Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/YNWN0krYnzvZQIh9DTTRKRPBhJc.roa
File: YNWN0krYnzvZQIh9DTTRKRPBhJc.roa (raw, json)
Hash identifier: 52YTE101qAZNsroNR1agKOPOnBrx9nGlTBXP+kBWsZY=
Subject key identifier: 60:D5:8D:D2:4A:D8:9F:3B:D9:40:88:7D:0D:34:D1:29:13:C1:84:97
Certificate issuer: /CN=97915ba80d3ed704524681488a72be991fa670dc
Certificate serial: 018EBE9C84C2A8C13728C98CF2AEF077B06B
Authority key identifier: 97:91:5B:A8:0D:3E:D7:04:52:46:81:48:8A:72:BE:99:1F:A6:70:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5FbqA0-1wRSRoFIinK-mR-mcNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/YNWN0krYnzvZQIh9DTTRKRPBhJc.roa
Signing time: Mon 08 Apr 2024 16:48:32 +0000
ROA not before: Mon 08 Apr 2024 16:48:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 91.193.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:37:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:9c:84:c2:a8:c1:37:28:c9:8c:f2:ae:f0:77:b0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97915ba80d3ed704524681488a72be991fa670dc
Validity
Not Before: Apr 8 16:48:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60d58dd24ad89f3bd940887d0d34d12913c18497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f3:3f:80:7a:59:cd:66:6d:98:84:82:1a:65:
2f:f8:c0:00:3f:21:a6:75:c5:e2:86:60:2c:cd:63:
29:0b:94:4e:01:c1:bc:e0:9f:df:57:2f:03:79:89:
e0:d3:b4:15:5f:78:ff:8c:94:32:2f:81:9a:3f:45:
f5:66:bd:12:7a:b2:72:ad:ad:24:df:ef:b7:61:24:
63:7f:47:c7:31:53:be:35:df:5f:6f:52:2d:10:87:
00:64:86:8d:6c:25:f9:50:9f:4f:6b:2b:30:b3:9f:
5c:f7:0d:34:fb:e7:32:90:a6:e2:ec:bc:c9:57:dd:
29:fd:bc:96:63:6f:13:10:46:8b:53:0c:43:80:d3:
01:aa:d4:3a:be:50:7d:c9:b8:07:b3:1d:41:f6:3e:
8e:59:13:b8:75:37:be:32:b8:2f:17:b7:aa:7c:7c:
f9:f0:73:d8:bc:6a:9b:92:01:22:10:b7:03:ee:55:
6d:6b:a7:1b:61:56:94:d2:d4:88:86:99:ab:76:06:
eb:7f:f1:32:8e:21:70:25:ae:51:8b:79:16:50:7a:
2d:b2:12:58:7e:ef:aa:60:7c:61:37:0c:09:44:73:
f2:15:3a:b9:db:a0:e3:5c:a8:4e:2e:ec:fe:ef:02:
b6:f1:10:ba:27:94:53:96:4b:c9:d2:d5:d9:c1:eb:
e0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D5:8D:D2:4A:D8:9F:3B:D9:40:88:7D:0D:34:D1:29:13:C1:84:97
X509v3 Authority Key Identifier:
keyid:97:91:5B:A8:0D:3E:D7:04:52:46:81:48:8A:72:BE:99:1F:A6:70:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5FbqA0-1wRSRoFIinK-mR-mcNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/YNWN0krYnzvZQIh9DTTRKRPBhJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/870bf0-9166-4f60-a603-707b0a38b1e0/1/l5FbqA0-1wRSRoFIinK-mR-mcNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.24.0/24
Signature Algorithm: sha256WithRSAEncryption
30:0a:50:3d:35:dd:4d:55:8f:95:55:b0:f8:c9:c1:c3:16:ff:
88:f7:1d:fb:5c:ca:00:8d:e6:c2:a6:f0:77:c9:ae:bb:fd:7d:
07:5a:99:97:bb:2c:e1:61:c6:67:d6:f3:fc:e9:30:dc:7b:e4:
4d:88:79:b7:28:9b:9f:66:d9:7f:11:8f:96:3f:d4:5a:16:5a:
ce:76:35:bc:68:59:69:75:32:6f:86:a5:eb:b1:76:2a:12:6a:
7d:04:ee:c7:db:bb:6d:39:d6:48:81:9e:9c:12:9b:fc:6c:de:
27:9b:6c:91:69:4f:b0:ab:d3:46:8d:ba:82:ea:87:90:bb:dc:
ff:0b:29:ab:ed:72:3e:96:a2:91:2c:0d:11:3a:dc:99:31:c3:
0a:39:9f:5b:dc:6b:44:fa:4b:ae:ba:62:a5:ff:bc:2c:7f:13:
72:9c:b5:07:f0:d4:bc:a3:f0:3f:fa:33:2e:77:cf:b9:79:9d:
0c:a5:83:07:51:97:e4:b2:ca:59:58:f4:da:d3:8e:60:15:43:
56:81:b1:a6:1e:62:49:0a:8f:9b:8d:b9:ce:8a:7a:dc:87:c8:
7f:83:47:c8:d3:00:67:c1:63:bf:3c:70:ad:a7:49:23:c2:f0:
46:ce:f4:e5:90:7a:4b:d1:d2:6c:d4:85:32:95:8e:a6:30:9b:
b4:da:74:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6+nITCqME3KMmM8q7wd7BrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTE1YmE4MGQzZWQ3MDQ1MjQ2ODE0ODhhNzJiZTk5MWZh
NjcwZGMwHhcNMjQwNDA4MTY0ODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ1OGRkMjRhZDg5ZjNiZDk0MDg4N2QwZDM0ZDEyOTEzYzE4NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvM/gHpZzWZtmISCGmUv+MAAPyGm
dcXihmAszWMpC5ROAcG84J/fVy8DeYng07QVX3j/jJQyL4GaP0X1Zr0SerJyra0k
3++3YSRjf0fHMVO+Nd9fb1ItEIcAZIaNbCX5UJ9Paysws59c9w00++cykKbi7LzJ
V90p/byWY28TEEaLUwxDgNMBqtQ6vlB9ybgHsx1B9j6OWRO4dTe+MrgvF7eqfHz5
8HPYvGqbkgEiELcD7lVta6cbYVaU0tSIhpmrdgbrf/EyjiFwJa5Ri3kWUHotshJY
fu+qYHxhNwwJRHPyFTq526DjXKhOLuz+7wK28RC6J5RTlkvJ0tXZwevgLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDVjdJK2J872UCIfQ000SkTwYSXMB8GA1UdIwQY
MBaAFJeRW6gNPtcEUkaBSIpyvpkfpnDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVGYnFBMC0xd1JTUm9GSWluSy1tUi1tY053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NzBiZjAtOTE2Ni00ZjYwLWE2MDMt
NzA3YjBhMzhiMWUwLzEvWU5XTjBrclluenZaUUloOURUVFJLUlBCaEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NzBiZjAtOTE2Ni00ZjYwLWE2MDMtNzA3YjBhMzhiMWUw
LzEvbDVGYnFBMC0xd1JTUm9GSWluSy1tUi1tY053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8EYMA0G
CSqGSIb3DQEBCwUAA4IBAQAwClA9Nd1NVY+VVbD4ycHDFv+I9x37XMoAjebCpvB3
ya67/X0HWpmXuyzhYcZn1vP86TDce+RNiHm3KJufZtl/EY+WP9RaFlrOdjW8aFlp
dTJvhqXrsXYqEmp9BO7H27ttOdZIgZ6cEpv8bN4nm2yRaU+wq9NGjbqC6oeQu9z/
Cymr7XI+lqKRLA0ROtyZMcMKOZ9b3GtE+kuuumKl/7wsfxNynLUH8NS8o/A/+jMu
d8+5eZ0MpYMHUZfksspZWPTa045gFUNWgbGmHmJJCo+bjbnOinrch8h/g0fI0wBn
wWO/PHCtp0kjwvBGzvTlkHpL0dJs1IUylY6mMJu02nTW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:58 2025 by rpki-client