Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/ytxFev2HIiLKh0zMbveI6_cp8ns.roa
File: ytxFev2HIiLKh0zMbveI6_cp8ns.roa (raw, json)
Hash identifier: 6NqtUZ/bnWgCbdCvjV7lwU7uwPjkwnpwjNbUeJR00so=
Subject key identifier: CA:DC:45:7A:FD:87:22:22:CA:87:4C:CC:6E:F7:88:EB:F7:29:F2:7B
Certificate issuer: /CN=b27912ffef67078bb06bd4a9021fba96adb180be
Certificate serial: 01907811EB51A6728ED995555B5AB35751E5
Authority key identifier: B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/ytxFev2HIiLKh0zMbveI6_cp8ns.roa
Signing time: Wed 03 Jul 2024 10:09:18 +0000
ROA not before: Wed 03 Jul 2024 10:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9002
IP address blocks: 31.44.16.0/20 maxlen: 24
45.144.100.0/22 maxlen: 24
2a00:d400::/32 maxlen: 54
Validation: Failed, certificate revoked on Wed 03 Jul 2024 10:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:11:eb:51:a6:72:8e:d9:95:55:5b:5a:b3:57:51:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27912ffef67078bb06bd4a9021fba96adb180be
Validity
Not Before: Jul 3 10:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cadc457afd872222ca874ccc6ef788ebf729f27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:c3:24:cc:e4:ef:d0:e1:6f:18:ac:5a:2e:
20:88:9b:5e:3d:15:0a:0c:40:fa:cc:07:9e:f5:b1:
f8:36:38:4a:48:cf:86:d3:09:b5:2d:bf:c4:86:bc:
d1:70:64:66:56:2b:38:4c:57:14:d3:7f:1a:69:8e:
c5:1d:c7:0f:cc:f1:01:47:5d:87:83:bf:da:d4:41:
c4:78:20:94:c9:9a:21:2e:da:19:dd:84:44:17:7e:
15:ea:40:9b:3c:a7:c0:3e:40:1f:83:66:a0:28:af:
80:a1:d7:36:b2:58:4d:a6:fc:66:f9:7b:8e:0c:f3:
f7:90:10:85:8b:88:28:1e:fa:99:fa:1d:2e:fd:d2:
f8:7f:00:05:9e:ea:c2:7c:77:4d:1a:99:58:7b:27:
25:2b:20:c9:ea:e7:83:f1:86:63:a9:41:ee:14:16:
39:18:54:d6:cc:9f:5f:4b:a1:33:89:6c:5a:d4:ca:
75:ff:5d:68:c2:dc:85:90:d6:1a:bc:9c:eb:68:bc:
bc:23:8b:66:25:b7:59:7a:39:17:56:98:96:64:a1:
d3:d9:f0:0b:b2:57:70:a6:0b:d0:c6:1b:37:d3:ff:
f1:00:1f:af:e0:bf:a9:40:ba:f9:9c:c5:dc:b5:12:
2c:9c:33:4c:0e:86:33:4d:51:5f:d1:d1:bd:3e:08:
25:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DC:45:7A:FD:87:22:22:CA:87:4C:CC:6E:F7:88:EB:F7:29:F2:7B
X509v3 Authority Key Identifier:
keyid:B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/ytxFev2HIiLKh0zMbveI6_cp8ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.16.0/20
45.144.100.0/22
IPv6:
2a00:d400::/32
Signature Algorithm: sha256WithRSAEncryption
72:ed:88:2f:d5:fd:0e:fb:82:a4:2d:d0:09:39:5a:c3:4f:06:
30:4d:da:94:d1:95:9d:1f:ab:c8:0f:32:e6:92:3e:d7:b9:d0:
35:d4:fb:ab:f8:6c:87:cf:32:20:6d:a2:b0:ec:ce:ff:4c:40:
83:7a:e1:24:12:d2:e1:65:89:3c:4e:4b:ce:ea:8e:75:ac:57:
88:29:96:94:ab:a1:cb:29:95:32:88:5d:fa:35:49:52:c4:ac:
6b:b2:17:90:b1:54:1c:04:4e:4c:54:e5:6e:11:e5:4b:a4:1c:
70:b8:6c:ce:21:40:2a:2b:1b:e7:71:6d:55:71:28:0a:ac:08:
c9:0b:e6:4b:ce:86:20:54:47:6f:f1:2a:c1:28:72:db:97:5a:
61:88:aa:ab:e0:78:48:b3:7d:70:20:e5:c3:1f:0a:c0:7b:0c:
d1:26:96:bd:59:07:fa:81:d0:12:55:f8:d1:cb:8e:1c:11:93:
a0:53:5a:6d:54:ea:d9:e7:44:84:4d:a0:bb:58:41:28:dd:b5:
73:45:eb:f2:d9:91:19:ff:63:7c:6b:a1:20:34:ea:d8:ed:57:
cc:88:a4:88:be:52:e2:54:38:67:4a:d1:2b:b0:27:1f:01:1e:
17:70:21:a7:c7:82:a0:75:60:45:b5:b2:e8:6c:50:56:95:84:
7f:26:2d:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZB4EetRpnKO2ZVVW1qzV1HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzkxMmZmZWY2NzA3OGJiMDZiZDRhOTAyMWZiYTk2YWRi
MTgwYmUwHhcNMjQwNzAzMTAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRjNDU3YWZkODcyMjIyY2E4NzRjY2M2ZWY3ODhlYmY3MjlmMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvLDJMzk79DhbxisWi4giJtePRUK
DED6zAee9bH4NjhKSM+G0wm1Lb/EhrzRcGRmVis4TFcU038aaY7FHccPzPEBR12H
g7/a1EHEeCCUyZohLtoZ3YREF34V6kCbPKfAPkAfg2agKK+Aodc2slhNpvxm+XuO
DPP3kBCFi4goHvqZ+h0u/dL4fwAFnurCfHdNGplYeyclKyDJ6ueD8YZjqUHuFBY5
GFTWzJ9fS6EziWxa1Mp1/11owtyFkNYavJzraLy8I4tmJbdZejkXVpiWZKHT2fAL
sldwpgvQxhs30//xAB+v4L+pQLr5nMXctRIsnDNMDoYzTVFf0dG9PgglowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMrcRXr9hyIiyodMzG73iOv3KfJ7MB8GA1UdIwQY
MBaAFLJ5Ev/vZweLsGvUqQIfupatsYC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQt
NWMwZDkyZjlhNDlmLzEveXR4RmV2MkhJaUxLaDB6TWJ2ZUk2X2NwOG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQtNWMwZDkyZjlhNDlm
LzEvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHywQAwQC
LZBkMA0EAgACMAcDBQAqANQAMA0GCSqGSIb3DQEBCwUAA4IBAQBy7Ygv1f0O+4Kk
LdAJOVrDTwYwTdqU0ZWdH6vIDzLmkj7XudA11Pur+GyHzzIgbaKw7M7/TECDeuEk
EtLhZYk8TkvO6o51rFeIKZaUq6HLKZUyiF36NUlSxKxrsheQsVQcBE5MVOVuEeVL
pBxwuGzOIUAqKxvncW1VcSgKrAjJC+ZLzoYgVEdv8SrBKHLbl1phiKqr4HhIs31w
IOXDHwrAewzRJpa9WQf6gdASVfjRy44cEZOgU1ptVOrZ50SETaC7WEEo3bVzRevy
2ZEZ/2N8a6EgNOrY7VfMiKSIvlLiVDhnStErsCcfAR4XcCGnx4KgdWBFtbLobFBW
lYR/Ji1C
-----END CERTIFICATE-----
Generated at Wed Jul 3 12:43:03 2024 by rpki-client on console-ams.rpki-client.org