Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YN1wj1LuyeCNKmew9QZA5Mc0Dx0.roa
File: YN1wj1LuyeCNKmew9QZA5Mc0Dx0.roa (raw, json)
Hash identifier: CSte27DZFCO/0uEX2RwMvKe2CQZqzYsvd9Y1edzv3XU=
Subject key identifier: 60:DD:70:8F:52:EE:C9:E0:8D:2A:67:B0:F5:06:40:E4:C7:34:0F:1D
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE66901C4FE144F9A25811BBD8731D3
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YN1wj1LuyeCNKmew9QZA5Mc0Dx0.roa
Signing time: Sun 01 Jan 2023 10:35:17 +0000
ROA not before: Sun 01 Jan 2023 10:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201114
IP address blocks: 62.176.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:69:01:c4:fe:14:4f:9a:25:81:1b:bd:87:31:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60dd708f52eec9e08d2a67b0f50640e4c7340f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ca:2d:cb:43:14:c9:82:dc:27:42:a2:fe:7f:
3e:5f:77:c2:63:0d:f1:b8:9e:b9:4e:f2:47:ea:0e:
76:75:8d:f1:c4:6a:8e:52:ac:a1:fb:d6:c0:1f:75:
2b:14:2b:f7:9a:a1:7f:d3:81:19:34:fe:0a:ac:ac:
5d:f6:c7:fa:dd:d0:4a:09:07:ee:33:85:34:4d:9d:
32:5b:0e:25:57:05:8d:e7:fe:1e:ed:59:5a:46:79:
80:41:ba:a6:f0:c4:82:ac:6a:47:0c:c1:7a:27:e7:
31:58:29:16:77:dd:b7:72:1c:53:b6:ec:b7:79:46:
1c:f4:d6:98:6e:57:f1:46:07:58:d2:53:f4:2b:2c:
79:ec:13:3a:a6:d3:15:b3:3e:f4:dc:95:1f:ed:12:
20:3b:3a:69:98:06:12:42:24:f5:48:1c:82:cb:47:
3d:f4:8f:5a:d1:51:66:b4:30:2f:6f:72:f1:48:65:
15:87:c0:bc:ff:25:f2:6d:6a:d0:91:d8:b1:04:9b:
40:9c:a3:41:48:13:5a:2c:a8:cc:af:9a:4b:d3:91:
c7:a3:79:25:fd:72:b3:d7:63:4a:49:37:23:79:63:
04:ad:9b:4a:80:c2:95:b2:89:cc:01:63:25:21:34:
66:ad:c8:0d:4b:6f:17:a2:9c:72:0f:f9:79:0d:75:
9e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DD:70:8F:52:EE:C9:E0:8D:2A:67:B0:F5:06:40:E4:C7:34:0F:1D
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/YN1wj1LuyeCNKmew9QZA5Mc0Dx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.176.121.0/24
Signature Algorithm: sha256WithRSAEncryption
47:79:fc:48:5b:ef:4f:e5:fb:50:23:a9:8f:50:2b:e2:e3:30:
48:90:d1:74:f6:f7:db:1b:88:2c:55:4a:2a:5a:dc:7c:7f:3a:
c3:af:59:bc:e6:23:87:08:67:cc:86:60:0d:b6:f4:1c:b9:63:
a1:e5:ab:74:1a:b9:42:ea:74:8e:f8:6b:7c:23:10:78:a6:c2:
02:b1:9b:37:4c:90:b2:99:44:c8:38:17:e1:f7:38:d4:d6:8d:
0e:97:ee:8c:60:89:11:81:cc:55:58:e8:52:aa:b4:b6:eb:b8:
0b:f4:19:c5:98:86:42:41:2a:b3:d1:b2:ab:a6:61:94:a1:04:
fb:47:3b:0d:14:76:cc:d5:56:74:98:fa:4d:60:23:e3:6f:7a:
17:ff:0c:5b:15:50:74:e3:23:57:ff:f1:97:9d:1f:06:b1:e0:
1b:8a:42:87:76:08:fb:fe:c5:a8:3b:62:9a:ca:e6:b8:8f:e4:
eb:e6:2b:2c:35:41:30:12:16:d5:9e:40:47:d4:ad:db:b9:f0:
65:4d:ef:fb:ce:d4:bd:c7:0f:31:78:7e:b4:c9:82:ca:9e:70:
d7:f0:30:5c:36:fa:14:83:f9:a9:fa:69:90:81:4e:62:21:51:
2f:05:84:28:97:7a:57:54:9e:38:d3:40:23:a3:55:6a:0f:aa:
af:05:83:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5mkBxP4UT5olgRu9hzHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRkNzA4ZjUyZWVjOWUwOGQyYTY3YjBmNTA2NDBlNGM3MzQwZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8oty0MUyYLcJ0Ki/n8+X3fCYw3x
uJ65TvJH6g52dY3xxGqOUqyh+9bAH3UrFCv3mqF/04EZNP4KrKxd9sf63dBKCQfu
M4U0TZ0yWw4lVwWN5/4e7VlaRnmAQbqm8MSCrGpHDMF6J+cxWCkWd923chxTtuy3
eUYc9NaYblfxRgdY0lP0Kyx57BM6ptMVsz703JUf7RIgOzppmAYSQiT1SByCy0c9
9I9a0VFmtDAvb3LxSGUVh8C8/yXybWrQkdixBJtAnKNBSBNaLKjMr5pL05HHo3kl
/XKz12NKSTcjeWMErZtKgMKVsonMAWMlITRmrcgNS28XopxyD/l5DXWe3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDdcI9S7sngjSpnsPUGQOTHNA8dMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWU4xd2oxTHV5ZUNOS21ldzlRWkE1TWMwRHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrB5MA0G
CSqGSIb3DQEBCwUAA4IBAQBHefxIW+9P5ftQI6mPUCvi4zBIkNF09vfbG4gsVUoq
Wtx8fzrDr1m85iOHCGfMhmANtvQcuWOh5at0GrlC6nSO+Gt8IxB4psICsZs3TJCy
mUTIOBfh9zjU1o0Ol+6MYIkRgcxVWOhSqrS267gL9BnFmIZCQSqz0bKrpmGUoQT7
RzsNFHbM1VZ0mPpNYCPjb3oX/wxbFVB04yNX//GXnR8GseAbikKHdgj7/sWoO2Ka
yua4j+Tr5issNUEwEhbVnkBH1K3bufBlTe/7ztS9xw8xeH60yYLKnnDX8DBcNvoU
g/mp+mmQgU5iIVEvBYQol3pXVJ4400Ajo1VqD6qvBYNf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org