Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/YfziKKlcVUeUwJGEgv1Msedk6gY.roa
File: YfziKKlcVUeUwJGEgv1Msedk6gY.roa (raw, json)
Hash identifier: Cje8ub9UBfZVSLbgLnCTHcAk7Lr6ZWsfsfYhJw08R04=
Subject key identifier: 61:FC:E2:28:A9:5C:55:47:94:C0:91:84:82:FD:4C:B1:E7:64:EA:06
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018570F0A6A874DA4D605BAF712A4C1B9392
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/YfziKKlcVUeUwJGEgv1Msedk6gY.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199055
IP address blocks: 25.240.0.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a6:a8:74:da:4d:60:5b:af:71:2a:4c:1b:93:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61fce228a95c554794c0918482fd4cb1e764ea06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:92:9c:ac:7b:58:c9:04:51:38:28:28:42:a1:
e9:24:59:4b:85:dc:d0:06:b9:e9:ca:29:a1:0b:db:
2e:28:b0:d5:0b:f0:3f:eb:46:5e:93:fd:92:be:e4:
46:d2:3f:13:11:5e:22:ee:a6:05:ac:6e:ef:6d:21:
db:30:e0:90:58:6f:29:20:eb:8d:0f:e8:a5:11:7c:
19:bc:eb:53:95:c4:86:e9:56:47:cf:f2:8e:b2:ca:
78:32:15:24:73:e4:82:30:be:cd:1d:dd:3c:23:1d:
4b:be:e5:d7:50:27:bd:c6:f3:2b:30:2a:92:7d:6f:
fc:b3:d1:5f:48:dc:64:b1:a6:cb:b3:4f:e7:bc:9e:
4d:43:a4:42:2d:50:3f:52:b0:17:29:45:6f:cc:6a:
a4:33:a7:b2:45:42:cc:54:d1:07:7f:d7:35:8c:db:
c9:e1:65:f3:0c:fc:90:36:62:07:dd:9f:56:ce:6f:
e9:6f:ed:be:24:a4:4e:11:e8:8d:6a:b6:5b:41:2e:
3c:66:ad:c4:51:00:2d:43:3c:7b:e6:e1:71:67:d5:
16:22:90:58:86:b2:96:eb:9d:3e:13:d9:d0:27:93:
56:07:6e:59:bd:89:2e:83:43:9e:07:2d:92:49:f7:
18:ce:b1:f8:20:d8:69:90:97:8b:95:65:c5:2c:0f:
8c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FC:E2:28:A9:5C:55:47:94:C0:91:84:82:FD:4C:B1:E7:64:EA:06
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/YfziKKlcVUeUwJGEgv1Msedk6gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.240.0.0/21
Signature Algorithm: sha256WithRSAEncryption
25:02:00:af:1e:94:46:df:da:8a:3e:90:a1:4b:35:7b:1f:1c:
80:8c:a2:ed:2b:d5:32:df:14:0b:dd:22:be:39:2a:84:1c:43:
2e:f4:2f:ad:60:72:93:16:a8:cb:4c:95:29:09:92:5e:64:1c:
41:8d:a8:62:da:bb:d6:6e:48:d9:e1:2b:84:72:ba:07:e6:e2:
23:f8:92:0e:8c:00:4d:d5:65:78:ed:6c:4d:c8:21:03:e0:8d:
ce:84:6a:86:ed:47:32:1e:31:27:24:08:ee:a9:41:75:21:29:
7a:07:78:0a:a8:b2:42:44:5d:ec:4d:17:86:ff:56:d3:93:42:
cd:f2:26:66:65:72:8a:a0:84:e5:6c:38:04:df:3d:60:c4:87:
23:61:b3:bf:59:bb:51:dd:ce:a7:4d:37:88:3d:9c:b8:13:ac:
71:ab:d4:72:91:ab:d8:ab:a7:da:b4:ea:20:ca:58:ef:90:2c:
1b:7a:d9:26:3c:72:62:74:fe:2e:ec:e0:fc:a6:3e:04:72:56:
4a:61:af:c5:8b:5f:f8:99:11:c0:4c:41:aa:90:ca:0a:dc:cd:
01:a3:48:06:76:29:ca:d7:07:06:2b:f8:97:5e:73:a0:d6:bb:
6a:f2:cf:3d:b8:28:2f:c3:ba:3a:9a:58:a5:e3:98:00:19:50:
9d:7c:c1:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KaodNpNYFuvcSpMG5OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZjZTIyOGE5NWM1NTQ3OTRjMDkxODQ4MmZkNGNiMWU3NjRlYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpKcrHtYyQRROCgoQqHpJFlLhdzQ
BrnpyimhC9suKLDVC/A/60Zek/2SvuRG0j8TEV4i7qYFrG7vbSHbMOCQWG8pIOuN
D+ilEXwZvOtTlcSG6VZHz/KOssp4MhUkc+SCML7NHd08Ix1LvuXXUCe9xvMrMCqS
fW/8s9FfSNxksabLs0/nvJ5NQ6RCLVA/UrAXKUVvzGqkM6eyRULMVNEHf9c1jNvJ
4WXzDPyQNmIH3Z9Wzm/pb+2+JKROEeiNarZbQS48Zq3EUQAtQzx75uFxZ9UWIpBY
hrKW650+E9nQJ5NWB25ZvYkug0OeBy2SSfcYzrH4INhpkJeLlWXFLA+MPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGH84iipXFVHlMCRhIL9TLHnZOoGMB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvWWZ6aUtLbGNWVWVVd0pHRWd2MU1zZWRrNmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDGfAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlAgCvHpRG39qKPpChSzV7HxyAjKLtK9Uy3xQL3SK+
OSqEHEMu9C+tYHKTFqjLTJUpCZJeZBxBjahi2rvWbkjZ4SuEcroH5uIj+JIOjABN
1WV47WxNyCED4I3OhGqG7UcyHjEnJAjuqUF1ISl6B3gKqLJCRF3sTReG/1bTk0LN
8iZmZXKKoITlbDgE3z1gxIcjYbO/WbtR3c6nTTeIPZy4E6xxq9RykavYq6fatOog
yljvkCwbetkmPHJidP4u7OD8pj4EclZKYa/Fi1/4mRHATEGqkMoK3M0Bo0gGdinK
1wcGK/iXXnOg1rtq8s89uCgvw7o6mlil45gAGVCdfMF3
-----END CERTIFICATE-----
Generated at Wed Sep 6 11:09:10 2023 by rpki-client on console-ams.rpki-client.org