Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fb3673-7419-49d8-b6f6-091f7f9b9761/1/yEYsVVFE2KS9JCL4Xmal8cOzasc.roa
File: yEYsVVFE2KS9JCL4Xmal8cOzasc.roa (raw, json)
Hash identifier: lUul9gdPUJhz0XO5vVvWlJAhq9WlAmFjJrtEbosWBhM=
Subject key identifier: C8:46:2C:55:51:44:D8:A4:BD:24:22:F8:5E:66:A5:F1:C3:B3:6A:C7
Certificate issuer: /CN=76d4bc89eeb4a9c89f1005eaad227c1325ed1562
Certificate serial: 01870DD048ED3ADF8ED998D071B875BE75DC
Authority key identifier: 76:D4:BC:89:EE:B4:A9:C8:9F:10:05:EA:AD:22:7C:13:25:ED:15:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dtS8ie60qcifEAXqrSJ8EyXtFWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fb3673-7419-49d8-b6f6-091f7f9b9761/1/yEYsVVFE2KS9JCL4Xmal8cOzasc.roa
Signing time: Thu 23 Mar 2023 09:32:46 +0000
ROA not before: Thu 23 Mar 2023 09:32:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51768
IP address blocks: 185.176.236.0/22 maxlen: 22
91.220.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:d0:48:ed:3a:df:8e:d9:98:d0:71:b8:75:be:75:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76d4bc89eeb4a9c89f1005eaad227c1325ed1562
Validity
Not Before: Mar 23 09:32:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8462c555144d8a4bd2422f85e66a5f1c3b36ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:bf:7d:05:4b:37:29:53:bc:ec:c6:a5:f6:
55:e4:72:f5:af:f3:5a:da:4c:36:38:dc:e2:88:95:
03:ff:24:78:33:24:0a:b4:d7:28:88:40:fa:6d:89:
4d:b7:d7:c2:66:61:9c:4f:c7:00:f1:1f:43:d4:44:
16:1a:2c:06:d6:fe:9a:24:95:de:5d:a3:cf:81:f3:
b3:e5:ed:63:9e:75:13:0a:b4:b5:45:f1:17:7f:fa:
24:01:66:eb:8c:1c:96:35:af:a8:07:1a:dc:49:d7:
5d:50:13:4b:e3:21:60:91:30:ec:12:d4:3e:9b:71:
ca:3f:1d:63:83:a5:38:0e:69:9c:f3:44:7b:fc:2e:
8e:8f:f3:ba:f9:8b:b5:5d:cd:0a:6c:98:d6:3e:4a:
8d:a3:23:75:41:7d:b1:2a:d0:27:f5:13:ef:af:ef:
32:87:ed:84:2c:bb:1c:64:70:a2:58:cf:af:d1:6f:
df:70:56:cc:eb:53:36:8e:e5:e4:24:b7:54:85:70:
5c:4d:b1:b0:30:67:2d:76:31:bd:86:7a:78:f6:3a:
16:82:3c:4d:d2:4c:d7:30:23:fb:c0:71:c5:a0:1d:
16:ce:80:48:7e:96:8b:75:75:6d:eb:fb:d8:0c:75:
c5:e1:46:e4:17:8e:dc:1d:78:66:e3:62:88:3b:3c:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:46:2C:55:51:44:D8:A4:BD:24:22:F8:5E:66:A5:F1:C3:B3:6A:C7
X509v3 Authority Key Identifier:
keyid:76:D4:BC:89:EE:B4:A9:C8:9F:10:05:EA:AD:22:7C:13:25:ED:15:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtS8ie60qcifEAXqrSJ8EyXtFWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fb3673-7419-49d8-b6f6-091f7f9b9761/1/yEYsVVFE2KS9JCL4Xmal8cOzasc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fb3673-7419-49d8-b6f6-091f7f9b9761/1/dtS8ie60qcifEAXqrSJ8EyXtFWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.99.0/24
185.176.236.0/22
Signature Algorithm: sha256WithRSAEncryption
42:39:02:d4:68:61:f0:a2:80:df:6c:a3:8b:2c:4a:1b:f6:98:
7e:dd:33:9a:6a:61:e0:43:7c:bc:a6:a8:ac:ab:45:1a:79:b1:
84:e5:18:f3:78:8c:ff:ec:73:dc:0d:e5:47:1c:f9:d1:98:f1:
4c:48:1d:8f:c2:ca:5b:74:3d:31:5e:7e:d8:2a:12:8a:9f:e2:
ee:51:67:4e:c7:3f:2c:8d:1a:9e:da:7d:66:8c:04:3a:05:6d:
bb:a4:70:22:7a:6d:b1:09:95:8f:36:2f:aa:4a:95:0e:c0:2c:
a3:6f:72:51:fd:a8:b7:06:4f:4b:34:b7:2d:a5:bd:a5:c7:4b:
a0:0f:47:fb:b6:75:6d:04:f3:54:1e:86:46:68:bc:db:dc:76:
d6:55:fa:6a:83:f8:75:2b:6d:71:e0:c8:ce:70:00:ec:c4:84:
4c:24:12:27:5b:05:c0:b2:76:ed:7d:45:6c:ff:ad:86:4a:9f:
b1:06:5c:e7:1d:96:3a:26:3d:b2:37:99:fd:d8:ff:bb:6f:0b:
44:a3:73:db:ae:32:55:e0:ad:fe:b2:eb:03:7e:3d:21:b7:f7:
eb:f9:89:44:32:86:59:b6:da:e9:d7:98:bb:b0:fe:68:e0:6f:
dc:bc:69:42:02:66:4c:03:7c:bd:4b:25:62:71:e7:cc:93:39:
1e:d4:c2:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcN0EjtOt+O2ZjQcbh1vnXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDRiYzg5ZWViNGE5Yzg5ZjEwMDVlYWFkMjI3YzEzMjVl
ZDE1NjIwHhcNMjMwMzIzMDkzMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ2MmM1NTUxNDRkOGE0YmQyNDIyZjg1ZTY2YTVmMWMzYjM2YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4K/fQVLNylTvOzGpfZV5HL1r/Na
2kw2ONziiJUD/yR4MyQKtNcoiED6bYlNt9fCZmGcT8cA8R9D1EQWGiwG1v6aJJXe
XaPPgfOz5e1jnnUTCrS1RfEXf/okAWbrjByWNa+oBxrcSdddUBNL4yFgkTDsEtQ+
m3HKPx1jg6U4Dmmc80R7/C6Oj/O6+Yu1Xc0KbJjWPkqNoyN1QX2xKtAn9RPvr+8y
h+2ELLscZHCiWM+v0W/fcFbM61M2juXkJLdUhXBcTbGwMGctdjG9hnp49joWgjxN
0kzXMCP7wHHFoB0WzoBIfpaLdXVt6/vYDHXF4UbkF47cHXhm42KIOzypTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMhGLFVRRNikvSQi+F5mpfHDs2rHMB8GA1UdIwQY
MBaAFHbUvInutKnInxAF6q0ifBMl7RViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRTOGllNjBxY2lmRUFYcXJTSjhFeVh0RldJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYjM2NzMtNzQxOS00OWQ4LWI2ZjYt
MDkxZjdmOWI5NzYxLzEveUVZc1ZWRkUyS1M5SkNMNFhtYWw4Y096YXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYjM2NzMtNzQxOS00OWQ4LWI2ZjYtMDkxZjdmOWI5NzYx
LzEvZHRTOGllNjBxY2lmRUFYcXJTSjhFeVh0RldJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9xjAwQC
ubDsMA0GCSqGSIb3DQEBCwUAA4IBAQBCOQLUaGHwooDfbKOLLEob9ph+3TOaamHg
Q3y8pqisq0UaebGE5RjzeIz/7HPcDeVHHPnRmPFMSB2PwspbdD0xXn7YKhKKn+Lu
UWdOxz8sjRqe2n1mjAQ6BW27pHAiem2xCZWPNi+qSpUOwCyjb3JR/ai3Bk9LNLct
pb2lx0ugD0f7tnVtBPNUHoZGaLzb3HbWVfpqg/h1K21x4MjOcADsxIRMJBInWwXA
snbtfUVs/62GSp+xBlznHZY6Jj2yN5n92P+7bwtEo3PbrjJV4K3+susDfj0ht/fr
+YlEMoZZttrp15i7sP5o4G/cvGlCAmZMA3y9SyVicefMkzke1MIQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:25 2024 by rpki-client on console-ams.rpki-client.org