Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yjL3e45c9h_MBdC8f4WstDgNi9o.roa
File: yjL3e45c9h_MBdC8f4WstDgNi9o.roa (raw, json)
Hash identifier: F7oSd7vZoZg2W/XTmyE0vUGVmSPLBF22k8NJBpYRbcc=
Subject key identifier: CA:32:F7:7B:8E:5C:F6:1F:CC:05:D0:BC:7F:85:AC:B4:38:0D:8B:DA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01907A44F85F9086FC4FEFB3687BB3B78FAB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yjL3e45c9h_MBdC8f4WstDgNi9o.roa
Signing time: Wed 03 Jul 2024 20:24:18 +0000
ROA not before: Wed 03 Jul 2024 20:24:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 13:09:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7a:44:f8:5f:90:86:fc:4f:ef:b3:68:7b:b3:b7:8f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 3 20:24:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca32f77b8e5cf61fcc05d0bc7f85acb4380d8bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4e:22:68:93:da:77:07:73:2d:32:fd:a5:b9:
00:08:b1:22:9a:74:56:46:62:5d:8b:0c:af:16:66:
fd:e3:0e:fa:9c:e1:ea:e2:74:ea:ca:f2:67:50:77:
b7:45:e3:41:fe:8d:94:64:f1:72:dc:67:f9:7a:6d:
75:5e:b9:5e:fe:2a:ca:a4:20:88:37:d2:e1:9d:3a:
3d:cb:54:97:ce:52:6f:a3:9e:f5:0a:a6:84:9b:a2:
75:5d:82:b9:a5:f8:ff:4d:ee:b0:10:06:cf:8c:58:
11:cf:ca:7a:d1:4e:a4:1c:bf:92:c7:41:f0:21:f7:
88:e4:14:97:0a:35:b6:43:22:99:bc:b8:9c:86:67:
7f:12:53:ad:df:8b:5c:b7:2d:16:d0:05:9d:8f:a8:
0a:81:99:ee:b9:50:64:5a:da:77:4d:7b:6b:65:7d:
30:cc:72:63:e2:6b:90:32:8a:b2:64:81:31:01:10:
c2:5b:d7:d2:7b:4a:2b:a2:f0:68:ec:2a:48:73:6b:
89:45:77:e0:03:a8:4b:07:9b:95:4e:66:d1:ae:52:
c2:43:e8:e9:95:6e:6b:d9:e7:25:1b:d7:ef:8d:d0:
9e:fb:fa:99:6d:5b:8d:d7:50:5a:c2:3f:49:9a:6c:
6f:2c:99:b3:78:88:6b:28:c0:47:73:60:23:6f:22:
24:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:32:F7:7B:8E:5C:F6:1F:CC:05:D0:BC:7F:85:AC:B4:38:0D:8B:DA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yjL3e45c9h_MBdC8f4WstDgNi9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7d:34:e9:88:14:fd:9f:45:79:70:26:82:35:93:95:f1:18:
dc:2e:b4:97:07:42:5e:27:c9:98:89:a4:3e:ad:0d:a5:d7:a5:
31:0e:5d:83:58:27:3e:e2:48:e8:81:94:6d:16:38:40:61:f7:
45:43:f9:01:0d:d3:a2:7d:e8:41:1e:0e:63:4d:6f:7c:02:cd:
ab:c5:18:1d:7d:38:e7:67:c1:b9:16:f2:e6:8d:bf:26:bd:5d:
03:2e:66:f4:e1:f4:6f:84:02:1e:14:95:f4:e6:e0:9b:be:20:
5d:b8:55:af:83:93:3f:8d:d3:c7:f3:38:30:68:e7:2d:4f:81:
36:00:ad:a5:9c:8e:0e:ae:eb:1f:63:de:0b:6b:79:30:f7:72:
e7:bf:f0:0c:ba:c3:40:0b:d4:b0:3e:bf:3c:fb:8e:c8:5d:c4:
5b:9a:9a:61:5c:69:33:39:b9:e6:aa:7b:9b:df:7c:d5:d0:69:
a2:ff:f2:ce:1c:6b:84:96:eb:de:a8:dc:c6:0f:70:7d:a1:01:
82:d5:bb:8b:df:49:51:79:cc:28:d5:17:21:2c:85:33:bd:44:
08:55:d5:47:0d:3a:c5:f8:76:71:5c:35:5c:04:1f:8c:55:7c:
25:09:7b:22:26:d8:19:b0:20:38:10:08:28:0c:d0:f7:1e:3a:
72:a2:7f:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZB6RPhfkIb8T++zaHuzt4+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzAzMjAyNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMyZjc3YjhlNWNmNjFmY2MwNWQwYmM3Zjg1YWNiNDM4MGQ4YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU4iaJPadwdzLTL9pbkACLEimnRW
RmJdiwyvFmb94w76nOHq4nTqyvJnUHe3ReNB/o2UZPFy3Gf5em11Xrle/irKpCCI
N9LhnTo9y1SXzlJvo571CqaEm6J1XYK5pfj/Te6wEAbPjFgRz8p60U6kHL+Sx0Hw
IfeI5BSXCjW2QyKZvLichmd/ElOt34tcty0W0AWdj6gKgZnuuVBkWtp3TXtrZX0w
zHJj4muQMoqyZIExARDCW9fSe0orovBo7CpIc2uJRXfgA6hLB5uVTmbRrlLCQ+jp
lW5r2eclG9fvjdCe+/qZbVuN11Bawj9JmmxvLJmzeIhrKMBHc2AjbyIkMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMoy93uOXPYfzAXQvH+FrLQ4DYvaMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveWpMM2U0NWM5aF9NQmRDOGY0V3N0RGdOaTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQBKfTTpiBT9n0V5cCaCNZOV8Rjc
LrSXB0JeJ8mYiaQ+rQ2l16UxDl2DWCc+4kjogZRtFjhAYfdFQ/kBDdOifehBHg5j
TW98As2rxRgdfTjnZ8G5FvLmjb8mvV0DLmb04fRvhAIeFJX05uCbviBduFWvg5M/
jdPH8zgwaOctT4E2AK2lnI4OrusfY94La3kw93Lnv/AMusNAC9SwPr88+47IXcRb
mpphXGkzObnmqnub33zV0Gmi//LOHGuEluveqNzGD3B9oQGC1buL30lRecwo1Rch
LIUzvUQIVdVHDTrF+HZxXDVcBB+MVXwlCXsiJtgZsCA4EAgoDND3Hjpyon+F
-----END CERTIFICATE-----
Generated at Thu Jul 4 15:56:53 2024 by rpki-client on console-ams.rpki-client.org