Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yBNav4_WOsdqLNjjHvtAqx2MpSY.roa
File: yBNav4_WOsdqLNjjHvtAqx2MpSY.roa (raw, json)
Hash identifier: 8uLP9kTr+6C7JQrYNNZI278ryHXga9+CnPdf8MI/gQQ=
Subject key identifier: C8:13:5A:BF:8F:D6:3A:C7:6A:2C:D8:E3:1E:FB:40:AB:1D:8C:A5:26
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018E5BF6CED97BD1F5758B5F586B6A4C8BE7
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yBNav4_WOsdqLNjjHvtAqx2MpSY.roa
Signing time: Wed 20 Mar 2024 13:04:45 +0000
ROA not before: Wed 20 Mar 2024 13:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 91.228.13.0/24 maxlen: 24
94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 19:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:f6:ce:d9:7b:d1:f5:75:8b:5f:58:6b:6a:4c:8b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Mar 20 13:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8135abf8fd63ac76a2cd8e31efb40ab1d8ca526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:8f:9d:4d:a1:ff:84:70:a5:4a:df:7e:c8:
fa:41:57:2d:ba:0d:e8:86:80:bb:e5:ed:d0:20:39:
fb:21:33:f5:0d:f0:43:42:50:09:ee:38:18:cc:ec:
af:f3:64:01:c6:7d:a5:c0:6b:83:88:f8:30:27:1a:
b3:e8:72:19:13:61:70:51:62:5c:4b:84:48:fa:63:
e3:9d:0d:a8:f8:1d:0f:c5:13:a1:58:00:7f:64:7e:
c4:76:72:d6:62:6e:d7:d6:6a:0c:fc:9d:31:72:ba:
48:15:1b:97:f3:c3:63:17:de:a1:72:a6:a5:b9:1d:
5d:39:4c:c5:ca:b0:5a:46:b1:d6:b6:8f:17:35:ec:
de:e6:63:d7:8c:97:12:34:26:cc:44:50:71:99:a9:
ec:87:32:c3:93:4a:37:37:78:63:6c:0e:a3:4d:85:
b6:f4:f5:03:b6:95:b3:9a:45:55:b7:6e:2c:12:f2:
ea:6c:bb:32:4a:69:21:1f:7c:41:57:68:32:eb:e2:
e7:f3:47:5e:16:21:06:db:e9:be:17:a9:ec:99:62:
ff:28:ad:07:e3:a2:da:fb:18:58:1f:95:35:76:05:
d1:46:b8:a1:23:98:bd:56:0d:8b:52:75:c0:85:e7:
02:8d:2b:d0:6e:29:24:95:d3:52:60:f6:5e:df:91:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:13:5A:BF:8F:D6:3A:C7:6A:2C:D8:E3:1E:FB:40:AB:1D:8C:A5:26
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/yBNav4_WOsdqLNjjHvtAqx2MpSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
67:3a:cc:75:7d:ec:67:0a:5a:0f:47:0a:52:29:12:1b:e8:11:
32:e7:41:85:ff:38:d6:57:78:01:d0:34:2c:bd:18:2a:ea:a1:
31:4b:24:20:b9:43:c7:1b:f3:cb:40:42:cf:4c:d9:fc:7d:1f:
c2:ee:f4:fe:1a:49:d5:cc:ce:c5:73:4b:77:9c:62:10:01:1f:
f1:25:76:5e:bf:1c:b1:f6:0e:19:09:79:aa:aa:a5:ca:29:07:
7e:66:13:24:9d:fd:a0:f2:8c:3b:db:9a:e4:4d:77:eb:03:27:
13:73:b5:25:e1:9e:6b:1f:4c:49:d9:fb:20:d2:7b:3b:a9:bc:
d1:d0:79:77:1c:76:0c:f8:2a:59:b7:c0:45:dc:2f:d2:09:f6:
55:cc:77:d3:ab:4b:7a:42:ec:32:4e:7a:ab:c2:5a:98:85:57:
e0:13:e3:06:4a:c2:68:cb:85:c5:31:12:91:6e:4f:1f:eb:00:
59:8e:35:19:95:cb:d6:e3:df:59:df:80:6d:a7:ff:8c:6f:ed:
48:26:63:2b:07:49:00:0a:97:d9:dd:6c:25:f9:39:d7:bf:b8:
83:3b:09:b2:b5:2c:9d:dd:8d:b2:c1:4d:71:81:c7:81:25:35:
42:b9:d0:2e:87:48:ff:2d:7b:df:de:00:2d:2c:68:1c:12:89:
66:71:f0:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5b9s7Ze9H1dYtfWGtqTIvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMzIwMTMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODEzNWFiZjhmZDYzYWM3NmEyY2Q4ZTMxZWZiNDBhYjFkOGNhNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDiPnU2h/4RwpUrffsj6QVctug3o
hoC75e3QIDn7ITP1DfBDQlAJ7jgYzOyv82QBxn2lwGuDiPgwJxqz6HIZE2FwUWJc
S4RI+mPjnQ2o+B0PxROhWAB/ZH7EdnLWYm7X1moM/J0xcrpIFRuX88NjF96hcqal
uR1dOUzFyrBaRrHWto8XNeze5mPXjJcSNCbMRFBxmanshzLDk0o3N3hjbA6jTYW2
9PUDtpWzmkVVt24sEvLqbLsySmkhH3xBV2gy6+Ln80deFiEG2+m+F6nsmWL/KK0H
46La+xhYH5U1dgXRRrihI5i9Vg2LUnXAhecCjSvQbikkldNSYPZe35HNIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMgTWr+P1jrHaizY4x77QKsdjKUmMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEveUJOYXY0X1dPc2RxTE5qakh2dEFxeDJNcFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+QNAwQA
XpoiAwQBXpokMA0GCSqGSIb3DQEBCwUAA4IBAQBnOsx1fexnCloPRwpSKRIb6BEy
50GF/zjWV3gB0DQsvRgq6qExSyQguUPHG/PLQELPTNn8fR/C7vT+GknVzM7Fc0t3
nGIQAR/xJXZevxyx9g4ZCXmqqqXKKQd+ZhMknf2g8ow725rkTXfrAycTc7Ul4Z5r
H0xJ2fsg0ns7qbzR0Hl3HHYM+CpZt8BF3C/SCfZVzHfTq0t6QuwyTnqrwlqYhVfg
E+MGSsJoy4XFMRKRbk8f6wBZjjUZlcvW499Z34Btp/+Mb+1IJmMrB0kACpfZ3Wwl
+TnXv7iDOwmytSyd3Y2ywU1xgceBJTVCudAuh0j/LXvf3gAtLGgcEolmcfA+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org