Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/KIm7XOw9FyQz9EmsLZ6wnExaogM.roa
File: KIm7XOw9FyQz9EmsLZ6wnExaogM.roa (raw, json)
Hash identifier: jbv69HTUdB47EuVFV0hEHEeO1dQOzZ04kK+SyWyZJt0=
Subject key identifier: 28:89:BB:5C:EC:3D:17:24:33:F4:49:AC:2D:9E:B0:9C:4C:5A:A2:03
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 018570671C343BC93043E5C34784BFCC2FF1
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/KIm7XOw9FyQz9EmsLZ6wnExaogM.roa
Signing time: Mon 02 Jan 2023 02:54:43 +0000
ROA not before: Mon 02 Jan 2023 02:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34749
IP address blocks: 93.94.160.0/21 maxlen: 24
193.168.50.0/24 maxlen: 24
2a00:ea80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1c:34:3b:c9:30:43:e5:c3:47:84:bf:cc:2f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Jan 2 02:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2889bb5cec3d172433f449ac2d9eb09c4c5aa203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:db:2a:70:1b:1c:b5:1e:e4:c2:43:55:27:8d:
83:31:6a:f7:1c:1f:4a:40:9c:38:2b:47:6f:f6:c3:
4a:a3:65:77:11:d8:c2:0d:8b:52:4c:d4:25:af:b5:
a1:7b:06:25:c0:3f:da:57:cf:5a:57:7f:c9:25:51:
e7:d0:6a:ca:8a:e6:7f:34:07:c5:1c:74:86:2c:08:
c0:94:52:f0:4e:a2:1f:ae:fe:d3:2d:1c:c4:51:38:
e4:25:61:c9:19:3e:98:f8:4e:6e:5c:e9:18:7a:d8:
ec:f7:86:8b:0d:c8:54:e0:63:a7:d9:5d:cb:62:81:
fb:45:b5:5b:6b:2e:af:39:a2:02:e6:80:a8:e2:e2:
e6:ac:b7:81:a1:3b:68:94:83:a0:4a:50:0f:f3:5e:
0f:b1:4b:f2:b4:28:11:4a:3e:e9:65:ae:88:0e:d6:
af:fd:87:36:40:c9:a7:03:72:43:55:a9:98:20:66:
a3:ef:b6:d9:fc:9c:7a:bb:13:7b:0e:b1:b1:ac:b8:
22:75:d4:1a:eb:90:e3:6c:aa:ad:27:8e:c1:c2:e8:
b5:70:41:46:76:af:7a:d2:64:ea:09:45:49:48:28:
9e:2b:d7:12:e7:0c:23:e1:c8:9e:cc:b3:9a:76:ab:
99:0c:60:7e:5b:9b:d6:a3:6c:0c:66:d8:80:9d:31:
cf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:89:BB:5C:EC:3D:17:24:33:F4:49:AC:2D:9E:B0:9C:4C:5A:A2:03
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/KIm7XOw9FyQz9EmsLZ6wnExaogM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.160.0/21
193.168.50.0/24
IPv6:
2a00:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
0a:90:be:da:19:41:01:a2:62:96:79:f7:0d:c9:54:12:4c:61:
a2:a0:94:f5:ee:8c:74:08:09:7e:37:9f:1d:f6:60:1c:b1:b8:
d7:54:8e:23:c7:3a:26:36:a3:e0:9a:12:1a:0c:a6:ff:be:1b:
39:3d:f4:95:c5:4f:76:70:a0:5f:0a:cc:33:0f:04:bd:55:fa:
9d:2a:10:35:06:cf:05:06:a0:51:6b:ec:a9:2c:ca:11:68:c0:
20:dc:ce:65:be:a7:51:83:3b:54:fd:d5:95:73:50:fe:47:26:
9e:ee:e8:5b:10:91:32:ba:34:50:9d:96:4d:21:41:39:dd:4e:
e7:ab:cc:58:ed:54:9a:12:96:10:8a:8b:4e:20:e0:2e:5a:61:
16:36:53:75:26:1c:3a:ad:94:48:7b:92:59:94:a8:ff:ca:a1:
7e:18:e2:ca:07:90:1f:ad:ff:b3:18:ed:a3:3d:de:de:6b:35:
ac:a3:31:29:7d:ba:25:c5:f8:94:25:40:21:0c:19:3c:83:e5:
47:01:8f:53:5c:24:f6:ed:d1:bc:50:1d:3d:05:b7:fc:0a:d8:
bf:53:93:78:bc:1f:c8:f2:17:a2:22:57:4a:de:75:ab:ea:f9:
9d:53:66:01:78:a5:48:e9:3d:0d:b7:d8:15:66:8e:e1:a0:de:
fc:cf:18:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwZxw0O8kwQ+XDR4S/zC/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg5YmI1Y2VjM2QxNzI0MzNmNDQ5YWMyZDllYjA5YzRjNWFhMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtsqcBsctR7kwkNVJ42DMWr3HB9K
QJw4K0dv9sNKo2V3EdjCDYtSTNQlr7WhewYlwD/aV89aV3/JJVHn0GrKiuZ/NAfF
HHSGLAjAlFLwTqIfrv7TLRzEUTjkJWHJGT6Y+E5uXOkYetjs94aLDchU4GOn2V3L
YoH7RbVbay6vOaIC5oCo4uLmrLeBoTtolIOgSlAP814PsUvytCgRSj7pZa6IDtav
/Yc2QMmnA3JDVamYIGaj77bZ/Jx6uxN7DrGxrLgiddQa65DjbKqtJ47Bwui1cEFG
dq960mTqCUVJSCieK9cS5wwj4ciezLOadquZDGB+W5vWo2wMZtiAnTHPkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCiJu1zsPRckM/RJrC2esJxMWqIDMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvS0ltN1hPdzlGeVF6OUVtc0xaNnduRXhhb2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXV6gAwQA
wagyMA0EAgACMAcDBQAqAOqAMA0GCSqGSIb3DQEBCwUAA4IBAQAKkL7aGUEBomKW
efcNyVQSTGGioJT17ox0CAl+N58d9mAcsbjXVI4jxzomNqPgmhIaDKb/vhs5PfSV
xU92cKBfCswzDwS9VfqdKhA1Bs8FBqBRa+ypLMoRaMAg3M5lvqdRgztU/dWVc1D+
Ryae7uhbEJEyujRQnZZNIUE53U7nq8xY7VSaEpYQiotOIOAuWmEWNlN1Jhw6rZRI
e5JZlKj/yqF+GOLKB5Afrf+zGO2jPd7eazWsozEpfbolxfiUJUAhDBk8g+VHAY9T
XCT27dG8UB09Bbf8Cti/U5N4vB/I8heiIldK3nWr6vmdU2YBeKVI6T0Nt9gVZo7h
oN78zxjf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org