Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YcZU7kboepTM_LnPT1pwlsm6R90.roa
File: YcZU7kboepTM_LnPT1pwlsm6R90.roa (raw, json)
Hash identifier: Ra+IEEoa/6YDDZ7geuTR0GKwkxPXn6gyI1w1mk9C0Es=
Subject key identifier: 61:C6:54:EE:46:E8:7A:94:CC:FC:B9:CF:4F:5A:70:96:C9:BA:47:DD
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018DC16F6DFEA24499A82A21D5126E922204
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YcZU7kboepTM_LnPT1pwlsm6R90.roa
Signing time: Mon 19 Feb 2024 12:55:21 +0000
ROA not before: Mon 19 Feb 2024 12:55:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 45.130.54.0/23 maxlen: 23
45.138.2.0/23 maxlen: 23
213.185.94.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Mar 2024 14:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:6f:6d:fe:a2:44:99:a8:2a:21:d5:12:6e:92:22:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 19 12:55:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61c654ee46e87a94ccfcb9cf4f5a7096c9ba47dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:57:68:23:fb:27:33:91:ba:ce:01:88:7f:22:
c0:09:d7:64:ac:94:6f:e9:69:c4:4c:95:e5:70:f0:
c1:14:ea:e3:66:93:5e:8e:cc:8c:9a:2b:de:fa:7a:
3d:9c:4a:9b:f2:fc:9a:d9:41:2c:da:f9:02:15:f5:
1a:18:0e:87:d0:a1:2e:3b:e6:c1:cb:37:a4:91:3a:
2d:30:97:57:c8:f0:fa:ad:62:57:0c:93:cf:67:84:
d1:77:1d:a3:81:03:cf:d8:8e:d0:83:40:7f:27:f8:
bc:d5:1b:1f:86:0d:3c:22:7d:39:d8:cf:5b:65:6c:
6a:e9:7f:c3:83:94:13:f9:7a:1d:3b:35:66:f1:8e:
89:2a:82:dc:79:78:c8:a4:77:a9:ae:08:cf:ba:3c:
a6:0c:c1:12:7c:83:12:56:aa:72:c8:a8:07:d4:d2:
45:be:99:53:a7:17:d3:a2:ea:11:5d:03:97:30:c0:
0f:ea:84:d4:f9:e1:51:90:ff:60:3f:0b:6c:d6:81:
26:3b:76:ba:a4:0b:09:b2:e0:e4:16:4a:fe:68:7e:
ad:8d:dd:f5:ea:c8:2e:a8:42:e3:b3:67:bd:f2:76:
5a:f4:8e:12:38:0c:ac:25:4c:2c:f7:08:08:df:26:
50:83:e0:5b:71:10:fb:e2:07:03:0e:84:b0:29:55:
12:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C6:54:EE:46:E8:7A:94:CC:FC:B9:CF:4F:5A:70:96:C9:BA:47:DD
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YcZU7kboepTM_LnPT1pwlsm6R90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.54.0/23
45.138.2.0/23
213.185.94.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:5f:b8:93:e8:e9:a4:9e:91:d3:5e:7b:99:57:b1:87:54:3b:
5b:c8:61:e0:3e:38:fa:97:cb:21:16:90:cf:8d:13:5a:31:c0:
d8:8c:76:f0:0f:12:44:da:10:b6:2b:79:ab:5d:e5:e6:7e:60:
5a:13:33:d7:3d:5e:c9:02:39:90:49:8c:de:a5:5d:ad:63:86:
7b:21:9c:79:57:b6:8f:91:1f:66:63:38:a9:c3:80:a4:36:89:
cb:52:51:bf:00:82:18:97:3c:4d:3a:0f:f3:00:80:01:bb:23:
ce:10:e1:d9:5d:c7:c6:99:e1:0f:7a:fc:68:9c:6a:83:9b:7f:
3a:ee:c9:6d:53:4f:02:f3:25:ef:a0:44:8b:15:1a:7d:41:a9:
8c:31:6d:a0:b8:45:ab:f5:54:84:94:0e:d7:bb:e8:68:4b:6c:
12:84:65:93:4f:16:5e:1e:59:5d:25:61:fe:af:0a:5f:9e:07:
57:bc:7d:71:a8:74:79:d8:92:37:c5:42:44:e4:c6:79:d1:bd:
4c:37:93:72:c1:2a:f8:fd:42:21:3f:55:bf:8c:37:b2:88:42:
ce:81:fa:d5:de:65:ef:ec:af:4c:6a:3a:ed:ea:59:b2:b8:96:
a5:b8:5b:56:b8:bf:7a:1c:92:8c:a9:5f:b7:b3:5d:49:63:59:
b0:31:31:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3Bb23+okSZqCoh1RJukiIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMjE5MTI1NTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM2NTRlZTQ2ZTg3YTk0Y2NmY2I5Y2Y0ZjVhNzA5NmM5YmE0N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFdoI/snM5G6zgGIfyLACddkrJRv
6WnETJXlcPDBFOrjZpNejsyMmive+no9nEqb8vya2UEs2vkCFfUaGA6H0KEuO+bB
yzekkTotMJdXyPD6rWJXDJPPZ4TRdx2jgQPP2I7Qg0B/J/i81Rsfhg08In052M9b
ZWxq6X/Dg5QT+XodOzVm8Y6JKoLceXjIpHeprgjPujymDMESfIMSVqpyyKgH1NJF
vplTpxfTouoRXQOXMMAP6oTU+eFRkP9gPwts1oEmO3a6pAsJsuDkFkr+aH6tjd31
6sguqELjs2e98nZa9I4SOAysJUws9wgI3yZQg+BbcRD74gcDDoSwKVUSZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHGVO5G6HqUzPy5z09acJbJukfdMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWWNaVTdrYm9lcFRNX0xuUFQxcHdsc202UjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYI2AwQB
LYoCAwQB1bleMA0GCSqGSIb3DQEBCwUAA4IBAQBeX7iT6OmknpHTXnuZV7GHVDtb
yGHgPjj6l8shFpDPjRNaMcDYjHbwDxJE2hC2K3mrXeXmfmBaEzPXPV7JAjmQSYze
pV2tY4Z7IZx5V7aPkR9mYzipw4CkNonLUlG/AIIYlzxNOg/zAIABuyPOEOHZXcfG
meEPevxonGqDm3867sltU08C8yXvoESLFRp9QamMMW2guEWr9VSElA7Xu+hoS2wS
hGWTTxZeHlldJWH+rwpfngdXvH1xqHR52JI3xUJE5MZ50b1MN5NywSr4/UIhP1W/
jDeyiELOgfrV3mXv7K9Majrt6lmyuJaluFtWuL96HJKMqV+3s11JY1mwMTFv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org