Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yjWEsV5A8ywcKisPJgIlojSHjIE.roa
File: yjWEsV5A8ywcKisPJgIlojSHjIE.roa (raw, json)
Hash identifier: MzRAEf8MgLW3nKSwPoa2PRQPx7OQEUkPwy0+r1rabhc=
Subject key identifier: CA:35:84:B1:5E:40:F3:2C:1C:2A:2B:0F:26:02:25:A2:34:87:8C:81
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D79ED5EE7DEF9DB2E695DB731B016E384
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yjWEsV5A8ywcKisPJgIlojSHjIE.roa
Signing time: Mon 05 Feb 2024 15:40:15 +0000
ROA not before: Mon 05 Feb 2024 15:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 94.156.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 10:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:ed:5e:e7:de:f9:db:2e:69:5d:b7:31:b0:16:e3:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 5 15:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca3584b15e40f32c1c2a2b0f260225a234878c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:f2:f1:74:85:c6:bb:a4:4e:4a:fd:50:8c:
a5:67:ba:36:fe:f6:ce:3f:4b:de:fd:ba:68:30:89:
b0:9b:a1:eb:f9:61:74:8f:cf:48:9a:89:e7:8f:1e:
10:ab:19:fd:a6:ca:6c:14:f0:f8:45:e5:12:87:24:
14:cb:f4:bc:4b:00:59:cf:1a:d8:79:e2:ae:e7:d0:
93:a4:4f:60:b0:68:2b:a4:8c:70:8c:be:dd:f5:d2:
17:d9:bb:c1:d2:ad:a0:f6:82:b9:5c:7b:ef:d9:8c:
5f:a0:0a:c0:3f:66:9a:2d:92:93:9b:cc:dd:78:ed:
9b:3e:0d:99:93:ba:55:22:a1:6f:aa:50:be:8e:23:
93:26:46:aa:3b:4d:91:49:2f:35:a4:70:28:09:fe:
7b:65:50:9d:8d:25:79:f8:6c:19:45:ee:60:93:5c:
d8:b1:d4:d1:a2:2c:af:ee:11:9b:98:01:f3:51:66:
d5:8b:9e:39:30:13:15:8f:a9:94:e0:7f:02:f4:d0:
11:40:43:cb:18:88:33:43:9b:da:6a:c5:94:12:2e:
5a:c6:a8:aa:eb:68:90:2b:0f:d5:bc:34:f5:aa:89:
87:b9:af:6d:1f:42:33:cf:88:6b:f3:99:18:f4:f1:
fe:ff:c5:23:56:c4:69:e9:88:d8:3d:53:b2:3b:4e:
54:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:35:84:B1:5E:40:F3:2C:1C:2A:2B:0F:26:02:25:A2:34:87:8C:81
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yjWEsV5A8ywcKisPJgIlojSHjIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.253.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:be:a6:af:32:3d:cb:4b:e4:d0:b2:b5:6f:e1:d0:4c:58:ae:
73:1b:4d:fc:6d:a5:2b:4e:b5:b2:8f:d4:1b:45:01:12:c7:8b:
5e:43:a1:fd:bd:3b:d5:8e:0c:7c:5c:d8:86:99:a1:65:d5:83:
46:d8:9b:a5:b7:93:82:e2:5c:90:ea:fb:65:65:04:9f:c3:88:
c0:0c:ea:ae:fe:86:de:fa:37:05:40:28:59:40:38:20:b0:fe:
3f:9b:b5:38:a8:21:a9:88:6d:bf:e1:98:f2:50:cb:91:45:17:
b7:22:15:ad:5a:ca:38:43:d6:31:aa:b6:ed:8d:e6:94:02:47:
9e:cf:64:b8:24:e0:ca:df:2f:b7:ea:77:48:d3:69:7e:22:b3:
4b:f0:0b:2e:47:ab:6f:a6:3c:c3:a6:5e:3c:1e:dd:b6:66:07:
d2:a2:53:df:67:e8:af:fe:0e:c5:09:18:77:b5:7d:50:e8:4d:
ac:ee:e8:6e:ab:41:a1:5d:20:75:f1:a1:10:b8:4e:64:5b:a8:
da:a8:a4:36:e8:b7:6e:d9:ee:63:f5:3f:ca:35:c1:26:c6:ba:
9f:90:97:7c:eb:fd:09:3c:ae:46:92:b6:82:7d:b7:fa:e6:4f:
d0:63:65:1c:b8:cf:8b:85:85:61:a2:ee:85:ce:23:af:61:4f:
11:c0:cc:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY157V7n3vnbLmldtzGwFuOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA1MTU0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM1ODRiMTVlNDBmMzJjMWMyYTJiMGYyNjAyMjVhMjM0ODc4YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigDy8XSFxrukTkr9UIylZ7o2/vbO
P0ve/bpoMImwm6Hr+WF0j89Imonnjx4Qqxn9pspsFPD4ReUShyQUy/S8SwBZzxrY
eeKu59CTpE9gsGgrpIxwjL7d9dIX2bvB0q2g9oK5XHvv2YxfoArAP2aaLZKTm8zd
eO2bPg2Zk7pVIqFvqlC+jiOTJkaqO02RSS81pHAoCf57ZVCdjSV5+GwZRe5gk1zY
sdTRoiyv7hGbmAHzUWbVi545MBMVj6mU4H8C9NARQEPLGIgzQ5vaasWUEi5axqiq
62iQKw/VvDT1qomHua9tH0Izz4hr85kY9PH+/8UjVsRp6YjYPVOyO05U4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMo1hLFeQPMsHCorDyYCJaI0h4yBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveWpXRXNWNUE4eXdjS2lzUEpnSWxvalNIaklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpz9MA0G
CSqGSIb3DQEBCwUAA4IBAQCsvqavMj3LS+TQsrVv4dBMWK5zG038baUrTrWyj9Qb
RQESx4teQ6H9vTvVjgx8XNiGmaFl1YNG2Jult5OC4lyQ6vtlZQSfw4jADOqu/obe
+jcFQChZQDggsP4/m7U4qCGpiG2/4ZjyUMuRRRe3IhWtWso4Q9YxqrbtjeaUAkee
z2S4JODK3y+36ndI02l+IrNL8AsuR6tvpjzDpl48Ht22ZgfSolPfZ+iv/g7FCRh3
tX1Q6E2s7uhuq0GhXSB18aEQuE5kW6jaqKQ26Ldu2e5j9T/KNcEmxrqfkJd86/0J
PK5GkraCfbf65k/QY2UcuM+LhYVhou6FziOvYU8RwMy3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:47 2024 by rpki-client on console-ams.rpki-client.org