Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/Y5nukseLUSYx5GaWHKdaxCzhwZk.roa
File: Y5nukseLUSYx5GaWHKdaxCzhwZk.roa (raw, json)
Hash identifier: iDFsje9ayH/pkaL1FWisD/Oi/+Bc2bhh8ZSUsgygDmY=
Subject key identifier: 63:99:EE:92:C7:8B:51:26:31:E4:66:96:1C:A7:5A:C4:2C:E1:C1:99
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 01856CCADEBB2E747DF3EBC57EEC04EEDD88
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/Y5nukseLUSYx5GaWHKdaxCzhwZk.roa
Signing time: Sun 01 Jan 2023 10:05:12 +0000
ROA not before: Sun 01 Jan 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203425
IP address blocks: 93.95.8.0/21 maxlen: 24
151.236.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:de:bb:2e:74:7d:f3:eb:c5:7e:ec:04:ee:dd:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6399ee92c78b512631e466961ca75ac42ce1c199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d0:53:67:5e:f6:a7:1d:8f:7c:7e:ed:64:1c:
31:26:5a:b9:1c:87:bf:3e:fd:71:97:4e:04:cb:30:
ff:9b:2e:ee:ed:92:7a:1d:1a:b2:56:6f:3f:07:b1:
15:dc:5f:a1:00:8d:22:e5:25:db:0d:e4:1c:e0:b1:
39:82:8f:76:88:99:90:df:83:eb:52:0e:d7:8e:30:
5a:cd:d3:7a:00:1e:8e:e6:70:53:1a:e0:4d:9f:12:
64:1e:9d:f0:6a:b4:ba:b5:f8:72:ca:fc:9f:ec:a2:
4a:c9:24:b4:7a:b9:e2:9c:6e:71:c8:22:62:c2:44:
12:92:ad:61:18:59:07:26:1c:48:cd:09:a4:93:e6:
a0:ba:e2:cd:2b:e9:15:d3:37:cc:d7:51:c6:63:e0:
9f:db:9f:bd:23:25:b5:0f:e8:a0:71:a5:c7:e9:9e:
13:44:9a:59:92:70:db:80:92:4c:84:65:33:ec:7f:
d3:b4:ac:51:7e:e3:50:1e:b6:7a:74:fc:23:f3:23:
a5:5e:f3:22:e6:d2:d0:38:7d:25:dc:f6:ac:12:de:
61:14:e6:86:44:9f:04:e3:14:65:c7:7d:64:85:02:
2b:70:2b:63:cb:bb:af:7d:76:cc:e0:d3:67:29:bf:
ec:f6:53:d2:07:6b:7c:4c:61:82:ea:c1:e0:9e:d5:
e6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:99:EE:92:C7:8B:51:26:31:E4:66:96:1C:A7:5A:C4:2C:E1:C1:99
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/Y5nukseLUSYx5GaWHKdaxCzhwZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.8.0/21
151.236.208.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:f0:aa:a0:21:93:bf:fc:54:22:1c:a2:5f:a6:fc:4c:4c:22:
51:b2:7d:b1:d5:07:b7:4c:c1:44:41:3c:0a:6d:29:a9:0d:b1:
84:2c:af:41:18:bb:e3:1f:f2:ed:77:c6:64:5e:e6:9f:ed:fe:
ce:b8:7a:33:07:80:b8:99:d7:87:15:ae:76:13:6a:de:a5:05:
46:10:91:db:df:ef:8b:f5:77:be:2b:88:e9:37:dd:f0:34:3c:
f6:61:f8:e6:22:a4:e6:e7:d4:40:2a:48:35:98:da:3d:b0:9b:
27:3a:35:07:42:61:d3:a5:cb:31:b5:b9:dc:c9:00:41:e3:b1:
39:04:2d:b6:ad:3d:d1:68:4f:24:c6:87:b7:52:c4:83:d6:b2:
4d:2c:38:ee:1a:4a:e2:8e:b0:d2:8c:9e:8c:2d:4c:45:f7:4e:
1f:0d:b6:3a:87:4e:16:6b:94:ef:1b:e1:e6:06:83:de:91:26:
97:f5:53:13:b8:ee:73:c9:dc:57:d6:b8:38:d9:cd:3a:63:d9:
6e:e9:fd:c9:ab:0e:3f:b4:e4:3d:e0:cc:52:84:57:be:27:ce:
29:1f:0b:b7:31:5c:b1:aa:bb:4a:91:4d:3c:62:4c:2f:ad:bb:
32:d5:44:6c:1e:82:09:50:2e:78:00:60:45:1a:4c:35:77:02:
86:83:4a:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyt67LnR98+vFfuwE7t2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjMwMTAxMTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk5ZWU5MmM3OGI1MTI2MzFlNDY2OTYxY2E3NWFjNDJjZTFjMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtBTZ172px2PfH7tZBwxJlq5HIe/
Pv1xl04EyzD/my7u7ZJ6HRqyVm8/B7EV3F+hAI0i5SXbDeQc4LE5go92iJmQ34Pr
Ug7XjjBazdN6AB6O5nBTGuBNnxJkHp3warS6tfhyyvyf7KJKySS0erninG5xyCJi
wkQSkq1hGFkHJhxIzQmkk+aguuLNK+kV0zfM11HGY+Cf25+9IyW1D+igcaXH6Z4T
RJpZknDbgJJMhGUz7H/TtKxRfuNQHrZ6dPwj8yOlXvMi5tLQOH0l3PasEt5hFOaG
RJ8E4xRlx31khQIrcCtjy7uvfXbM4NNnKb/s9lPSB2t8TGGC6sHgntXmYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGOZ7pLHi1EmMeRmlhynWsQs4cGZMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvWTVudWtzZUxVU1l4NUdhV0hLZGF4Q3pod1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXV8IAwQD
l+zQMA0GCSqGSIb3DQEBCwUAA4IBAQCO8KqgIZO//FQiHKJfpvxMTCJRsn2x1Qe3
TMFEQTwKbSmpDbGELK9BGLvjH/Ltd8ZkXuaf7f7OuHozB4C4mdeHFa52E2repQVG
EJHb3++L9Xe+K4jpN93wNDz2YfjmIqTm59RAKkg1mNo9sJsnOjUHQmHTpcsxtbnc
yQBB47E5BC22rT3RaE8kxoe3UsSD1rJNLDjuGkrijrDSjJ6MLUxF904fDbY6h04W
a5TvG+HmBoPekSaX9VMTuO5zydxX1rg42c06Y9lu6f3Jqw4/tOQ94MxShFe+J84p
Hwu3MVyxqrtKkU08Ykwvrbsy1URsHoIJUC54AGBFGkw1dwKGg0rP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org