Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Ykn9WjDnQA20aAvscSGHc80tUeI.roa
File: Ykn9WjDnQA20aAvscSGHc80tUeI.roa (raw, json)
Hash identifier: B1Cm0OWSh7yJ7bcJvcI0I+rfkiYBbVY3jIgYGAfpksI=
Subject key identifier: 62:49:FD:5A:30:E7:40:0D:B4:68:0B:EC:71:21:87:73:CD:2D:51:E2
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 01856F14D34BB4C861A30A07EE7EA5BCDF6A
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Ykn9WjDnQA20aAvscSGHc80tUeI.roa
Signing time: Sun 01 Jan 2023 20:45:13 +0000
ROA not before: Sun 01 Jan 2023 20:45:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 212.30.58.0/24 maxlen: 24
212.30.57.0/24 maxlen: 24
212.30.56.0/24 maxlen: 24
212.30.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d3:4b:b4:c8:61:a3:0a:07:ee:7e:a5:bc:df:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 1 20:45:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6249fd5a30e7400db4680bec71218773cd2d51e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:4f:5f:6b:a9:d4:1b:cb:62:3d:93:70:3e:
be:12:f0:ce:49:3d:e7:5b:55:22:20:12:c8:69:80:
c6:82:f9:8c:18:94:e7:81:6a:fc:e0:60:5b:c4:21:
18:30:b6:84:6d:f8:e8:4b:f2:5b:46:eb:03:59:71:
ed:68:7f:cc:c1:1b:af:ea:58:ec:15:54:2c:c6:90:
d5:e1:d4:e6:3d:3a:55:6f:1f:8e:9f:d0:1e:c1:f5:
b0:93:9d:ca:17:68:c6:f5:63:ab:88:5b:f9:ed:f4:
58:15:f4:be:37:7f:2b:9a:16:7a:30:37:56:2a:c1:
7f:49:f2:7f:f6:d5:09:00:be:8d:9d:91:d9:76:02:
c4:92:90:33:da:5c:fd:ce:56:9a:8b:73:dd:9e:e5:
c2:34:a4:4b:2a:69:fa:01:6f:72:c0:51:3e:58:ce:
b6:e0:32:99:5c:61:00:04:7b:18:f9:e0:5f:fb:a6:
32:38:2e:3c:d3:b2:2a:95:8b:90:5b:39:3d:8f:65:
cd:e0:00:13:af:fc:ec:a7:67:5e:cf:a1:ce:77:f7:
1e:4e:6c:d1:53:a1:8f:0a:cd:2e:75:10:fc:22:76:
9b:e8:b8:b5:7a:22:43:4c:ed:07:ea:d8:04:ab:50:
86:87:87:ae:b9:45:82:84:3d:69:03:3d:cd:22:92:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:49:FD:5A:30:E7:40:0D:B4:68:0B:EC:71:21:87:73:CD:2D:51:E2
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/Ykn9WjDnQA20aAvscSGHc80tUeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.30.56.0/22
Signature Algorithm: sha256WithRSAEncryption
99:fa:b3:77:8f:93:5c:54:ea:39:49:34:b6:a5:b8:92:51:5b:
73:68:10:94:2b:e1:b5:69:90:00:26:63:01:dc:da:5c:d5:37:
5f:aa:73:91:b8:e2:ef:37:b5:02:12:b1:52:02:89:14:ec:aa:
1f:fc:0f:a0:ad:54:e0:ea:c5:a8:9a:cf:66:12:28:5b:46:e0:
5a:6c:18:72:3e:6c:d2:b0:af:1f:bd:d5:77:a0:3a:66:03:51:
df:b0:3f:96:6d:da:31:18:61:22:a9:d9:00:c7:49:74:87:ae:
3c:c2:cb:84:fc:77:d3:64:8b:bd:ae:ea:b3:c4:17:c8:cb:0c:
6e:87:35:35:45:0b:d0:30:86:6f:1b:65:54:10:f9:bb:21:70:
56:6f:3f:b6:c1:1a:c1:c3:03:c7:d4:7d:f9:88:85:f9:61:7f:
9f:c9:48:ee:b1:0c:5e:e1:d7:db:d2:41:bb:6f:38:d0:61:c9:
49:f4:23:04:9a:97:38:94:3d:fd:b7:37:2f:29:f4:13:b1:10:
40:1a:47:08:29:65:ac:9e:53:20:4e:fb:98:95:34:09:ca:be:
59:88:e0:44:5e:9d:4c:fc:a1:a2:b9:f7:91:91:1c:0b:f4:78:
8a:13:9c:71:d8:fa:df:77:44:20:a0:09:30:9e:61:6f:21:66:
b1:c6:46:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNNLtMhhowoH7n6lvN9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjMwMTAxMjA0NTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQ5ZmQ1YTMwZTc0MDBkYjQ2ODBiZWM3MTIxODc3M2NkMmQ1MWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX9PX2up1BvLYj2TcD6+EvDOST3n
W1UiIBLIaYDGgvmMGJTngWr84GBbxCEYMLaEbfjoS/JbRusDWXHtaH/MwRuv6ljs
FVQsxpDV4dTmPTpVbx+On9AewfWwk53KF2jG9WOriFv57fRYFfS+N38rmhZ6MDdW
KsF/SfJ/9tUJAL6NnZHZdgLEkpAz2lz9zlaai3PdnuXCNKRLKmn6AW9ywFE+WM62
4DKZXGEABHsY+eBf+6YyOC4807IqlYuQWzk9j2XN4AATr/zsp2dez6HOd/ceTmzR
U6GPCs0udRD8Inab6Li1eiJDTO0H6tgEq1CGh4euuUWChD1pAz3NIpI12wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJJ/Vow50ANtGgL7HEhh3PNLVHiMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvWWtuOVdqRG5RQTIwYUF2c2NTR0hjODB0VWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1B44MA0G
CSqGSIb3DQEBCwUAA4IBAQCZ+rN3j5NcVOo5STS2pbiSUVtzaBCUK+G1aZAAJmMB
3Npc1TdfqnORuOLvN7UCErFSAokU7Kof/A+grVTg6sWoms9mEihbRuBabBhyPmzS
sK8fvdV3oDpmA1HfsD+WbdoxGGEiqdkAx0l0h648wsuE/HfTZIu9ruqzxBfIywxu
hzU1RQvQMIZvG2VUEPm7IXBWbz+2wRrBwwPH1H35iIX5YX+fyUjusQxe4dfb0kG7
bzjQYclJ9CMEmpc4lD39tzcvKfQTsRBAGkcIKWWsnlMgTvuYlTQJyr5ZiOBEXp1M
/KGiufeRkRwL9HiKE5xx2Prfd0QgoAkwnmFvIWaxxkau
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:32 2024 by rpki-client on console-ams.rpki-client.org