Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/95ba80-0751-4cb9-8cb4-29f334e11a19/1/YecAqCSa4gHEHHnB4HuD4EXj6Uo.roa
File: YecAqCSa4gHEHHnB4HuD4EXj6Uo.roa (raw, json)
Hash identifier: /duipkp/iTcWdES+82l/m597BH/mk756w1k6jcaN29E=
Subject key identifier: 61:E7:00:A8:24:9A:E2:01:C4:1C:79:C1:E0:7B:83:E0:45:E3:E9:4A
Certificate issuer: /CN=cbd22b4ade0ed1d4d5328eae5f38a58be953f838
Certificate serial: 01856F3013FA6E02F2E51BCED93246C3C724
Authority key identifier: CB:D2:2B:4A:DE:0E:D1:D4:D5:32:8E:AE:5F:38:A5:8B:E9:53:F8:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9IrSt4O0dTVMo6uXzili-lT-Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/95ba80-0751-4cb9-8cb4-29f334e11a19/1/YecAqCSa4gHEHHnB4HuD4EXj6Uo.roa
Signing time: Sun 01 Jan 2023 21:14:59 +0000
ROA not before: Sun 01 Jan 2023 21:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 194.147.102.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:13:fa:6e:02:f2:e5:1b:ce:d9:32:46:c3:c7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd22b4ade0ed1d4d5328eae5f38a58be953f838
Validity
Not Before: Jan 1 21:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61e700a8249ae201c41c79c1e07b83e045e3e94a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:97:aa:f3:8a:79:63:b5:83:71:84:bf:a9:
2f:3e:a8:ad:c8:cf:82:a0:2e:f1:56:3a:77:3a:35:
ee:3a:c8:af:cf:d4:70:ab:9d:1b:bf:62:25:70:c6:
88:1a:fa:af:78:45:5d:24:26:83:94:77:8a:7e:d7:
cb:14:2d:bb:d1:c7:c3:3b:99:e4:e2:52:77:50:97:
78:25:27:14:ed:82:07:5f:70:d7:77:cb:fe:8b:59:
c2:41:87:0a:2a:cf:6e:64:90:1d:6e:1a:7a:25:10:
2d:cf:28:62:fa:2c:7d:e4:b7:86:8e:ab:b8:f5:e1:
5b:45:c3:7b:a7:84:81:82:ae:9e:82:87:b4:98:72:
81:b9:68:07:12:71:79:6c:14:14:f6:3f:17:ca:f8:
8e:6b:d2:05:aa:4b:9b:b8:78:2d:a2:e9:7e:81:69:
cc:36:7e:de:94:19:44:ef:69:45:5d:09:0e:0e:72:
e9:f7:b3:a3:d1:2b:32:31:f9:0a:a6:91:d1:8b:97:
bb:81:ef:81:e3:c1:2b:72:b3:98:a8:ea:ae:35:b2:
8b:c7:c4:a4:3b:17:94:04:06:46:be:fa:ac:13:36:
a4:98:a3:cf:f0:63:89:18:91:97:3d:47:cd:00:88:
b2:fe:c0:fd:e1:1e:76:30:58:4f:38:7a:cb:68:5e:
6f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E7:00:A8:24:9A:E2:01:C4:1C:79:C1:E0:7B:83:E0:45:E3:E9:4A
X509v3 Authority Key Identifier:
keyid:CB:D2:2B:4A:DE:0E:D1:D4:D5:32:8E:AE:5F:38:A5:8B:E9:53:F8:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9IrSt4O0dTVMo6uXzili-lT-Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/95ba80-0751-4cb9-8cb4-29f334e11a19/1/YecAqCSa4gHEHHnB4HuD4EXj6Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/95ba80-0751-4cb9-8cb4-29f334e11a19/1/y9IrSt4O0dTVMo6uXzili-lT-Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.102.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:35:3a:0d:ed:f0:2e:64:45:7c:bd:b5:90:be:21:2b:cd:7f:
21:5b:61:37:37:e3:df:da:cd:15:79:17:f7:36:6f:51:81:52:
a0:a5:5e:4d:dc:76:bf:11:1d:34:da:db:b2:36:2d:6a:16:98:
cf:d8:2d:a1:68:2b:9a:6e:14:9f:4d:5a:b6:d3:14:82:d7:7d:
7e:02:ba:90:fd:96:95:06:09:d4:8a:46:60:d7:65:1c:10:a4:
d1:67:1c:b6:6c:d7:29:df:2c:6f:e3:5d:f0:13:18:c8:19:79:
da:6d:84:e1:55:c1:3e:56:1e:44:aa:d1:d2:0e:6e:fe:9d:27:
15:0a:92:df:80:c3:27:5b:0a:de:34:91:73:d6:f5:09:de:78:
5b:95:e6:48:a9:57:b8:6f:30:14:c9:c1:d2:b9:ff:2d:01:bf:
82:f1:63:38:1e:5d:e3:6e:e5:81:ca:6b:72:45:fe:89:a5:88:
85:ff:d4:0d:df:11:ac:3d:e9:42:eb:41:cb:19:f0:f1:2d:a3:
e4:25:cf:60:24:70:6d:f4:55:50:37:eb:65:8c:68:23:db:4d:
77:3a:ee:b4:28:3b:04:2e:24:25:3d:c2:92:a5:6b:d9:40:53:
5d:b4:e5:fe:81:cb:a5:76:ac:f5:de:ee:2e:8a:f4:8a:65:d0:
87:d6:96:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMBP6bgLy5RvO2TJGw8ckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDIyYjRhZGUwZWQxZDRkNTMyOGVhZTVmMzhhNThiZTk1
M2Y4MzgwHhcNMjMwMTAxMjExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU3MDBhODI0OWFlMjAxYzQxYzc5YzFlMDdiODNlMDQ1ZTNlOTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihmXqvOKeWO1g3GEv6kvPqityM+C
oC7xVjp3OjXuOsivz9Rwq50bv2IlcMaIGvqveEVdJCaDlHeKftfLFC270cfDO5nk
4lJ3UJd4JScU7YIHX3DXd8v+i1nCQYcKKs9uZJAdbhp6JRAtzyhi+ix95LeGjqu4
9eFbRcN7p4SBgq6egoe0mHKBuWgHEnF5bBQU9j8XyviOa9IFqkubuHgtoul+gWnM
Nn7elBlE72lFXQkODnLp97Oj0SsyMfkKppHRi5e7ge+B48ErcrOYqOquNbKLx8Sk
OxeUBAZGvvqsEzakmKPP8GOJGJGXPUfNAIiy/sD94R52MFhPOHrLaF5vOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHnAKgkmuIBxBx5weB7g+BF4+lKMB8GA1UdIwQY
MBaAFMvSK0reDtHU1TKOrl84pYvpU/g4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlJclN0NE8wZFRWTW82dVh6aWxpLWxULURnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NWJhODAtMDc1MS00Y2I5LThjYjQt
MjlmMzM0ZTExYTE5LzEvWWVjQXFDU2E0Z0hFSEhuQjRIdUQ0RVhqNlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NWJhODAtMDc1MS00Y2I5LThjYjQtMjlmMzM0ZTExYTE5
LzEveTlJclN0NE8wZFRWTW82dVh6aWxpLWxULURnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpNmMA0G
CSqGSIb3DQEBCwUAA4IBAQDBNToN7fAuZEV8vbWQviErzX8hW2E3N+Pf2s0VeRf3
Nm9RgVKgpV5N3Ha/ER002tuyNi1qFpjP2C2haCuabhSfTVq20xSC131+ArqQ/ZaV
BgnUikZg12UcEKTRZxy2bNcp3yxv413wExjIGXnabYThVcE+Vh5EqtHSDm7+nScV
CpLfgMMnWwreNJFz1vUJ3nhbleZIqVe4bzAUycHSuf8tAb+C8WM4Hl3jbuWBymty
Rf6JpYiF/9QN3xGsPelC60HLGfDxLaPkJc9gJHBt9FVQN+tljGgj2013Ou60KDsE
LiQlPcKSpWvZQFNdtOX+gculdqz13u4uivSKZdCH1pan
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:05 2024 by rpki-client on console-fra.rpki-client.org