Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/YP1kNv6XBp2iiuzegBnazEHNLRs.roa
File: YP1kNv6XBp2iiuzegBnazEHNLRs.roa (raw, json)
Hash identifier: 81nRnjQJqRhEas+HVWuutdkOqIp5cnus6mVNYyqto5g=
Subject key identifier: 60:FD:64:36:FE:97:06:9D:A2:8A:EC:DE:80:19:DA:CC:41:CD:2D:1B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018B095C4541BA258E7ED9AAA83266D9108B
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/YP1kNv6XBp2iiuzegBnazEHNLRs.roa
Signing time: Sat 07 Oct 2023 08:58:43 +0000
ROA not before: Sat 07 Oct 2023 08:58:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 5.39.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:5c:45:41:ba:25:8e:7e:d9:aa:a8:32:66:d9:10:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Oct 7 08:58:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60fd6436fe97069da28aecde8019dacc41cd2d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:75:a7:7c:33:94:d7:7a:d0:4b:de:1c:74:
fa:9d:b0:41:63:40:9f:82:ec:7a:b1:76:88:04:71:
28:06:ba:07:d1:ff:e7:01:fc:18:e1:a8:a4:ba:47:
89:ec:50:41:9d:0d:16:5e:18:f5:2d:39:7a:d7:fb:
1b:1b:b1:9a:a3:98:04:52:dd:c4:67:5a:79:9d:d1:
58:97:c8:84:35:b3:30:ac:6f:7e:66:88:ea:1d:54:
8f:7f:ec:c8:9b:24:a0:49:8d:24:ef:66:27:ad:a6:
24:4a:ed:02:28:88:e1:a3:fe:48:6d:eb:f2:26:89:
b8:3b:01:1b:df:5d:a2:bb:7f:66:7c:1b:7c:ac:e8:
70:63:22:db:d2:bc:3a:7c:ef:f0:ee:80:d9:24:99:
b6:c8:75:23:04:d7:bf:05:72:2a:e7:fa:f9:d8:78:
8f:16:3f:c8:91:f1:20:e9:d7:ed:6b:c1:31:03:6b:
e8:b7:16:af:8b:77:f7:cb:d5:6d:c3:88:c0:d9:c7:
35:64:2f:7d:e0:a5:9b:25:e3:38:14:8c:d2:5c:77:
26:3a:c6:78:83:3e:c1:1d:4b:d2:53:99:6e:16:c4:
d3:cb:bb:0a:4a:aa:63:e7:f1:09:5b:16:ee:28:54:
32:cc:69:a6:cf:77:9d:c8:78:5a:3d:61:60:dd:a3:
5b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FD:64:36:FE:97:06:9D:A2:8A:EC:DE:80:19:DA:CC:41:CD:2D:1B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/YP1kNv6XBp2iiuzegBnazEHNLRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.249.0/24
Signature Algorithm: sha256WithRSAEncryption
32:34:c5:28:0a:47:c5:1f:4f:24:85:6d:4e:b2:2b:b1:a2:bb:
47:71:ba:d6:ca:aa:c0:27:de:97:5a:6a:50:8e:cf:ef:30:15:
3c:b8:73:1b:3a:42:6b:8b:81:40:6e:9a:97:48:d5:5f:2f:0c:
ec:3e:5b:2b:2b:11:da:a9:44:f9:33:79:e8:13:4c:14:03:dc:
54:ea:0e:8d:91:b7:0e:27:9a:af:ca:ec:1e:46:a2:a8:05:0b:
ae:87:96:7d:ba:d9:1e:30:90:02:40:1e:3f:82:98:6e:82:4b:
b1:39:2a:dc:36:bb:b4:40:b2:51:39:40:b9:b0:01:e3:d2:c6:
f6:e9:fc:24:fa:bf:6c:c4:14:06:0a:c4:81:ea:48:91:ff:1c:
07:03:fd:af:31:d1:21:95:12:e8:67:f3:5d:eb:e4:3a:d8:24:
0c:8a:bd:5b:08:98:05:99:fd:81:ad:0f:e8:f1:86:97:48:c4:
6b:78:04:9d:0f:c8:88:a5:2f:2f:4e:56:93:19:9b:91:15:09:
ef:dd:5c:fb:95:74:41:e5:05:62:eb:97:bb:11:38:92:e6:81:
fd:65:42:43:98:e4:61:f2:92:90:cd:fc:6e:1f:f8:0e:f5:27:
a6:a7:53:79:15:e0:aa:04:47:ff:0d:a7:5b:7b:92:af:91:0b:
28:b3:e6:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsJXEVBuiWOftmqqDJm2RCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMDA3MDg1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZkNjQzNmZlOTcwNjlkYTI4YWVjZGU4MDE5ZGFjYzQxY2QyZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+p1p3wzlNd60EveHHT6nbBBY0Cf
gux6sXaIBHEoBroH0f/nAfwY4aikukeJ7FBBnQ0WXhj1LTl61/sbG7Gao5gEUt3E
Z1p5ndFYl8iENbMwrG9+ZojqHVSPf+zImySgSY0k72YnraYkSu0CKIjho/5Ibevy
Jom4OwEb312iu39mfBt8rOhwYyLb0rw6fO/w7oDZJJm2yHUjBNe/BXIq5/r52HiP
Fj/IkfEg6dfta8ExA2votxavi3f3y9Vtw4jA2cc1ZC994KWbJeM4FIzSXHcmOsZ4
gz7BHUvSU5luFsTTy7sKSqpj5/EJWxbuKFQyzGmmz3edyHhaPWFg3aNbGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD9ZDb+lwadoors3oAZ2sxBzS0bMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvWVAxa052NlhCcDJpaXV6ZWdCbmF6RUhOTFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSf5MA0G
CSqGSIb3DQEBCwUAA4IBAQAyNMUoCkfFH08khW1OsiuxortHcbrWyqrAJ96XWmpQ
js/vMBU8uHMbOkJri4FAbpqXSNVfLwzsPlsrKxHaqUT5M3noE0wUA9xU6g6NkbcO
J5qvyuweRqKoBQuuh5Z9utkeMJACQB4/gphugkuxOSrcNru0QLJROUC5sAHj0sb2
6fwk+r9sxBQGCsSB6kiR/xwHA/2vMdEhlRLoZ/Nd6+Q62CQMir1bCJgFmf2BrQ/o
8YaXSMRreASdD8iIpS8vTlaTGZuRFQnv3Vz7lXRB5QVi65e7ETiS5oH9ZUJDmORh
8pKQzfxuH/gO9Semp1N5FeCqBEf/Dadbe5KvkQsos+Zc
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:56 2024 by rpki-client on console-ams.rpki-client.org