Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/YBNXyza_7qSVIgP6ad1TAOVKpOU.roa
File: YBNXyza_7qSVIgP6ad1TAOVKpOU.roa (raw, json)
Hash identifier: ZmmKUk7InEhi2ZrlLNI93GTQ2hgpsCGdfKB+qVtNKn8=
Subject key identifier: 60:13:57:CB:36:BF:EE:A4:95:22:03:FA:69:DD:53:00:E5:4A:A4:E5
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 0187B757C4D212227CD4506FEBF0CEA39B5F
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/YBNXyza_7qSVIgP6ad1TAOVKpOU.roa
Signing time: Tue 25 Apr 2023 07:36:35 +0000
ROA not before: Tue 25 Apr 2023 07:36:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213230
IP address blocks: 178.156.128.0/17 maxlen: 24
5.161.0.0/16 maxlen: 24
2a01:4ff::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:57:c4:d2:12:22:7c:d4:50:6f:eb:f0:ce:a3:9b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Apr 25 07:36:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601357cb36bfeea4952203fa69dd5300e54aa4e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:76:72:93:a8:10:54:b4:f9:6c:46:83:16:20:
b4:35:07:11:d6:84:ef:56:5d:df:59:29:70:f7:42:
36:ff:53:b6:04:86:c4:45:d2:12:13:e8:90:ba:15:
a5:06:a1:ab:3b:11:39:62:13:6e:dd:8c:47:ed:7c:
d4:ae:a9:4c:7c:e7:4d:61:0b:a6:ef:45:1a:07:6a:
7c:6e:07:5b:40:3a:fa:46:43:cb:9a:ab:66:14:57:
c2:d5:48:1e:5a:88:a6:3c:59:21:bc:0e:ec:ed:37:
33:ec:c6:3a:9a:f4:a4:b7:b7:9a:0d:4a:76:cd:8a:
77:f9:56:ba:04:1e:65:26:8d:64:11:4b:a3:b3:9c:
19:0f:4e:61:b7:5c:42:1d:55:e4:9e:0e:3a:dc:d8:
96:eb:b7:ab:ff:00:df:06:3b:a0:10:9b:79:b2:3c:
12:b0:d2:57:e0:a2:85:5e:c7:5a:58:63:a5:d6:63:
45:e5:a3:9c:0c:89:cf:86:5a:e2:d8:80:e0:c2:0d:
31:0f:0c:c8:4e:dc:a3:c5:c4:8b:ff:e7:f7:76:45:
8f:aa:be:aa:c1:71:2a:b0:3d:0c:19:c2:eb:14:99:
e3:85:f5:b8:69:86:2c:64:d7:ba:f0:d6:d6:4b:e7:
d9:08:15:7d:a6:8c:29:6f:2f:e3:89:f6:36:c4:13:
ce:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:13:57:CB:36:BF:EE:A4:95:22:03:FA:69:DD:53:00:E5:4A:A4:E5
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/YBNXyza_7qSVIgP6ad1TAOVKpOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.161.0.0/16
178.156.128.0/17
IPv6:
2a01:4ff::/40
Signature Algorithm: sha256WithRSAEncryption
90:79:91:0f:7b:84:0e:b5:38:3f:51:82:10:de:63:3d:cd:16:
c7:6f:5d:74:40:8c:ad:a1:05:52:d5:e6:52:c1:52:43:54:98:
26:1d:bb:8e:b0:2b:34:f8:dc:00:8f:8a:24:84:71:ec:e4:d2:
c9:f4:fa:8d:96:7d:92:19:de:1a:a8:30:b9:c7:1a:6a:95:fc:
d6:79:7c:88:d1:f2:98:d7:5b:03:3f:7f:80:50:95:33:fa:c5:
ba:a8:7b:9e:83:69:14:c2:42:6e:e5:12:63:00:4d:d5:27:80:
8c:6d:fe:bf:5f:cf:a1:11:a5:ad:94:64:04:0c:0e:c1:b5:fc:
b7:b8:7c:06:e7:cd:a2:83:dc:83:ae:5c:48:40:a7:7c:ee:32:
46:e4:15:e7:ad:65:2b:5e:7d:ba:63:6e:17:22:2a:b1:3e:1d:
85:22:d7:c2:55:14:90:bc:82:3f:32:b7:d0:79:dc:91:2c:b0:
64:ad:43:79:6f:31:26:91:af:e1:a3:a3:5d:b1:c6:e9:d2:37:
31:d7:e7:28:85:1f:3d:eb:d5:0a:d6:d9:c0:0a:03:f4:89:c0:
e3:0c:1f:e8:02:6e:4e:60:f8:75:6e:3f:ac:c7:d8:59:81:bd:
b0:d6:00:05:25:5a:7f:5e:f0:d1:46:b6:14:0c:85:0b:55:59:
96:18:05:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe3V8TSEiJ81FBv6/DOo5tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjMwNDI1MDczNjM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDEzNTdjYjM2YmZlZWE0OTUyMjAzZmE2OWRkNTMwMGU1NGFhNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnZyk6gQVLT5bEaDFiC0NQcR1oTv
Vl3fWSlw90I2/1O2BIbERdISE+iQuhWlBqGrOxE5YhNu3YxH7XzUrqlMfOdNYQum
70UaB2p8bgdbQDr6RkPLmqtmFFfC1UgeWoimPFkhvA7s7Tcz7MY6mvSkt7eaDUp2
zYp3+Va6BB5lJo1kEUujs5wZD05ht1xCHVXkng463NiW67er/wDfBjugEJt5sjwS
sNJX4KKFXsdaWGOl1mNF5aOcDInPhlri2IDgwg0xDwzITtyjxcSL/+f3dkWPqr6q
wXEqsD0MGcLrFJnjhfW4aYYsZNe68NbWS+fZCBV9powpby/jifY2xBPODwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGATV8s2v+6klSID+mndUwDlSqTlMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvWUJOWHl6YV83cVNWSWdQNmFkMVRBT1ZLcE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzARBAIAATALAwMABaEDBAey
nIAwDgQCAAIwCAMGACoBBP8AMA0GCSqGSIb3DQEBCwUAA4IBAQCQeZEPe4QOtTg/
UYIQ3mM9zRbHb110QIytoQVS1eZSwVJDVJgmHbuOsCs0+NwAj4okhHHs5NLJ9PqN
ln2SGd4aqDC5xxpqlfzWeXyI0fKY11sDP3+AUJUz+sW6qHueg2kUwkJu5RJjAE3V
J4CMbf6/X8+hEaWtlGQEDA7Btfy3uHwG582ig9yDrlxIQKd87jJG5BXnrWUrXn26
Y24XIiqxPh2FItfCVRSQvII/MrfQedyRLLBkrUN5bzEmka/ho6Ndscbp0jcx1+co
hR8969UK1tnACgP0icDjDB/oAm5OYPh1bj+sx9hZgb2w1gAFJVp/XvDRRrYUDIUL
VVmWGAVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:22 2024 by rpki-client on console-ams.rpki-client.org