Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/YSbu0NnFGl4bqkSYkbQfx0Et9h4.roa
File: YSbu0NnFGl4bqkSYkbQfx0Et9h4.roa (raw, json)
Hash identifier: mWRR7mz+syA0XEeLzfGe4qslRRhDs8+naTz7Dc0CTtY=
Subject key identifier: 61:26:EE:D0:D9:C5:1A:5E:1B:AA:44:98:91:B4:1F:C7:41:2D:F6:1E
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 01903D1F85C2E884FB1769C12E611FD5DCBD
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/YSbu0NnFGl4bqkSYkbQfx0Et9h4.roa
Signing time: Fri 21 Jun 2024 23:26:34 +0000
ROA not before: Fri 21 Jun 2024 23:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216018
IP address blocks: 185.23.72.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 00:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3d:1f:85:c2:e8:84:fb:17:69:c1:2e:61:1f:d5:dc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Jun 21 23:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6126eed0d9c51a5e1baa449891b41fc7412df61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:11:ad:dc:69:ce:47:94:59:b3:35:8a:2a:
56:a0:9e:b4:5c:37:3d:1c:e8:15:25:30:1c:48:45:
b0:c5:87:b7:96:b4:07:b8:64:8c:c2:98:88:35:c5:
6e:90:94:9c:2d:9b:b9:4b:83:1f:de:0f:88:dd:70:
e8:93:37:9a:88:5c:ad:b4:2a:d2:97:1d:0c:37:26:
b7:b5:38:1f:ea:8e:41:4b:19:13:97:41:49:c1:4b:
51:97:3d:e8:62:f1:e0:22:45:d7:db:6c:cd:cd:87:
a7:98:25:7b:bd:18:7c:03:1f:5f:e3:9b:3a:10:8f:
5b:6f:9d:ec:e3:24:eb:ed:c4:a1:68:67:97:1b:f0:
4d:35:12:c6:16:85:91:6d:01:6c:7c:3f:ac:00:68:
71:9e:60:65:f0:3d:b7:d4:7a:47:24:c3:8d:b0:1d:
05:a3:0f:78:98:ca:7a:94:8c:c9:aa:db:d3:a5:4a:
44:d8:bc:58:6f:66:85:10:5c:21:fb:e0:3c:26:30:
75:b0:96:15:c4:b7:f5:ce:93:2d:e2:5e:ab:f5:22:
7f:65:9a:76:b1:c1:34:cc:6c:f7:74:c4:bf:87:ac:
3c:07:f6:ce:80:56:04:8e:22:ef:46:92:5a:ab:c7:
3d:1d:5e:0a:0b:9c:67:49:e3:e2:83:7b:c2:93:15:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:26:EE:D0:D9:C5:1A:5E:1B:AA:44:98:91:B4:1F:C7:41:2D:F6:1E
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/YSbu0NnFGl4bqkSYkbQfx0Et9h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.72.0/24
185.23.74.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fa:7b:6c:50:a4:77:97:87:95:a5:9a:9b:0a:58:c6:40:e3:
50:0e:10:3b:8e:e8:b1:08:49:1e:42:30:ac:fe:fc:9b:2a:19:
c8:0a:ee:38:3d:42:5f:89:db:2f:7a:46:4e:14:18:d1:f0:c9:
c2:45:39:0d:f9:ae:3f:5e:98:bf:a1:3c:38:ab:7d:48:5a:d6:
f4:fd:d1:fa:a3:cb:d5:d7:c5:35:7a:23:e4:20:03:33:6c:33:
0b:c0:56:8f:bc:ba:9c:4a:0d:39:af:d5:40:af:c9:5a:07:61:
7c:2f:d7:90:4b:f9:2f:8c:1d:55:44:e1:ca:a2:56:66:2c:d5:
3f:68:23:5c:80:a1:e3:cb:4e:dc:83:a3:f3:04:34:6b:cf:0f:
d5:09:da:47:10:06:7c:40:ee:52:a0:28:f3:2b:80:22:4d:4b:
b4:01:f3:73:e4:55:63:f0:23:15:5a:49:e9:a8:10:01:cd:c3:
66:c2:0f:0e:fa:e7:76:d8:c1:ef:87:12:b0:6c:0b:23:a5:20:
91:72:73:2b:89:16:b1:62:ec:77:ed:df:e0:a8:5a:da:97:aa:
23:81:39:d3:2f:45:45:56:32:0a:24:77:64:c3:ca:48:0d:ad:
e2:2a:73:c9:41:95:71:e7:5b:c5:c3:7c:93:ce:ea:2a:04:af:
41:b5:a7:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZA9H4XC6IT7F2nBLmEf1dy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjQwNjIxMjMyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTI2ZWVkMGQ5YzUxYTVlMWJhYTQ0OTg5MWI0MWZjNzQxMmRmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFQRrdxpzkeUWbM1iipWoJ60XDc9
HOgVJTAcSEWwxYe3lrQHuGSMwpiINcVukJScLZu5S4Mf3g+I3XDokzeaiFyttCrS
lx0MNya3tTgf6o5BSxkTl0FJwUtRlz3oYvHgIkXX22zNzYenmCV7vRh8Ax9f45s6
EI9bb53s4yTr7cShaGeXG/BNNRLGFoWRbQFsfD+sAGhxnmBl8D231HpHJMONsB0F
ow94mMp6lIzJqtvTpUpE2LxYb2aFEFwh++A8JjB1sJYVxLf1zpMt4l6r9SJ/ZZp2
scE0zGz3dMS/h6w8B/bOgFYEjiLvRpJaq8c9HV4KC5xnSePig3vCkxXHawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGEm7tDZxRpeG6pEmJG0H8dBLfYeMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvWVNidTBObkZHbDRicWtTWWtiUWZ4MEV0OWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRdIAwQA
uRdKMA0GCSqGSIb3DQEBCwUAA4IBAQAF+ntsUKR3l4eVpZqbCljGQONQDhA7juix
CEkeQjCs/vybKhnICu44PUJfidsvekZOFBjR8MnCRTkN+a4/Xpi/oTw4q31IWtb0
/dH6o8vV18U1eiPkIAMzbDMLwFaPvLqcSg05r9VAr8laB2F8L9eQS/kvjB1VROHK
olZmLNU/aCNcgKHjy07cg6PzBDRrzw/VCdpHEAZ8QO5SoCjzK4AiTUu0AfNz5FVj
8CMVWknpqBABzcNmwg8O+ud22MHvhxKwbAsjpSCRcnMriRaxYux37d/gqFral6oj
gTnTL0VFVjIKJHdkw8pIDa3iKnPJQZVx51vFw3yTzuoqBK9BtacE
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:46:02 2024 by rpki-client on console-fra.rpki-client.org