Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YTbbIZM67WzC7_zBkx8hHYP_-oM.roa
File: YTbbIZM67WzC7_zBkx8hHYP_-oM.roa (raw, json)
Hash identifier: vW+OigsJmSJ2nJI5PiSXk8597cXzAKJmhs8/KhiG5jI=
Subject key identifier: 61:36:DB:21:93:3A:ED:6C:C2:EF:FC:C1:93:1F:21:1D:83:FF:FA:83
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0191A7E92FA61C969ED81188699008D023B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YTbbIZM67WzC7_zBkx8hHYP_-oM.roa
Signing time: Sat 31 Aug 2024 10:09:22 +0000
ROA not before: Sat 31 Aug 2024 10:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 193.124.44.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
195.133.17.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 09:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:e9:2f:a6:1c:96:9e:d8:11:88:69:90:08:d0:23:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 31 10:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6136db21933aed6cc2effcc1931f211d83fffa83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:0f:a7:68:85:5f:ce:9b:2c:cd:ba:c5:33:
a7:0f:7b:83:e7:cc:e0:85:b4:63:c2:24:6b:b8:87:
aa:c3:4f:c5:8e:28:4a:1d:4a:3f:12:b0:eb:f0:be:
a4:31:65:11:18:90:5f:9a:51:64:56:da:42:4b:ff:
2c:72:b0:25:74:5e:56:29:ab:c5:35:81:ad:6c:c6:
7d:13:8b:eb:21:57:74:cf:7c:41:3e:f8:b0:9a:79:
61:3f:44:22:68:e3:2f:57:e1:53:00:cb:fe:a3:d2:
f5:d8:33:d4:ab:07:5d:fd:08:36:e8:a5:d3:ba:e0:
68:21:94:18:c5:d5:bb:51:b8:df:aa:84:03:80:c2:
1b:b0:a8:df:61:0a:e9:59:c8:74:0a:6d:c2:32:4b:
07:25:81:e2:b4:00:43:28:84:bf:c4:c1:d8:1d:29:
c4:77:dd:92:76:cf:c8:a6:01:f4:03:1b:2a:ee:52:
cd:61:72:ad:e9:8b:bc:d4:91:3a:d1:e5:95:fc:7d:
ce:7d:77:72:ba:1d:2c:b5:34:0b:65:35:46:7a:80:
7a:b1:8e:d6:1f:75:16:88:f2:8f:59:a1:2e:5a:c8:
3f:14:b9:6f:62:b4:2b:9d:84:00:62:5f:fb:4a:77:
f4:92:57:eb:6e:64:63:10:7d:70:fc:e4:2f:64:c5:
f7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:36:DB:21:93:3A:ED:6C:C2:EF:FC:C1:93:1F:21:1D:83:FF:FA:83
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YTbbIZM67WzC7_zBkx8hHYP_-oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.44.0/24
194.87.37.0/24
195.133.17.0/24
195.133.39.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:64:c8:41:4a:b9:48:c8:4f:67:31:2a:c1:03:5d:db:37:7b:
e1:da:6f:f3:50:f7:51:86:a1:6c:47:7c:28:5c:e6:41:dc:50:
01:00:ef:43:1a:1e:2a:36:65:c4:30:f4:34:dd:e6:3b:c6:c7:
9b:9a:7e:64:58:c5:f1:b8:3f:67:10:e3:4a:d1:88:a3:a6:2f:
ba:d1:95:ba:8e:34:5c:d2:4b:89:13:01:72:85:cc:22:a0:57:
9a:74:f3:6b:41:18:eb:bc:aa:bb:04:d5:3f:7d:99:58:31:c3:
5b:58:56:5c:d4:4a:1d:5e:db:e5:85:17:c8:6f:6d:98:5f:57:
c7:e6:4c:09:ee:cf:13:33:63:2b:2f:26:0d:ac:89:03:32:6f:
ad:08:87:bf:f5:7b:d6:54:ba:3c:23:48:98:ef:ef:dc:33:41:
7c:87:f8:a7:a9:bd:c7:db:6e:0c:28:a9:19:ea:03:e3:ed:d1:
e9:85:60:fe:d1:1c:5e:a3:96:97:a2:6a:9d:f2:3c:81:3a:32:
e6:99:31:1f:90:e4:ea:00:25:0c:69:f7:46:43:a0:e2:fd:08:
2d:80:79:7b:14:5a:ff:d5:9d:c6:0e:a4:b3:7c:8f:b5:c9:80:
af:4e:22:39:bb:a2:27:70:16:4b:03:4d:fa:e6:75:de:b5:1c:
d1:ef:61:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGn6S+mHJae2BGIaZAI0CO5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODMxMTAwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTM2ZGIyMTkzM2FlZDZjYzJlZmZjYzE5MzFmMjExZDgzZmZmYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOYPp2iFX86bLM26xTOnD3uD58zg
hbRjwiRruIeqw0/FjihKHUo/ErDr8L6kMWURGJBfmlFkVtpCS/8scrAldF5WKavF
NYGtbMZ9E4vrIVd0z3xBPviwmnlhP0QiaOMvV+FTAMv+o9L12DPUqwdd/Qg26KXT
uuBoIZQYxdW7UbjfqoQDgMIbsKjfYQrpWch0Cm3CMksHJYHitABDKIS/xMHYHSnE
d92Sds/IpgH0Axsq7lLNYXKt6Yu81JE60eWV/H3OfXdyuh0stTQLZTVGeoB6sY7W
H3UWiPKPWaEuWsg/FLlvYrQrnYQAYl/7Snf0klfrbmRjEH1w/OQvZMX3HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGE22yGTOu1swu/8wZMfIR2D//qDMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWVRiYklaTTY3V3pDN196Qmt4OGhIWVBfLW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwsAwQA
wlclAwQAw4URAwQAw4UnMA0GCSqGSIb3DQEBCwUAA4IBAQB7ZMhBSrlIyE9nMSrB
A13bN3vh2m/zUPdRhqFsR3woXOZB3FABAO9DGh4qNmXEMPQ03eY7xsebmn5kWMXx
uD9nEONK0Yijpi+60ZW6jjRc0kuJEwFyhcwioFeadPNrQRjrvKq7BNU/fZlYMcNb
WFZc1EodXtvlhRfIb22YX1fH5kwJ7s8TM2MrLyYNrIkDMm+tCIe/9XvWVLo8I0iY
7+/cM0F8h/inqb3H224MKKkZ6gPj7dHphWD+0Rxeo5aXomqd8jyBOjLmmTEfkOTq
ACUMafdGQ6Di/QgtgHl7FFr/1Z3GDqSzfI+1yYCvTiI5u6IncBZLA0365nXetRzR
72HN
-----END CERTIFICATE-----
Generated at Mon Sep 2 11:27:49 2024 by rpki-client on console-fra.rpki-client.org