Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/YG7NLabwL33UwGFPVHSiju2xrVI.roa
File: YG7NLabwL33UwGFPVHSiju2xrVI.roa (raw, json)
Hash identifier: gDl6xdKsbtmUiCulK4aKJrN2dgjRV59gyAFqPnDBveE=
Subject key identifier: 60:6E:CD:2D:A6:F0:2F:7D:D4:C0:61:4F:54:74:A2:8E:ED:B1:AD:52
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 01928A597704361F0711A4ADCB1DDE5DCB25
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/YG7NLabwL33UwGFPVHSiju2xrVI.roa
Signing time: Mon 14 Oct 2024 09:26:11 +0000
ROA not before: Mon 14 Oct 2024 09:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204958
IP address blocks: 45.156.113.0/24 maxlen: 24
152.89.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 10:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:59:77:04:36:1f:07:11:a4:ad:cb:1d:de:5d:cb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Oct 14 09:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=606ecd2da6f02f7dd4c0614f5474a28eedb1ad52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:21:b5:d0:82:c2:0c:9f:22:9c:59:2d:8f:f5:
34:3f:48:d1:3b:dc:25:19:04:d1:21:24:0e:26:91:
5f:d4:a6:d3:6d:64:a4:6c:ad:0b:a7:6e:17:f5:d3:
21:86:54:c5:ba:d0:a7:15:89:ab:2d:d6:cf:a7:a9:
5e:84:99:61:e8:24:37:a2:45:27:f1:5e:db:20:dc:
0a:21:84:1c:31:99:33:11:83:93:e6:08:2d:eb:35:
52:2e:2d:9b:d3:22:98:13:99:d6:e7:fa:9a:4f:4e:
a4:1b:9c:4b:d0:76:a9:f9:45:f5:5d:03:49:57:5b:
cf:06:60:5d:ac:7b:3a:a1:91:f2:db:0a:2f:54:eb:
5d:8a:c5:7b:cb:80:3b:d7:20:8e:85:97:dd:2b:88:
fb:a2:2c:33:2a:cb:2f:cc:e1:96:d6:b5:70:7c:f3:
1d:81:5e:95:99:6e:c3:22:c7:5f:ae:ce:76:ff:c3:
7f:ef:05:7e:8a:2e:aa:3b:27:08:70:b7:f0:57:4e:
fe:e6:a0:70:fc:ec:e6:9b:44:71:6f:93:15:4f:cc:
07:5f:66:5a:9e:be:f7:97:f8:44:08:2e:a4:85:35:
22:e4:8e:45:54:29:40:e9:d2:45:69:d7:bc:6e:53:
12:11:de:49:48:5f:30:c8:68:26:95:21:f4:45:bb:
6b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6E:CD:2D:A6:F0:2F:7D:D4:C0:61:4F:54:74:A2:8E:ED:B1:AD:52
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/YG7NLabwL33UwGFPVHSiju2xrVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.113.0/24
152.89.169.0/24
Signature Algorithm: sha256WithRSAEncryption
01:fc:93:53:dc:6c:6f:45:79:f4:30:b6:8b:c1:d0:c3:0f:2a:
7a:8b:72:db:8b:6f:db:94:ee:c8:29:e7:7e:99:bf:b3:cc:50:
bd:c7:a0:09:0d:48:f1:2a:6a:8a:29:17:bf:7b:00:ee:b1:78:
a5:db:80:f6:fa:c7:41:f8:f4:6d:de:95:69:a8:4d:40:61:db:
17:84:d4:f9:9e:14:ca:18:eb:26:db:5c:64:0c:7d:4b:6c:19:
64:96:83:84:5d:c8:da:1c:1f:4d:be:fc:3a:cf:fc:a0:5e:5f:
d6:ca:ba:f8:10:02:be:a1:38:e0:04:b7:23:d7:ff:a7:e9:08:
80:3e:8d:40:16:59:c5:00:87:b3:ae:46:9b:b3:26:9a:fa:df:
df:d1:28:11:01:2c:8d:85:89:25:84:07:c6:2a:0c:5d:e7:50:
c5:76:67:f5:84:5a:70:7d:ad:3c:1c:57:d6:e6:05:6e:96:69:
6f:d7:18:d6:b9:06:6d:1b:5a:e2:fa:67:eb:76:ad:88:05:0a:
3e:c2:49:e9:54:95:ab:d6:24:89:c2:e6:35:1f:4c:f9:50:10:
27:4f:96:50:b1:49:ca:51:8c:4b:ce:87:df:7f:1f:c6:60:1b:
9c:24:f4:85:ef:64:c8:8f:e7:64:a6:9a:40:50:1e:05:bf:70:
51:36:cb:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKKWXcENh8HEaStyx3eXcslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQxMDE0MDkyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZlY2QyZGE2ZjAyZjdkZDRjMDYxNGY1NDc0YTI4ZWVkYjFhZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iG10ILCDJ8inFktj/U0P0jRO9wl
GQTRISQOJpFf1KbTbWSkbK0Lp24X9dMhhlTFutCnFYmrLdbPp6lehJlh6CQ3okUn
8V7bINwKIYQcMZkzEYOT5ggt6zVSLi2b0yKYE5nW5/qaT06kG5xL0Hap+UX1XQNJ
V1vPBmBdrHs6oZHy2wovVOtdisV7y4A71yCOhZfdK4j7oiwzKssvzOGW1rVwfPMd
gV6VmW7DIsdfrs52/8N/7wV+ii6qOycIcLfwV07+5qBw/Ozmm0Rxb5MVT8wHX2Za
nr73l/hECC6khTUi5I5FVClA6dJFade8blMSEd5JSF8wyGgmlSH0RbtrpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGBuzS2m8C991MBhT1R0oo7tsa1SMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvWUc3TkxhYndMMzNVd0dGUFZIU2lqdTJ4clZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZxxAwQA
mFmpMA0GCSqGSIb3DQEBCwUAA4IBAQAB/JNT3GxvRXn0MLaLwdDDDyp6i3Lbi2/b
lO7IKed+mb+zzFC9x6AJDUjxKmqKKRe/ewDusXil24D2+sdB+PRt3pVpqE1AYdsX
hNT5nhTKGOsm21xkDH1LbBlkloOEXcjaHB9Nvvw6z/ygXl/Wyrr4EAK+oTjgBLcj
1/+n6QiAPo1AFlnFAIezrkabsyaa+t/f0SgRASyNhYklhAfGKgxd51DFdmf1hFpw
fa08HFfW5gVulmlv1xjWuQZtG1ri+mfrdq2IBQo+wknpVJWr1iSJwuY1H0z5UBAn
T5ZQsUnKUYxLzofffx/GYBucJPSF72TIj+dkpppAUB4Fv3BRNsvn
-----END CERTIFICATE-----
Generated at Mon Nov 11 14:44:09 2024 by rpki-client on console-fra.rpki-client.org