Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/yMY9O9mYmT3dVV3XOGHv9qw_iYM.roa
File: yMY9O9mYmT3dVV3XOGHv9qw_iYM.roa (raw, json)
Hash identifier: OOEigwuIopo6ioIZOKC1N3mUdmqaAN22it5pLnJPNVE=
Subject key identifier: C8:C6:3D:3B:D9:98:99:3D:DD:55:5D:D7:38:61:EF:F6:AC:3F:89:83
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018E02683814010C6A6BBFE9F52A82D885AF
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/yMY9O9mYmT3dVV3XOGHv9qw_iYM.roa
Signing time: Sun 03 Mar 2024 03:42:48 +0000
ROA not before: Sun 03 Mar 2024 03:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 45.91.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 11:17:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:02:68:38:14:01:0c:6a:6b:bf:e9:f5:2a:82:d8:85:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Mar 3 03:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8c63d3bd998993ddd555dd73861eff6ac3f8983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:34:ef:e9:f8:97:a6:53:bd:8b:fc:c2:3e:
be:ea:d8:20:bb:37:08:76:5e:4e:5d:96:5a:ce:b8:
4a:c5:73:15:a2:44:dc:29:1a:67:0c:89:b8:5a:7b:
06:49:c6:60:e0:05:f9:97:7a:03:d3:8b:6e:da:9f:
fb:46:49:2e:8c:e2:97:dc:86:92:e4:96:29:cf:24:
a1:37:bc:da:c0:33:b7:6c:04:a1:25:98:24:7f:56:
6f:7c:5a:cc:9c:54:3d:1c:5a:d3:ed:aa:d0:1e:17:
4a:a3:ff:9a:e3:af:08:73:95:f6:09:e5:20:9e:74:
bc:2e:3a:0d:58:93:19:8e:f8:9a:80:85:ad:ae:e8:
30:29:65:16:12:71:11:8c:5b:19:49:5d:e3:e5:19:
5a:87:53:98:65:4e:6f:8d:a2:36:cc:3a:c7:a5:a0:
d8:a4:66:e2:8a:87:2d:f1:96:1f:52:0b:6d:3b:4d:
ba:f2:bb:e9:71:14:88:81:9d:24:7e:b2:ab:7d:86:
cf:ae:2c:23:0f:08:4b:7b:c3:35:e9:43:b6:ae:a4:
38:05:55:38:c7:02:17:c6:6f:47:f9:b5:67:79:71:
3a:d2:47:2b:46:de:49:83:ef:49:ac:cf:d7:be:8f:
33:7e:d0:77:e7:9e:d7:33:24:73:46:dc:25:4c:13:
22:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C6:3D:3B:D9:98:99:3D:DD:55:5D:D7:38:61:EF:F6:AC:3F:89:83
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/yMY9O9mYmT3dVV3XOGHv9qw_iYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.224.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fa:c4:35:c3:96:17:31:ab:86:b7:6b:6b:c9:79:ad:35:52:
e3:32:c3:3d:16:8a:3e:66:52:41:3e:c6:fd:46:24:ae:e3:73:
70:e1:bb:d4:f0:2f:2c:28:94:4e:b5:c5:85:92:6c:75:86:fd:
20:21:b6:dc:ee:dd:ae:79:37:82:5e:94:7d:cb:95:be:2f:e8:
98:26:75:d8:95:72:56:82:2f:c8:5c:c2:2a:9f:f6:bb:92:c2:
ea:42:7e:19:8e:bb:c3:a5:a0:33:96:3b:c0:98:b4:e8:01:62:
20:4d:fc:c2:5a:81:e9:c1:48:7d:e3:34:30:25:d8:ed:f9:d1:
95:bf:1b:ec:f5:fa:0b:2f:3f:bb:1a:9a:3c:84:46:c8:75:74:
2d:bf:eb:25:6b:b3:c5:41:7f:00:d0:ff:fc:7b:bf:1c:0c:22:
1c:6c:f6:7f:50:9d:57:19:4c:eb:9d:a1:80:08:bb:8e:55:9b:
ae:d5:0a:89:b5:02:e4:15:de:ba:19:99:54:74:d7:3d:de:18:
c8:61:c3:0d:70:1c:0b:ea:ba:bb:2d:ee:58:58:a7:46:42:78:
09:38:73:21:de:54:49:7d:0c:8f:79:c0:57:8e:1b:f4:40:b2:
60:47:89:fc:68:80:cf:13:0c:1f:e5:a7:2d:a0:9b:8e:51:4b:
e3:0e:61:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4CaDgUAQxqa7/p9SqC2IWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwMzAzMDM0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM2M2QzYmQ5OTg5OTNkZGQ1NTVkZDczODYxZWZmNmFjM2Y4OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzM07+n4l6ZTvYv8wj6+6tgguzcI
dl5OXZZazrhKxXMVokTcKRpnDIm4WnsGScZg4AX5l3oD04tu2p/7RkkujOKX3IaS
5JYpzyShN7zawDO3bAShJZgkf1ZvfFrMnFQ9HFrT7arQHhdKo/+a468Ic5X2CeUg
nnS8LjoNWJMZjviagIWtrugwKWUWEnERjFsZSV3j5Rlah1OYZU5vjaI2zDrHpaDY
pGbiioct8ZYfUgttO0268rvpcRSIgZ0kfrKrfYbPriwjDwhLe8M16UO2rqQ4BVU4
xwIXxm9H+bVneXE60kcrRt5Jg+9JrM/Xvo8zftB3557XMyRzRtwlTBMiNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjGPTvZmJk93VVd1zhh7/asP4mDMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEveU1ZOU85bVltVDNkVlYzWE9HSHY5cXdfaVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVvgMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ+sQ1w5YXMauGt2tryXmtNVLjMsM9Foo+ZlJBPsb9
RiSu43Nw4bvU8C8sKJROtcWFkmx1hv0gIbbc7t2ueTeCXpR9y5W+L+iYJnXYlXJW
gi/IXMIqn/a7ksLqQn4ZjrvDpaAzljvAmLToAWIgTfzCWoHpwUh94zQwJdjt+dGV
vxvs9foLLz+7Gpo8hEbIdXQtv+sla7PFQX8A0P/8e78cDCIcbPZ/UJ1XGUzrnaGA
CLuOVZuu1QqJtQLkFd66GZlUdNc93hjIYcMNcBwL6rq7Le5YWKdGQngJOHMh3lRJ
fQyPecBXjhv0QLJgR4n8aIDPEwwf5actoJuOUUvjDmFR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org