPz5ZmoCgOC6WtK85KM/e7D0U/yXL0Tg=
-----END CERTIFICATE-----
Generated at Tue Sep 10 10:50:59 2024 by rpki-client on console-ams.rpki-client.org