Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/YXaGqkVGvhodnbkwLf6pkEjWlxw.roa
File: YXaGqkVGvhodnbkwLf6pkEjWlxw.roa (raw, json)
Hash identifier: X3xaFAh9wWPpboBzUXICH+xvT5o07BVuwoVsRVJEWKk=
Subject key identifier: 61:76:86:AA:45:46:BE:1A:1D:9D:B9:30:2D:FE:A9:90:48:D6:97:1C
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 018C9093DB908C98CE4DFCCE0EBEF6D5D07E
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/YXaGqkVGvhodnbkwLf6pkEjWlxw.roa
Signing time: Fri 22 Dec 2023 08:10:58 +0000
ROA not before: Fri 22 Dec 2023 08:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 213.109.76.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 23 Dec 2023 11:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:93:db:90:8c:98:ce:4d:fc:ce:0e:be:f6:d5:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Dec 22 08:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=617686aa4546be1a1d9db9302dfea99048d6971c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d6:ef:b8:08:6a:3a:21:ca:d0:0c:e0:68:18:
4e:d7:62:4e:29:86:9b:ee:6d:a3:c2:cf:8a:6b:41:
5a:8d:d5:f7:14:7a:ab:f5:c0:d2:2f:6c:ab:67:ba:
b4:47:da:5e:21:e9:4a:fb:42:d2:78:33:4e:c6:fe:
81:8b:4c:1c:0f:27:25:17:d3:fc:ae:fa:f6:1f:fb:
5d:ba:ea:5b:94:50:bd:e5:46:3a:fd:06:93:d5:b5:
00:07:71:e1:5c:96:d0:b1:52:43:fd:34:56:5a:58:
ae:d1:dc:7f:88:a3:e9:d5:ef:77:3e:0e:36:fe:10:
0d:8b:7b:e7:20:e6:b8:a4:f8:09:c0:8b:2e:6b:a8:
05:c7:65:a1:32:ac:bc:41:d3:89:2a:11:f2:f0:26:
e0:59:19:25:12:73:58:7f:06:b5:7c:cb:54:95:a9:
32:fc:b1:4d:5d:e1:f7:16:ae:fa:34:0d:d7:e6:64:
a6:0f:f2:c8:86:d3:1e:89:ad:9d:87:b2:2d:e0:14:
77:d9:20:45:14:ad:0c:69:b0:ec:74:56:f9:6d:61:
69:b5:eb:04:99:08:e4:16:4d:64:d5:58:d7:2c:26:
12:e6:82:bc:1c:8f:18:fb:51:34:ed:86:eb:ac:b2:
d3:5b:36:be:3e:e7:13:07:af:e5:ac:87:b3:33:66:
49:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:76:86:AA:45:46:BE:1A:1D:9D:B9:30:2D:FE:A9:90:48:D6:97:1C
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/YXaGqkVGvhodnbkwLf6pkEjWlxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
02:cb:8f:a3:fd:8a:8f:e0:cc:d8:de:78:64:3f:9d:82:81:a3:
91:09:f4:c8:ce:b0:b5:23:eb:36:e8:95:37:88:1a:ca:59:8c:
b8:37:48:3c:1b:cb:0e:93:af:b1:a3:2d:41:1f:4b:78:04:52:
ac:7a:52:03:1c:e5:6c:0c:08:26:35:a5:9e:c3:99:90:91:03:
00:16:12:1e:29:84:b9:bc:79:52:fd:96:23:48:85:1a:07:10:
04:af:bf:51:89:56:0f:c2:1e:a3:62:4e:84:42:93:83:0f:85:
e9:23:57:ea:2c:b4:04:cb:dc:d9:bb:f6:cb:59:ea:bb:f9:4e:
1a:78:91:05:a0:00:16:d0:79:69:40:35:7b:e4:c4:10:c4:32:
df:a5:d4:18:d0:52:b4:9e:76:0c:96:b8:3e:00:40:cb:7a:37:
4c:53:bb:f4:b5:5c:2c:0c:12:43:25:80:2e:b3:c2:59:4c:f1:
bd:14:1a:30:1d:69:08:4c:42:5f:44:32:35:df:6f:c2:1e:82:
6e:18:90:17:65:c5:d5:4d:3e:5f:e8:d4:21:ff:50:8f:11:ff:
11:90:0a:c0:c2:85:90:ec:39:62:6b:d4:0d:3d:32:10:1c:f3:
dd:53:57:b7:7a:45:bc:41:80:36:29:4c:71:33:ca:84:79:34:
50:fc:d2:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyQk9uQjJjOTfzODr721dB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjMxMjIyMDgxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTc2ODZhYTQ1NDZiZTFhMWQ5ZGI5MzAyZGZlYTk5MDQ4ZDY5NzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNbvuAhqOiHK0AzgaBhO12JOKYab
7m2jws+Ka0FajdX3FHqr9cDSL2yrZ7q0R9peIelK+0LSeDNOxv6Bi0wcDyclF9P8
rvr2H/tduupblFC95UY6/QaT1bUAB3HhXJbQsVJD/TRWWliu0dx/iKPp1e93Pg42
/hANi3vnIOa4pPgJwIsua6gFx2WhMqy8QdOJKhHy8CbgWRklEnNYfwa1fMtUlaky
/LFNXeH3Fq76NA3X5mSmD/LIhtMeia2dh7It4BR32SBFFK0MabDsdFb5bWFptesE
mQjkFk1k1VjXLCYS5oK8HI8Y+1E07YbrrLLTWza+PucTB6/lrIezM2ZJPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGF2hqpFRr4aHZ25MC3+qZBI1pccMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvWVhhR3FrVkd2aG9kbmJrd0xmNnBrRWpXbHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1W1MMA0G
CSqGSIb3DQEBCwUAA4IBAQACy4+j/YqP4MzY3nhkP52CgaORCfTIzrC1I+s26JU3
iBrKWYy4N0g8G8sOk6+xoy1BH0t4BFKselIDHOVsDAgmNaWew5mQkQMAFhIeKYS5
vHlS/ZYjSIUaBxAEr79RiVYPwh6jYk6EQpODD4XpI1fqLLQEy9zZu/bLWeq7+U4a
eJEFoAAW0HlpQDV75MQQxDLfpdQY0FK0nnYMlrg+AEDLejdMU7v0tVwsDBJDJYAu
s8JZTPG9FBowHWkITEJfRDI132/CHoJuGJAXZcXVTT5f6NQh/1CPEf8RkArAwoWQ
7Dlia9QNPTIQHPPdU1e3ekW8QYA2KUxxM8qEeTRQ/NL7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:30 2024 by rpki-client on console-ams.rpki-client.org