Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YcKgZFHWUeKNwFEpQmt-hKZsucI.roa
File: YcKgZFHWUeKNwFEpQmt-hKZsucI.roa (raw, json)
Hash identifier: kV+DN+ENYBhfSSDYE6woNTcGENbCifIV5rzoB/qK1pg=
Subject key identifier: 61:C2:A0:64:51:D6:51:E2:8D:C0:51:29:42:6B:7E:84:A6:6C:B9:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018835EADEF5A753237B0CDF86AA18E19690
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YcKgZFHWUeKNwFEpQmt-hKZsucI.roa
Signing time: Fri 19 May 2023 21:29:24 +0000
ROA not before: Fri 19 May 2023 21:29:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 87.121.45.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 13:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:ea:de:f5:a7:53:23:7b:0c:df:86:aa:18:e1:96:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 21:29:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c2a06451d651e28dc05129426b7e84a66cb9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:fe:97:24:8b:1f:53:68:5c:0b:83:0a:d9:
d8:34:77:ef:f6:13:77:d2:5c:0a:5e:56:2f:30:c3:
6c:29:53:9d:cd:ac:10:b1:63:b1:f9:c8:8e:a0:28:
32:23:a5:cf:65:e8:85:8f:7b:f1:d8:13:e6:f3:a3:
80:5c:b6:0b:60:7c:44:05:77:ac:69:2b:eb:92:f9:
03:87:16:14:f8:cb:33:65:c9:e3:08:6b:00:d4:43:
da:76:85:78:2e:10:b3:95:96:72:6c:13:b9:9d:16:
a4:36:fb:f0:1f:1e:61:5f:a9:af:16:01:5c:81:5c:
cd:0a:11:4b:55:49:f2:df:de:06:ee:de:b3:95:19:
db:5b:54:13:71:02:87:d6:fc:aa:a0:df:3a:b5:78:
d4:d3:6a:86:6c:62:c2:e1:60:47:41:38:06:05:8e:
ef:41:54:f8:a7:12:e9:ed:23:ae:96:bd:ae:f2:99:
0f:f1:6a:8f:80:23:c7:6a:41:ba:37:40:63:90:2c:
2c:cf:c0:5f:fe:07:5a:58:fe:54:64:e8:e6:72:81:
63:eb:fb:2f:11:9d:5e:06:96:a1:f5:1b:d1:be:de:
db:6b:e7:70:b8:ae:f7:0d:78:34:c4:ee:f6:3d:0d:
06:f7:18:58:c5:84:23:b5:74:c4:48:6b:2c:c1:10:
72:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C2:A0:64:51:D6:51:E2:8D:C0:51:29:42:6B:7E:84:A6:6C:B9:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YcKgZFHWUeKNwFEpQmt-hKZsucI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.45.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b3:61:a1:e1:1b:08:12:66:2a:85:bd:16:a5:dd:6d:f0:e6:
b1:03:0d:01:f0:a0:f2:4c:65:c5:c0:ef:7f:2e:c7:46:08:ca:
bc:96:af:b7:a6:7e:96:68:9f:ba:7e:bf:c4:53:07:dc:1c:63:
29:3d:fe:87:bd:33:3e:76:c1:61:d8:64:e9:b6:f0:ba:38:30:
4d:46:fd:da:d9:69:5b:57:9c:23:80:95:88:54:43:ae:67:ff:
21:39:db:0a:25:01:17:fc:b2:20:5b:30:b2:49:d2:91:cf:04:
02:b0:b7:82:e6:60:7e:6a:c9:7e:be:73:ca:c5:92:9e:2b:8b:
ec:ec:07:f2:83:67:24:0a:17:bd:c5:64:e1:f9:5c:ff:0d:49:
32:f0:b2:92:3c:9c:2a:0b:ed:bb:2c:28:10:ea:20:c5:d9:e4:
01:ab:d0:d4:26:4c:cc:20:b7:7e:de:ea:b8:be:2e:b3:03:c5:
84:8e:8b:aa:d2:06:f6:6a:44:0e:6e:54:40:36:a8:41:52:3a:
2f:cf:57:77:82:a4:a9:e4:f1:20:de:6c:9c:12:d0:fb:08:a0:
f9:86:9f:89:f8:a4:e9:1c:1d:d6:d6:06:ab:8b:22:6e:ff:b4:
68:b4:d1:4e:cf:58:33:ec:2a:03:41:3c:83:61:ff:a0:e8:6e:
9d:36:e9:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYg16t71p1MjewzfhqoY4ZaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MjEyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWMyYTA2NDUxZDY1MWUyOGRjMDUxMjk0MjZiN2U4NGE2NmNiOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZT+lySLH1NoXAuDCtnYNHfv9hN3
0lwKXlYvMMNsKVOdzawQsWOx+ciOoCgyI6XPZeiFj3vx2BPm86OAXLYLYHxEBXes
aSvrkvkDhxYU+MszZcnjCGsA1EPadoV4LhCzlZZybBO5nRakNvvwHx5hX6mvFgFc
gVzNChFLVUny394G7t6zlRnbW1QTcQKH1vyqoN86tXjU02qGbGLC4WBHQTgGBY7v
QVT4pxLp7SOulr2u8pkP8WqPgCPHakG6N0BjkCwsz8Bf/gdaWP5UZOjmcoFj6/sv
EZ1eBpah9RvRvt7ba+dwuK73DXg0xO72PQ0G9xhYxYQjtXTESGsswRByEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGHCoGRR1lHijcBRKUJrfoSmbLnCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWWNLZ1pGSFdVZUtOd0ZFcFFtdC1oS1pzdWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3ktAwQA
wjsfMA0GCSqGSIb3DQEBCwUAA4IBAQCis2Gh4RsIEmYqhb0Wpd1t8OaxAw0B8KDy
TGXFwO9/LsdGCMq8lq+3pn6WaJ+6fr/EUwfcHGMpPf6HvTM+dsFh2GTptvC6ODBN
Rv3a2WlbV5wjgJWIVEOuZ/8hOdsKJQEX/LIgWzCySdKRzwQCsLeC5mB+asl+vnPK
xZKeK4vs7Afyg2ckChe9xWTh+Vz/DUky8LKSPJwqC+27LCgQ6iDF2eQBq9DUJkzM
ILd+3uq4vi6zA8WEjouq0gb2akQOblRANqhBUjovz1d3gqSp5PEg3mycEtD7CKD5
hp+J+KTpHB3W1gariyJu/7RotNFOz1gz7CoDQTyDYf+g6G6dNunA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:36 2024 by rpki-client on console-ams.rpki-client.org