Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/ynUJ9VMNYuo7z7oeCDaRc602Nys.roa
File: ynUJ9VMNYuo7z7oeCDaRc602Nys.roa (raw, json)
Hash identifier: q7V0dqhS6RTxtfeBusvs1vqjkoj/V2ryLmQPUd7Y+k0=
Subject key identifier: CA:75:09:F5:53:0D:62:EA:3B:CF:BA:1E:08:36:91:73:AD:36:37:2B
Certificate issuer: /CN=28843db96e4f459b87df8c279057eed69bb9b862
Certificate serial: 01856EF42CD74C09C5999BF5152A095226E2
Authority key identifier: 28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/ynUJ9VMNYuo7z7oeCDaRc602Nys.roa
Signing time: Sun 01 Jan 2023 20:09:34 +0000
ROA not before: Sun 01 Jan 2023 20:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51404
IP address blocks: 91.217.15.0/24 maxlen: 24
91.217.14.0/24 maxlen: 24
91.217.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:2c:d7:4c:09:c5:99:9b:f5:15:2a:09:52:26:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28843db96e4f459b87df8c279057eed69bb9b862
Validity
Not Before: Jan 1 20:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca7509f5530d62ea3bcfba1e08369173ad36372b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:65:77:3c:2c:72:09:24:f9:3e:22:81:38:f0:
58:02:3c:f9:d2:56:8a:8a:fc:3e:c8:44:61:29:bd:
bc:96:6e:cf:26:a3:69:8f:aa:1d:0b:7b:fc:0b:09:
6f:80:66:df:1f:dd:ba:da:82:40:31:01:07:31:ef:
21:95:54:2c:9f:22:70:8b:da:45:9f:60:34:1e:35:
8d:91:eb:f4:c2:ce:f9:37:3f:df:32:43:3b:ab:19:
85:db:25:5f:95:1b:7b:ab:81:d9:2e:f7:36:b4:49:
00:b0:13:02:14:72:a8:43:cf:48:19:81:6d:cc:04:
3b:45:f8:ef:83:d7:1f:e7:01:73:e5:ac:09:5a:90:
3d:ad:84:9e:19:d8:5d:e0:5d:98:bb:f5:f0:84:28:
b1:7f:a9:69:cf:aa:2c:b7:33:ae:50:b1:1c:df:71:
b5:bf:63:e4:46:14:1c:89:9e:e6:e4:2e:af:86:3e:
46:db:9c:d9:dd:ef:12:6e:88:2c:ff:42:8a:3c:5e:
22:35:d9:79:ff:8e:67:ea:85:d6:95:62:93:39:5b:
35:39:4b:9c:d3:26:27:5f:83:d2:e2:14:a9:a3:bd:
0a:83:db:68:28:61:9a:69:16:bd:bf:93:d8:a4:87:
9b:80:ac:73:18:84:e1:d9:c8:04:56:97:e0:7e:50:
b4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:75:09:F5:53:0D:62:EA:3B:CF:BA:1E:08:36:91:73:AD:36:37:2B
X509v3 Authority Key Identifier:
keyid:28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/ynUJ9VMNYuo7z7oeCDaRc602Nys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.14.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:26:42:53:23:1c:4b:f1:bd:13:15:91:83:95:23:be:c3:cc:
99:97:71:98:fc:46:5c:14:80:5c:62:56:c1:a9:2c:2d:10:7c:
4f:c0:b7:6c:7c:bd:71:07:67:b8:0e:d9:d2:55:4e:4f:5f:a6:
86:e9:3d:46:31:bb:a5:49:9a:5a:54:f1:fc:f5:a6:d9:f8:29:
e0:5e:d1:f4:10:bc:6a:99:50:96:77:13:c0:5a:d9:06:8b:52:
c8:c7:d0:fa:f3:22:d8:f3:0f:91:53:a7:c2:24:d2:60:d7:27:
60:b4:7d:be:c4:d7:06:1d:d4:25:4d:cb:4d:f0:52:74:d9:47:
e1:46:77:d0:71:37:68:79:ef:29:32:e9:8e:72:06:4d:8b:d9:
1c:34:89:2b:f9:9b:1d:d0:74:0c:85:8d:47:76:cb:85:d7:84:
83:8b:d2:40:c5:06:e6:95:4f:bd:69:7d:ad:2c:0c:d2:79:39:
fd:09:b7:d3:8c:fd:b0:55:15:e6:72:61:fe:1c:23:b9:ae:37:
14:fd:85:f1:34:35:d9:75:e6:29:d4:5a:b4:22:5c:84:bb:bd:
1f:be:67:2d:46:21:5e:17:a1:e3:b9:72:88:15:00:63:b7:1f:
94:43:78:9f:a8:29:27:27:2f:7a:64:f5:fe:fc:0e:da:82:e8:
fd:84:00:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu9CzXTAnFmZv1FSoJUibiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODQzZGI5NmU0ZjQ1OWI4N2RmOGMyNzkwNTdlZWQ2OWJi
OWI4NjIwHhcNMjMwMTAxMjAwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc1MDlmNTUzMGQ2MmVhM2JjZmJhMWUwODM2OTE3M2FkMzYzNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmV3PCxyCST5PiKBOPBYAjz50laK
ivw+yERhKb28lm7PJqNpj6odC3v8CwlvgGbfH9262oJAMQEHMe8hlVQsnyJwi9pF
n2A0HjWNkev0ws75Nz/fMkM7qxmF2yVflRt7q4HZLvc2tEkAsBMCFHKoQ89IGYFt
zAQ7Rfjvg9cf5wFz5awJWpA9rYSeGdhd4F2Yu/XwhCixf6lpz6ostzOuULEc33G1
v2PkRhQciZ7m5C6vhj5G25zZ3e8Sbogs/0KKPF4iNdl5/45n6oXWlWKTOVs1OUuc
0yYnX4PS4hSpo70Kg9toKGGaaRa9v5PYpIebgKxzGITh2cgEVpfgflC0lwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMp1CfVTDWLqO8+6Hgg2kXOtNjcrMB8GA1UdIwQY
MBaAFCiEPbluT0Wbh9+MJ5BX7tabubhiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2Yjkt
NjFiNTBmNmE2YzAyLzEveW5VSjlWTU5ZdW83ejdvZUNEYVJjNjAyTnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2YjktNjFiNTBmNmE2YzAy
LzEvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9kOMA0G
CSqGSIb3DQEBCwUAA4IBAQArJkJTIxxL8b0TFZGDlSO+w8yZl3GY/EZcFIBcYlbB
qSwtEHxPwLdsfL1xB2e4DtnSVU5PX6aG6T1GMbulSZpaVPH89abZ+CngXtH0ELxq
mVCWdxPAWtkGi1LIx9D68yLY8w+RU6fCJNJg1ydgtH2+xNcGHdQlTctN8FJ02Ufh
RnfQcTdoee8pMumOcgZNi9kcNIkr+Zsd0HQMhY1HdsuF14SDi9JAxQbmlU+9aX2t
LAzSeTn9CbfTjP2wVRXmcmH+HCO5rjcU/YXxNDXZdeYp1Fq0IlyEu70fvmctRiFe
F6HjuXKIFQBjtx+UQ3ifqCknJy96ZPX+/A7aguj9hAA6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:51 2024 by rpki-client on console-ams.rpki-client.org