Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YGBBWWmR_2-jWFffT_VivyOFs8Q.roa
File: YGBBWWmR_2-jWFffT_VivyOFs8Q.roa (raw, json)
Hash identifier: rlYNwIiR+DF9njRL9zkLdQg7JSyrG0JHVHd2/6shICA=
Subject key identifier: 60:60:41:59:69:91:FF:6F:A3:58:57:DF:4F:F5:62:BF:23:85:B3:C4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A93EC478943F77C52B427EC2B16C2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YGBBWWmR_2-jWFffT_VivyOFs8Q.roa
Signing time: Tue 02 Jan 2024 12:33:57 +0000
ROA not before: Tue 02 Jan 2024 12:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216093
IP address blocks: 195.133.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 06:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:93:ec:47:89:43:f7:7c:52:b4:27:ec:2b:16:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=606041596991ff6fa35857df4ff562bf2385b3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:ed:2f:7a:43:23:a2:64:c3:1f:af:a1:f5:
4c:c7:3c:69:fb:8e:72:d1:ef:8c:78:3d:35:a5:d5:
17:f1:66:02:a8:c4:dc:04:aa:04:8a:98:bf:4f:31:
2a:9a:40:19:b2:c2:0e:12:99:7e:b6:9b:d9:e5:11:
70:31:c7:bf:6a:fc:a9:9a:1e:62:ad:24:f2:8e:db:
48:41:76:e3:91:e9:e3:3b:c1:07:12:83:78:6f:98:
2e:22:3e:73:39:ba:10:53:71:4f:ce:3b:69:2c:3e:
63:f8:13:92:4e:13:3d:99:2e:e9:55:69:c2:54:fa:
5d:16:6b:68:46:56:d2:f0:32:63:72:e5:00:86:e7:
85:da:5a:4d:52:c0:d9:76:7f:3a:dc:69:4d:48:fe:
ef:3e:40:2c:b9:a6:ae:c3:5c:d1:11:6f:42:11:05:
ed:12:4b:88:33:71:8c:6b:b3:06:91:54:a7:da:04:
9e:ca:bd:d0:d5:45:b9:8d:ff:fc:3b:50:56:84:8c:
91:84:a1:2b:42:27:15:ed:84:86:18:85:c8:5c:75:
54:90:0c:6a:02:cf:f3:65:88:e6:bb:c1:e7:41:78:
0a:bf:e4:70:7b:98:fc:3a:db:ca:3c:a4:9f:15:b1:
56:ee:3f:a2:2b:6a:d0:d8:45:0a:70:39:cc:8e:e3:
bf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:60:41:59:69:91:FF:6F:A3:58:57:DF:4F:F5:62:BF:23:85:B3:C4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YGBBWWmR_2-jWFffT_VivyOFs8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.14.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a8:a6:54:57:e4:54:2c:c7:57:f6:97:25:e3:ba:d3:02:79:
ef:4f:da:31:32:98:9a:32:27:d0:18:a0:11:ad:58:5e:4e:e7:
cb:58:e3:15:b1:5d:fa:a6:45:6b:60:e2:fa:24:e9:da:16:e1:
f6:ad:41:a3:69:ac:d4:d1:b9:17:3e:a5:17:14:26:e4:ef:22:
20:97:73:1e:9e:d6:75:62:17:f3:7d:e2:7e:9b:48:5e:37:05:
f4:dd:6a:94:8b:27:b6:30:40:09:47:0b:6b:1d:bb:fa:ca:c0:
4e:7c:69:93:51:68:6b:d5:a8:b9:e6:c6:4b:3b:fb:dd:a0:c1:
0c:e7:ce:79:4e:85:ec:b1:9f:3d:02:8c:f1:95:0a:69:6a:1c:
6f:53:68:12:6d:15:de:5a:c4:99:85:f6:3d:d9:3e:63:3e:e7:
a9:3c:4a:0d:01:01:c7:a8:eb:d6:b6:78:f1:11:75:ed:5c:ae:
5c:25:ce:f6:40:36:3a:d1:b8:7c:fd:f3:ff:59:18:d2:9d:68:
60:74:c1:4b:c1:43:14:9f:39:ee:4b:14:68:9d:b9:fb:0d:80:
5b:4b:b2:7d:56:cf:9e:6c:58:5a:a6:20:f8:46:50:32:73:2b:
26:5c:05:68:f3:ab:d5:b2:b7:41:45:a1:7d:0e:12:0c:3f:0d:
86:60:e8:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKpPsR4lD93xStCfsKxbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDYwNDE1OTY5OTFmZjZmYTM1ODU3ZGY0ZmY1NjJiZjIzODViM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5XtL3pDI6Jkwx+vofVMxzxp+45y
0e+MeD01pdUX8WYCqMTcBKoEipi/TzEqmkAZssIOEpl+tpvZ5RFwMce/avypmh5i
rSTyjttIQXbjkenjO8EHEoN4b5guIj5zOboQU3FPzjtpLD5j+BOSThM9mS7pVWnC
VPpdFmtoRlbS8DJjcuUAhueF2lpNUsDZdn863GlNSP7vPkAsuaauw1zREW9CEQXt
EkuIM3GMa7MGkVSn2gSeyr3Q1UW5jf/8O1BWhIyRhKErQicV7YSGGIXIXHVUkAxq
As/zZYjmu8HnQXgKv+Rwe5j8OtvKPKSfFbFW7j+iK2rQ2EUKcDnMjuO/OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBgQVlpkf9vo1hX30/1Yr8jhbPEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWUdCQldXbVJfMi1qV0ZmZlRfVml2eU9GczhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4UOMA0G
CSqGSIb3DQEBCwUAA4IBAQBuqKZUV+RULMdX9pcl47rTAnnvT9oxMpiaMifQGKAR
rVheTufLWOMVsV36pkVrYOL6JOnaFuH2rUGjaazU0bkXPqUXFCbk7yIgl3MentZ1
YhfzfeJ+m0heNwX03WqUiye2MEAJRwtrHbv6ysBOfGmTUWhr1ai55sZLO/vdoMEM
5855ToXssZ89AozxlQppahxvU2gSbRXeWsSZhfY92T5jPuepPEoNAQHHqOvWtnjx
EXXtXK5cJc72QDY60bh8/fP/WRjSnWhgdMFLwUMUnznuSxRonbn7DYBbS7J9Vs+e
bFhapiD4RlAycysmXAVo86vVsrdBRaF9DhIMPw2GYOhX
-----END CERTIFICATE-----
Generated at Sun Jan 21 08:16:10 2024 by rpki-client on console-ams.rpki-client.org