Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/YGTBEdA0XREPdqxvmVNDYuFnEZ0.roa
File: YGTBEdA0XREPdqxvmVNDYuFnEZ0.roa (raw, json)
Hash identifier: +hzygW968ETBuOcamAE5vC59CMtU2zF4m+hU+aJcms4=
Subject key identifier: 60:64:C1:11:D0:34:5D:11:0F:76:AC:6F:99:53:43:62:E1:67:11:9D
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018D78FBAAA842D4F0D06AA6856D21312876
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/YGTBEdA0XREPdqxvmVNDYuFnEZ0.roa
Signing time: Mon 05 Feb 2024 11:16:15 +0000
ROA not before: Mon 05 Feb 2024 11:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47430
IP address blocks: 45.139.8.0/23 maxlen: 23
45.139.8.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 20:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:fb:aa:a8:42:d4:f0:d0:6a:a6:85:6d:21:31:28:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Feb 5 11:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6064c111d0345d110f76ac6f99534362e167119d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f3:fb:96:db:6c:7b:2d:d2:80:10:c9:75:63:
44:25:5f:c7:0d:9a:7c:bd:d4:6e:19:95:10:f9:9a:
ff:7e:87:4f:a4:c3:bf:66:b6:4a:ba:c5:1c:28:bf:
83:9b:a6:87:f8:99:32:1b:01:31:2e:a4:0c:fb:13:
09:09:55:f5:49:60:f3:33:e6:be:cd:b9:27:a4:64:
07:c0:df:51:1a:f2:9f:93:4c:b2:0c:f2:99:20:e1:
b4:bc:37:b0:fa:42:fe:0d:8c:b9:ee:df:db:0f:1e:
65:a4:02:84:a4:c0:61:98:b5:a6:c0:17:7a:b3:f0:
d4:5c:e1:c5:a4:56:6b:06:a6:29:49:3c:52:a3:70:
44:9f:2e:22:f2:2b:06:0c:4c:fa:e6:49:37:36:87:
8b:c2:4e:6b:c0:ca:42:03:51:dc:19:e2:b6:4d:bd:
92:05:94:b8:e4:e6:43:ef:80:2d:14:5d:ac:f9:30:
8c:3b:33:10:02:73:5b:9c:9e:f3:4a:00:17:54:0f:
bd:7c:6a:55:01:66:92:a9:9d:65:34:e0:d7:f2:70:
2b:72:99:53:47:d8:78:cc:a5:08:a1:ad:7a:01:a9:
4c:5d:1c:4d:9f:f7:55:23:f9:38:1a:9d:fd:57:bb:
a2:19:0a:9f:f6:6d:b4:cb:10:fd:1a:ae:26:66:58:
e8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:64:C1:11:D0:34:5D:11:0F:76:AC:6F:99:53:43:62:E1:67:11:9D
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/YGTBEdA0XREPdqxvmVNDYuFnEZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/23
194.180.209.0/24
Signature Algorithm: sha256WithRSAEncryption
76:3d:d4:72:6b:1b:cf:fa:95:20:6e:ad:9f:b5:0b:d5:d1:9c:
e0:3b:89:32:4f:04:b9:70:66:4b:03:ff:5d:09:8c:a0:89:8f:
f6:82:94:bc:d7:ac:98:8f:17:95:41:14:37:be:d1:ac:12:07:
d7:6f:94:37:db:a1:03:5c:d0:93:54:1e:5a:0b:8b:c9:58:4f:
17:3e:b9:93:f8:52:37:9b:b9:27:3b:1d:d4:2d:83:8e:2b:6a:
7d:bc:55:32:2f:1e:3f:35:3c:a2:b2:bb:96:3b:47:0d:eb:ff:
54:e6:68:6c:5d:18:b5:56:e7:2a:20:99:d2:86:1d:0e:9f:ac:
0c:62:7e:28:2f:84:18:46:16:b3:83:0d:8a:65:9d:65:cb:06:
32:25:44:c9:53:2b:bc:af:77:3b:af:38:2a:b5:b9:ab:11:ec:
3d:ca:38:65:01:94:d1:b0:10:7a:e3:3c:6a:5f:a6:51:d0:3a:
d5:90:c0:d4:cb:2d:9f:ef:42:e7:81:f3:dc:b5:1b:29:c5:a2:
4b:3d:13:fa:0f:dd:16:02:51:ef:c0:0a:a1:72:00:30:47:ac:
c3:d5:8d:f6:6a:c7:a2:16:5e:5c:8b:89:75:cc:c7:d4:8d:e4:
36:df:c3:ca:5c:40:8a:db:21:97:57:f1:3f:e0:a2:87:1d:0b:
ba:20:9d:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY14+6qoQtTw0GqmhW0hMSh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjA1MTExNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY0YzExMWQwMzQ1ZDExMGY3NmFjNmY5OTUzNDM2MmUxNjcxMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/P7lttsey3SgBDJdWNEJV/HDZp8
vdRuGZUQ+Zr/fodPpMO/ZrZKusUcKL+Dm6aH+JkyGwExLqQM+xMJCVX1SWDzM+a+
zbknpGQHwN9RGvKfk0yyDPKZIOG0vDew+kL+DYy57t/bDx5lpAKEpMBhmLWmwBd6
s/DUXOHFpFZrBqYpSTxSo3BEny4i8isGDEz65kk3NoeLwk5rwMpCA1HcGeK2Tb2S
BZS45OZD74AtFF2s+TCMOzMQAnNbnJ7zSgAXVA+9fGpVAWaSqZ1lNODX8nArcplT
R9h4zKUIoa16AalMXRxNn/dVI/k4Gp39V7uiGQqf9m20yxD9Gq4mZljonQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGBkwRHQNF0RD3asb5lTQ2LhZxGdMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvWUdUQkVkQTBYUkVQZHF4dm1WTkRZdUZuRVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYsIAwQA
wrTRMA0GCSqGSIb3DQEBCwUAA4IBAQB2PdRyaxvP+pUgbq2ftQvV0ZzgO4kyTwS5
cGZLA/9dCYygiY/2gpS816yYjxeVQRQ3vtGsEgfXb5Q326EDXNCTVB5aC4vJWE8X
PrmT+FI3m7knOx3ULYOOK2p9vFUyLx4/NTyisruWO0cN6/9U5mhsXRi1VucqIJnS
hh0On6wMYn4oL4QYRhazgw2KZZ1lywYyJUTJUyu8r3c7rzgqtbmrEew9yjhlAZTR
sBB64zxqX6ZR0DrVkMDUyy2f70LngfPctRspxaJLPRP6D90WAlHvwAqhcgAwR6zD
1Y32aseiFl5ci4l1zMfUjeQ238PKXECK2yGXV/E/4KKHHQu6IJ2x
-----END CERTIFICATE-----
Generated at Wed Feb 7 00:25:25 2024 by rpki-client on console-fra.rpki-client.org