Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yknnEvAqFVWidM9MkJ5btC9gkoQ.roa
File: yknnEvAqFVWidM9MkJ5btC9gkoQ.roa (raw, json)
Hash identifier: eg4wSQPAjRQ5me379ZOQovE6V4m261SFnuwMXxEVe3c=
Subject key identifier: CA:49:E7:12:F0:2A:15:55:A2:74:CF:4C:90:9E:5B:B4:2F:60:92:84
Certificate issuer: /CN=2fe5b7ccb403d30a44857d47c58cf1346546d283
Certificate serial: 018BDCD30F8D84396E97C8AC47E350F7696C
Authority key identifier: 2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yknnEvAqFVWidM9MkJ5btC9gkoQ.roa
Signing time: Fri 17 Nov 2023 10:28:21 +0000
ROA not before: Fri 17 Nov 2023 10:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29399
IP address blocks: 159.253.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:d3:0f:8d:84:39:6e:97:c8:ac:47:e3:50:f7:69:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe5b7ccb403d30a44857d47c58cf1346546d283
Validity
Not Before: Nov 17 10:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca49e712f02a1555a274cf4c909e5bb42f609284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:8d:44:a0:e6:e4:a3:87:58:e8:0d:69:ea:
f2:79:8a:02:2c:39:53:67:ed:0e:7d:e7:c2:29:72:
70:19:2c:60:1b:dd:31:5a:72:be:d8:72:b7:a1:08:
82:d1:bc:d7:2d:ff:d9:58:32:59:50:ad:9f:10:d0:
c3:56:f8:d9:8e:39:8d:a0:44:8d:a0:e7:0e:8c:1d:
e9:84:4a:24:8c:b5:0c:92:da:8c:8c:f7:99:8a:d2:
e1:29:0d:0c:f8:86:1b:53:f4:92:39:3b:4b:c2:80:
f0:68:a9:e5:00:a5:37:9e:0f:7a:76:6b:b5:b7:e5:
05:6b:df:9e:c5:ed:73:02:9c:10:b1:50:6b:23:2c:
85:f5:94:13:ed:e1:3d:e3:6b:3c:d5:fe:48:03:09:
d4:1a:7d:b1:2c:b8:11:28:36:50:8c:4a:2c:a1:52:
bc:f4:cc:28:0d:7a:fa:09:e4:bb:29:ff:83:f9:1d:
48:ee:20:e3:33:5f:eb:aa:c6:72:a8:8b:6d:f8:a4:
16:ea:1d:04:e3:4b:4d:3c:07:59:48:5e:9e:d7:e6:
b1:6d:01:34:dc:8a:70:d3:0f:2c:c8:cb:7c:0b:1f:
b6:f6:2d:8e:d1:2e:52:ea:b9:03:10:4d:00:2f:76:
b2:60:06:93:5e:7f:35:e1:c5:21:99:67:46:b9:b5:
69:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:49:E7:12:F0:2A:15:55:A2:74:CF:4C:90:9E:5B:B4:2F:60:92:84
X509v3 Authority Key Identifier:
keyid:2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yknnEvAqFVWidM9MkJ5btC9gkoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/L-W3zLQD0wpEhX1HxYzxNGVG0oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.86.0/24
Signature Algorithm: sha256WithRSAEncryption
86:19:08:1f:97:46:d6:f9:d9:10:db:0a:a5:47:9b:e1:74:aa:
47:dd:8f:e2:7d:84:66:bb:dd:6a:ac:f2:8f:d4:f8:13:c9:91:
1f:03:bc:77:12:36:46:c7:86:16:88:1f:00:fa:a9:d2:dc:c2:
fb:05:f6:a9:e5:c4:ba:60:21:cc:2c:72:48:52:95:ba:bc:e5:
67:66:5a:27:b8:f4:f6:d3:61:a5:3e:17:44:8b:8b:08:2b:49:
9d:ab:77:17:a1:61:b3:3e:1a:6e:c6:89:6c:bf:82:28:e7:52:
f7:d4:4b:01:ef:68:e8:89:07:a7:83:60:7e:db:e2:52:8a:08:
28:6e:69:d7:96:2a:f0:69:e8:a8:ae:b9:ff:fb:21:7b:21:77:
82:6a:16:25:25:48:90:7d:12:23:83:47:73:44:aa:ac:18:a3:
50:fb:c2:3b:f7:b8:1b:eb:8a:50:87:60:eb:22:26:7f:17:a9:
9b:ce:7a:09:1c:50:36:1b:3d:54:29:ff:c5:97:fa:19:f0:0b:
97:9a:fb:47:95:47:bb:3d:8c:31:67:99:db:ef:1e:ed:c4:36:
08:18:fa:e5:5d:98:2c:51:1b:8d:5e:52:a1:5b:62:5d:8e:51:
e8:3c:fa:c4:52:e9:8c:71:51:3f:86:4c:a7:99:c7:a5:67:8b:
0b:0d:21:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvc0w+NhDlul8isR+NQ92lsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTViN2NjYjQwM2QzMGE0NDg1N2Q0N2M1OGNmMTM0NjU0
NmQyODMwHhcNMjMxMTE3MTAyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ5ZTcxMmYwMmExNTU1YTI3NGNmNGM5MDllNWJiNDJmNjA5Mjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRWNRKDm5KOHWOgNaeryeYoCLDlT
Z+0OfefCKXJwGSxgG90xWnK+2HK3oQiC0bzXLf/ZWDJZUK2fENDDVvjZjjmNoESN
oOcOjB3phEokjLUMktqMjPeZitLhKQ0M+IYbU/SSOTtLwoDwaKnlAKU3ng96dmu1
t+UFa9+exe1zApwQsVBrIyyF9ZQT7eE942s81f5IAwnUGn2xLLgRKDZQjEosoVK8
9MwoDXr6CeS7Kf+D+R1I7iDjM1/rqsZyqItt+KQW6h0E40tNPAdZSF6e1+axbQE0
3Ipw0w8syMt8Cx+29i2O0S5S6rkDEE0AL3ayYAaTXn814cUhmWdGubVptQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpJ5xLwKhVVonTPTJCeW7QvYJKEMB8GA1UdIwQY
MBaAFC/lt8y0A9MKRIV9R8WM8TRlRtKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzIt
MmI4ZjczNDZmMzUwLzEveWtubkV2QXFGVldpZE05TWtKNWJ0Qzlna29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzItMmI4ZjczNDZmMzUw
LzEvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/1WMA0G
CSqGSIb3DQEBCwUAA4IBAQCGGQgfl0bW+dkQ2wqlR5vhdKpH3Y/ifYRmu91qrPKP
1PgTyZEfA7x3EjZGx4YWiB8A+qnS3ML7Bfap5cS6YCHMLHJIUpW6vOVnZlonuPT2
02GlPhdEi4sIK0mdq3cXoWGzPhpuxolsv4Io51L31EsB72joiQeng2B+2+JSiggo
bmnXlirwaeiorrn/+yF7IXeCahYlJUiQfRIjg0dzRKqsGKNQ+8I797gb64pQh2Dr
IiZ/F6mbznoJHFA2Gz1UKf/Fl/oZ8AuXmvtHlUe7PYwxZ5nb7x7txDYIGPrlXZgs
URuNXlKhW2JdjlHoPPrEUumMcVE/hkynmcelZ4sLDSE8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:19 2024 by rpki-client on console-ams.rpki-client.org