Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/yfMIQe0zGdAB3eqgnzcTghwaWvE.roa
File: yfMIQe0zGdAB3eqgnzcTghwaWvE.roa (raw, json)
Hash identifier: i1fPDpc75D3rmxG+YA7znRvkAnIp7y7/JPpUHf4ZoBg=
Subject key identifier: C9:F3:08:41:ED:33:19:D0:01:DD:EA:A0:9F:37:13:82:1C:1A:5A:F1
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 01856DCAE3963C24D1058241DF23A6A7ABE1
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/yfMIQe0zGdAB3eqgnzcTghwaWvE.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 147.189.239.0/24 maxlen: 24
147.189.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 21:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e3:96:3c:24:d1:05:82:41:df:23:a6:a7:ab:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f30841ed3319d001ddeaa09f3713821c1a5af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:80:94:2b:bb:90:6b:d2:45:3a:1d:fd:3c:31:
c1:10:88:ed:25:c5:de:74:1d:dc:14:36:ea:bb:6b:
c7:43:78:ab:ea:2a:5d:2c:71:18:94:80:57:02:28:
41:67:eb:4e:e7:ac:fc:21:c5:f4:63:06:42:a2:d0:
6e:e8:15:c1:26:e6:2a:d5:83:49:d5:f0:77:5c:98:
c6:ad:00:d1:90:bd:de:e1:03:6b:52:7a:e0:52:5d:
e5:cf:a8:4e:06:ff:9f:b3:35:ae:83:83:94:44:c7:
65:f8:5f:64:6f:91:96:0b:79:f3:4a:d7:47:04:eb:
a9:57:f3:df:5e:38:6f:83:a4:09:14:d3:00:6d:50:
f4:2d:71:c0:85:aa:e6:3c:95:1a:f6:29:ee:24:5e:
b7:96:14:dd:bb:e7:4c:e3:f8:cb:39:79:9a:c1:72:
4e:29:6a:33:9c:d9:00:62:df:6d:c1:bc:a2:5c:4f:
ef:2b:bb:02:cf:1f:eb:a4:0d:73:8b:5f:be:32:59:
02:93:4c:d5:ee:38:ee:f8:f9:eb:29:47:d1:c0:98:
06:b1:72:b9:e3:8d:30:cb:0e:17:e3:0f:1d:ff:ca:
d4:ca:fa:68:0b:1e:9e:d7:57:ab:98:5c:93:7f:bf:
e8:f3:dd:ed:7d:d0:c0:c5:cc:2a:8b:4f:aa:34:d3:
e4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F3:08:41:ED:33:19:D0:01:DD:EA:A0:9F:37:13:82:1C:1A:5A:F1
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/yfMIQe0zGdAB3eqgnzcTghwaWvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.238.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:d1:32:b9:50:0e:d9:47:7c:74:cc:ba:ca:fa:28:d6:01:50:
84:81:60:b3:25:98:ec:43:bc:3e:61:16:04:36:43:2f:d8:7f:
4c:2c:fe:26:5e:8c:44:8d:e0:d5:47:61:8a:18:99:30:57:9f:
0e:3e:45:62:a3:12:c9:8c:e7:8d:90:4a:95:05:07:99:2a:00:
7b:5c:a0:fd:2d:f5:b3:6f:e3:97:c5:a8:78:c3:46:87:8f:2f:
d5:85:cd:55:7b:ce:0f:b3:6a:2d:0c:6b:31:b7:52:e1:5c:66:
ce:5d:be:a8:40:ed:00:6f:6f:50:ea:53:c4:77:8a:5d:32:6f:
19:c4:83:e0:18:e6:9a:e5:d8:67:0f:b6:68:62:4a:87:2c:3b:
9d:9a:79:2f:78:eb:02:00:44:e4:e9:40:d9:2b:eb:76:68:ec:
1a:b5:69:00:69:df:65:5b:50:85:69:0f:f0:de:35:e8:1a:1f:
77:eb:83:fa:66:5c:05:91:3d:71:99:d9:92:1d:7c:d1:0c:31:
01:ea:ce:1f:f1:22:91:b9:96:90:d5:36:d8:c4:cb:d4:06:37:
9d:52:f3:e3:50:32:cd:d3:13:3e:1b:b9:6e:31:17:26:0c:4f:
87:32:03:bc:94:e7:97:f5:2e:07:f3:63:5b:2f:3b:27:0c:86:
eb:35:df:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyuOWPCTRBYJB3yOmp6vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYzMDg0MWVkMzMxOWQwMDFkZGVhYTA5ZjM3MTM4MjFjMWE1YWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ICUK7uQa9JFOh39PDHBEIjtJcXe
dB3cFDbqu2vHQ3ir6ipdLHEYlIBXAihBZ+tO56z8IcX0YwZCotBu6BXBJuYq1YNJ
1fB3XJjGrQDRkL3e4QNrUnrgUl3lz6hOBv+fszWug4OURMdl+F9kb5GWC3nzStdH
BOupV/PfXjhvg6QJFNMAbVD0LXHAharmPJUa9inuJF63lhTdu+dM4/jLOXmawXJO
KWoznNkAYt9twbyiXE/vK7sCzx/rpA1zi1++MlkCk0zV7jju+PnrKUfRwJgGsXK5
440wyw4X4w8d/8rUyvpoCx6e11ermFyTf7/o893tfdDAxcwqi0+qNNPkpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnzCEHtMxnQAd3qoJ83E4IcGlrxMB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEveWZNSVFlMHpHZEFCM2VxZ256Y1RnaHdhV3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk73uMA0G
CSqGSIb3DQEBCwUAA4IBAQCM0TK5UA7ZR3x0zLrK+ijWAVCEgWCzJZjsQ7w+YRYE
NkMv2H9MLP4mXoxEjeDVR2GKGJkwV58OPkVioxLJjOeNkEqVBQeZKgB7XKD9LfWz
b+OXxah4w0aHjy/Vhc1Ve84Ps2otDGsxt1LhXGbOXb6oQO0Ab29Q6lPEd4pdMm8Z
xIPgGOaa5dhnD7ZoYkqHLDudmnkveOsCAETk6UDZK+t2aOwatWkAad9lW1CFaQ/w
3jXoGh9364P6ZlwFkT1xmdmSHXzRDDEB6s4f8SKRuZaQ1TbYxMvUBjedUvPjUDLN
0xM+G7luMRcmDE+HMgO8lOeX9S4H82NbLzsnDIbrNd+w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org