Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/Y1qnYhyrv423AOwSgFIfKyknzuI.roa
File: Y1qnYhyrv423AOwSgFIfKyknzuI.roa (raw, json)
Hash identifier: la/f4TT002Ctdx+UrR9jcMe8AAYzl8oCxqid2O6/sf4=
Subject key identifier: 63:5A:A7:62:1C:AB:BF:8D:B7:00:EC:12:80:52:1F:2B:29:27:CE:E2
Certificate issuer: /CN=3cea1ea887dcefee6136155b8bd83392937c1671
Certificate serial: 01856DCAF415E40AB9ABA9704DEC779AA8DC
Authority key identifier: 3C:EA:1E:A8:87:DC:EF:EE:61:36:15:5B:8B:D8:33:92:93:7C:16:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POoeqIfc7-5hNhVbi9gzkpN8FnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/Y1qnYhyrv423AOwSgFIfKyknzuI.roa
Signing time: Sun 01 Jan 2023 14:44:55 +0000
ROA not before: Sun 01 Jan 2023 14:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35261
IP address blocks: 193.239.212.0/23 maxlen: 23
45.138.64.0/23 maxlen: 23
45.138.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f4:15:e4:0a:b9:ab:a9:70:4d:ec:77:9a:a8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cea1ea887dcefee6136155b8bd83392937c1671
Validity
Not Before: Jan 1 14:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635aa7621cabbf8db700ec1280521f2b2927cee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cd:58:a8:76:1a:b8:f0:8b:cf:26:1c:48:da:
88:56:2d:6f:e9:08:e3:a8:35:71:c0:3f:06:ee:02:
c4:3d:b0:86:de:2a:6c:ec:63:24:fc:f4:40:6b:f8:
74:35:66:bc:5b:44:fe:8d:c5:d3:37:76:dc:9a:41:
11:57:a9:28:7e:c6:09:6a:36:57:ed:c2:da:10:7b:
f4:2b:53:7f:93:54:54:e9:58:6c:c7:ee:40:c0:65:
d9:d0:14:ff:09:5b:7c:81:45:c4:83:9a:35:f1:19:
65:90:f5:6a:59:30:90:c5:64:50:45:db:b4:04:ca:
d6:b3:a1:4a:00:c3:29:1f:76:13:0a:b8:c6:26:19:
d6:3e:80:43:8c:bf:94:a5:19:bd:af:2f:01:c4:79:
02:2a:c1:9a:14:8b:03:95:dd:a6:c2:5e:06:00:fd:
50:b8:4d:4a:8c:a5:b5:c4:e1:66:b0:7d:2d:57:35:
79:01:6f:6d:bf:5f:93:11:49:9a:26:5e:8c:3d:cc:
ef:93:f2:09:6b:7c:38:65:7d:bc:15:fc:81:53:7d:
70:1e:fa:44:0f:a9:fd:39:33:1d:14:48:db:fa:ed:
98:82:41:de:a1:57:ef:d1:a3:5b:77:d0:1e:a2:90:
10:7b:15:58:69:9f:57:95:40:59:9e:46:5b:83:08:
46:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5A:A7:62:1C:AB:BF:8D:B7:00:EC:12:80:52:1F:2B:29:27:CE:E2
X509v3 Authority Key Identifier:
keyid:3C:EA:1E:A8:87:DC:EF:EE:61:36:15:5B:8B:D8:33:92:93:7C:16:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POoeqIfc7-5hNhVbi9gzkpN8FnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/Y1qnYhyrv423AOwSgFIfKyknzuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/POoeqIfc7-5hNhVbi9gzkpN8FnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.64.0/22
193.239.212.0/23
Signature Algorithm: sha256WithRSAEncryption
20:e1:78:fc:03:7c:26:d3:5f:9a:fa:54:7a:f3:5a:b3:0f:57:
f0:58:ee:12:47:20:54:f8:5b:a3:62:e2:6e:f5:35:cc:51:e5:
c4:33:c9:bb:1f:dd:95:51:1b:ae:4d:d5:90:d1:57:9e:35:b0:
f5:dd:ff:4e:5c:ee:b0:d7:89:8b:16:c8:e7:7b:f3:e7:42:b6:
76:4a:f6:28:7e:c4:2f:15:e0:09:7f:f3:76:8f:bc:52:9c:97:
21:c6:9e:f8:cd:be:e9:9a:10:2b:d0:8f:e1:5c:49:a0:6c:15:
b1:84:eb:50:66:85:f0:ab:a5:df:53:99:61:ac:12:c3:98:1b:
fa:fd:0f:61:91:c9:88:7e:f7:0e:08:c9:a0:ee:a9:88:3a:17:
f8:bf:be:a1:11:2b:bd:0c:aa:a4:f6:f1:58:20:b7:8f:f7:33:
a9:1e:8e:4e:0d:6c:37:95:be:ff:b4:3e:13:21:fd:90:16:7d:
56:8f:51:cd:d1:20:27:7e:00:cb:60:08:4b:75:97:32:b6:25:
0b:ef:7a:d0:45:70:7a:99:8b:1d:76:20:a8:49:c5:55:39:67:
16:b3:60:76:f2:3e:40:82:ba:aa:8b:4e:73:5a:21:2e:42:d4:
d8:a4:7e:7c:48:8c:4d:dc:62:b8:06:63:ee:a4:3c:8e:bb:1e:
15:f8:56:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtyvQV5Aq5q6lwTex3mqjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWExZWE4ODdkY2VmZWU2MTM2MTU1YjhiZDgzMzkyOTM3
YzE2NzEwHhcNMjMwMTAxMTQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzVhYTc2MjFjYWJiZjhkYjcwMGVjMTI4MDUyMWYyYjI5MjdjZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM1YqHYauPCLzyYcSNqIVi1v6Qjj
qDVxwD8G7gLEPbCG3ips7GMk/PRAa/h0NWa8W0T+jcXTN3bcmkERV6kofsYJajZX
7cLaEHv0K1N/k1RU6Vhsx+5AwGXZ0BT/CVt8gUXEg5o18RllkPVqWTCQxWRQRdu0
BMrWs6FKAMMpH3YTCrjGJhnWPoBDjL+UpRm9ry8BxHkCKsGaFIsDld2mwl4GAP1Q
uE1KjKW1xOFmsH0tVzV5AW9tv1+TEUmaJl6MPczvk/IJa3w4ZX28FfyBU31wHvpE
D6n9OTMdFEjb+u2YgkHeoVfv0aNbd9AeopAQexVYaZ9XlUBZnkZbgwhGEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNap2Icq7+NtwDsEoBSHyspJ87iMB8GA1UdIwQY
MBaAFDzqHqiH3O/uYTYVW4vYM5KTfBZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9vZXFJZmM3LTVoTmhWYmk5Z3prcE44Rm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jYTYxZWMtMDdiNi00OTJlLThjNDgt
YjY0Y2FiNGJiZGZmLzEvWTFxblloeXJ2NDIzQU93U2dGSWZLeWtuenVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jYTYxZWMtMDdiNi00OTJlLThjNDgtYjY0Y2FiNGJiZGZm
LzEvUE9vZXFJZmM3LTVoTmhWYmk5Z3prcE44Rm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYpAAwQB
we/UMA0GCSqGSIb3DQEBCwUAA4IBAQAg4Xj8A3wm01+a+lR681qzD1fwWO4SRyBU
+FujYuJu9TXMUeXEM8m7H92VURuuTdWQ0VeeNbD13f9OXO6w14mLFsjne/PnQrZ2
SvYofsQvFeAJf/N2j7xSnJchxp74zb7pmhAr0I/hXEmgbBWxhOtQZoXwq6XfU5lh
rBLDmBv6/Q9hkcmIfvcOCMmg7qmIOhf4v76hESu9DKqk9vFYILeP9zOpHo5ODWw3
lb7/tD4TIf2QFn1Wj1HN0SAnfgDLYAhLdZcytiUL73rQRXB6mYsddiCoScVVOWcW
s2B28j5Agrqqi05zWiEuQtTYpH58SIxN3GK4BmPupDyOux4V+Fal
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:56 2024 by rpki-client on console-ams.rpki-client.org