Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/yjcYkiuJmYVMEU1QItM1Pmp0XO0.roa
File: yjcYkiuJmYVMEU1QItM1Pmp0XO0.roa (raw, json)
Hash identifier: kYDWNe0CuwvX3lZiwH3CumPp6a+z+ip3epAAA/dyvKM=
Subject key identifier: CA:37:18:92:2B:89:99:85:4C:11:4D:50:22:D3:35:3E:6A:74:5C:ED
Certificate issuer: /CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Certificate serial: 018CEDB8804EB41366D3DAAE40936B5DC1AC
Authority key identifier: 0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/yjcYkiuJmYVMEU1QItM1Pmp0XO0.roa
Signing time: Tue 09 Jan 2024 10:15:40 +0000
ROA not before: Tue 09 Jan 2024 10:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22364
IP address blocks: 87.238.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 08:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:b8:80:4e:b4:13:66:d3:da:ae:40:93:6b:5d:c1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b6f1e9f0950e4f39c9c5fee3f868a24eb361ef1
Validity
Not Before: Jan 9 10:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca3718922b8999854c114d5022d3353e6a745ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:bd:d3:9c:b4:50:eb:b7:d8:97:88:22:02:
14:61:d8:50:6e:aa:34:e0:ba:27:fa:37:42:aa:81:
33:03:1c:2b:1d:35:d9:b5:53:36:4b:1c:35:06:dd:
31:10:46:e8:3c:97:d7:25:60:b2:e5:74:0a:00:f5:
3e:98:bc:2c:01:0c:8c:df:94:0e:a7:5b:da:67:3c:
ff:2b:3e:d0:75:cd:58:6e:fd:a7:f9:4c:2c:eb:ed:
0d:be:f0:bb:39:cb:91:09:92:e9:7a:92:12:05:5b:
37:05:81:47:d1:cb:77:fb:76:9a:a7:4a:73:a5:67:
2c:7e:2f:11:04:0a:4e:a0:91:a4:a8:c0:61:d6:d1:
b4:d4:6c:79:52:d1:af:cc:f2:fe:03:44:f1:d2:df:
5e:58:7f:e1:2f:46:6c:82:5b:40:e8:d9:e9:cd:42:
d6:fd:9f:aa:f4:ca:0c:07:a9:0e:2d:69:4e:81:22:
96:75:89:bc:5e:56:00:2c:dd:e2:9d:56:bf:50:13:
70:fe:9e:d5:ab:60:54:61:0d:8f:da:b0:24:77:8f:
69:be:be:bc:6a:24:fa:db:19:09:47:2d:c4:a6:f2:
10:cd:57:da:0b:25:6a:24:74:f2:e8:eb:12:0f:21:
c7:b9:c7:d7:4f:05:ac:f5:9d:bd:b5:8d:d3:66:31:
52:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:18:92:2B:89:99:85:4C:11:4D:50:22:D3:35:3E:6A:74:5C:ED
X509v3 Authority Key Identifier:
keyid:0B:6F:1E:9F:09:50:E4:F3:9C:9C:5F:EE:3F:86:8A:24:EB:36:1E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C28enwlQ5POcnF_uP4aKJOs2HvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/yjcYkiuJmYVMEU1QItM1Pmp0XO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e69bd3-215e-4422-9170-081bcbac4daf/1/C28enwlQ5POcnF_uP4aKJOs2HvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:41:95:48:95:98:08:f2:56:01:6a:24:79:1d:6a:2d:54:5e:
82:97:03:97:48:b9:6c:1d:0e:dc:51:1a:44:e7:03:3a:eb:ea:
4b:4a:28:3e:06:15:a6:7e:ae:16:d2:e4:c1:3b:5c:2a:fa:63:
c6:ab:16:09:92:a9:da:d2:aa:d2:48:f5:f9:d2:fb:fd:c2:a6:
3c:70:57:82:fe:c7:43:19:91:31:51:85:73:96:a0:1f:ec:0d:
eb:63:3c:56:56:ac:b5:25:e1:0f:1c:b7:fe:44:8c:33:6c:c4:
a9:c0:55:32:7a:5f:64:0b:6d:81:bc:2c:86:af:b5:f6:51:56:
7b:ee:0b:75:5e:76:f9:ac:bc:41:be:a3:58:37:0f:d8:7c:97:
63:e2:7f:c4:16:06:98:37:4d:78:b7:20:20:a3:76:68:b2:60:
56:90:2b:d9:aa:73:a4:bf:b3:ae:f5:3d:de:38:42:c5:ab:fe:
35:a3:9a:08:e5:a9:75:a9:83:7b:0a:ca:76:54:dc:da:f0:87:
ef:f8:d5:bb:a4:f6:3e:60:13:18:cd:a4:30:76:5f:85:3a:99:
58:0b:1c:58:26:e9:ed:6b:ec:1b:19:22:68:3e:28:61:9c:ac:
d7:01:e0:7e:06:9b:03:15:74:e9:e2:29:d6:60:28:18:41:7e:
47:3b:4d:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYztuIBOtBNm09quQJNrXcGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNmYxZTlmMDk1MGU0ZjM5YzljNWZlZTNmODY4YTI0ZWIz
NjFlZjEwHhcNMjQwMTA5MTAxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM3MTg5MjJiODk5OTg1NGMxMTRkNTAyMmQzMzUzZTZhNzQ1Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWO905y0UOu32JeIIgIUYdhQbqo0
4Lon+jdCqoEzAxwrHTXZtVM2Sxw1Bt0xEEboPJfXJWCy5XQKAPU+mLwsAQyM35QO
p1vaZzz/Kz7Qdc1Ybv2n+Uws6+0NvvC7OcuRCZLpepISBVs3BYFH0ct3+3aap0pz
pWcsfi8RBApOoJGkqMBh1tG01Gx5UtGvzPL+A0Tx0t9eWH/hL0ZsgltA6NnpzULW
/Z+q9MoMB6kOLWlOgSKWdYm8XlYALN3inVa/UBNw/p7Vq2BUYQ2P2rAkd49pvr68
aiT62xkJRy3EpvIQzVfaCyVqJHTy6OsSDyHHucfXTwWs9Z29tY3TZjFSnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMo3GJIriZmFTBFNUCLTNT5qdFztMB8GA1UdIwQY
MBaAFAtvHp8JUOTznJxf7j+GiiTrNh7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAt
MDgxYmNiYWM0ZGFmLzEveWpjWWtpdUptWVZNRVUxUUl0TTFQbXAwWE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lNjliZDMtMjE1ZS00NDIyLTkxNzAtMDgxYmNiYWM0ZGFm
LzEvQzI4ZW53bFE1UE9jbkZfdVA0YUtKT3MySHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+7zMA0G
CSqGSIb3DQEBCwUAA4IBAQAKQZVIlZgI8lYBaiR5HWotVF6ClwOXSLlsHQ7cURpE
5wM66+pLSig+BhWmfq4W0uTBO1wq+mPGqxYJkqna0qrSSPX50vv9wqY8cFeC/sdD
GZExUYVzlqAf7A3rYzxWVqy1JeEPHLf+RIwzbMSpwFUyel9kC22BvCyGr7X2UVZ7
7gt1Xnb5rLxBvqNYNw/YfJdj4n/EFgaYN014tyAgo3ZosmBWkCvZqnOkv7Ou9T3e
OELFq/41o5oI5al1qYN7Csp2VNza8Ifv+NW7pPY+YBMYzaQwdl+FOplYCxxYJunt
a+wbGSJoPihhnKzXAeB+BpsDFXTp4inWYCgYQX5HO01h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:37 2024 by rpki-client on console-fra.rpki-client.org