Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/35df0a-8af6-4ff0-b345-0d27767374ec/1/YaZ3tGF7vQLPfZ7D5cehM14Q0NI.roa
File: YaZ3tGF7vQLPfZ7D5cehM14Q0NI.roa (raw, json)
Hash identifier: oBznLQ/ZkSXUJX5K/ZojuuBp6tn2p1T11vgPmww2x6U=
Subject key identifier: 61:A6:77:B4:61:7B:BD:02:CF:7D:9E:C3:E5:C7:A1:33:5E:10:D0:D2
Certificate issuer: /CN=121f13882dd06d098ec49a759101329b1f201f1d
Certificate serial: 018571F11B2B2FB83DA9EE9D27A70009C24A
Authority key identifier: 12:1F:13:88:2D:D0:6D:09:8E:C4:9A:75:91:01:32:9B:1F:20:1F:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eh8TiC3QbQmOxJp1kQEymx8gHx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/35df0a-8af6-4ff0-b345-0d27767374ec/1/YaZ3tGF7vQLPfZ7D5cehM14Q0NI.roa
Signing time: Mon 02 Jan 2023 10:05:04 +0000
ROA not before: Mon 02 Jan 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2202
IP address blocks: 147.210.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:1b:2b:2f:b8:3d:a9:ee:9d:27:a7:00:09:c2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=121f13882dd06d098ec49a759101329b1f201f1d
Validity
Not Before: Jan 2 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61a677b4617bbd02cf7d9ec3e5c7a1335e10d0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:41:5b:c5:dd:80:75:e1:62:02:82:00:3b:
7b:eb:da:99:7a:55:0d:0a:73:26:d8:84:32:2f:ec:
ad:02:df:36:f4:0b:05:05:3c:12:ea:85:c1:ab:6e:
b0:39:c2:c6:d7:ec:a3:f9:d4:6b:bd:d9:08:76:da:
52:9f:e8:6e:ce:97:9f:14:84:ea:41:99:63:9d:e3:
94:14:9c:b8:87:19:eb:cc:d0:c0:93:ba:67:b1:39:
22:1b:8a:bd:49:eb:bc:bd:89:f9:f2:2e:1c:a7:be:
72:68:42:a7:e2:29:4c:37:6b:af:00:db:74:40:8f:
ac:65:d2:26:21:af:b0:d3:2a:10:cf:c5:2c:6c:2c:
19:d3:25:cd:f8:68:96:5d:61:96:82:83:36:ad:9d:
e7:2b:d3:c0:96:b7:26:99:48:33:05:b8:ba:a9:1f:
f1:d3:ad:ab:bd:41:8d:f6:8c:fb:69:1f:6b:35:9f:
4b:08:d3:10:69:0a:e9:92:46:3e:f9:f7:e3:9a:57:
87:3c:b5:77:2c:5c:2a:cd:d0:72:77:b3:97:0f:f9:
01:09:43:b2:be:e7:ec:56:40:bd:b4:ff:de:3f:58:
19:ec:15:0d:91:c5:da:c4:f7:86:3e:80:a7:56:84:
a7:1e:12:2f:98:59:b8:5c:07:35:98:24:83:29:97:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A6:77:B4:61:7B:BD:02:CF:7D:9E:C3:E5:C7:A1:33:5E:10:D0:D2
X509v3 Authority Key Identifier:
keyid:12:1F:13:88:2D:D0:6D:09:8E:C4:9A:75:91:01:32:9B:1F:20:1F:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eh8TiC3QbQmOxJp1kQEymx8gHx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/35df0a-8af6-4ff0-b345-0d27767374ec/1/YaZ3tGF7vQLPfZ7D5cehM14Q0NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/35df0a-8af6-4ff0-b345-0d27767374ec/1/Eh8TiC3QbQmOxJp1kQEymx8gHx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.210.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:82:4b:bc:cd:e9:ac:5f:a3:e7:4d:22:ee:3b:e4:61:ee:0a:
db:08:c0:ba:b9:27:db:48:ec:5d:4e:9a:54:e2:50:99:fa:b0:
7e:1d:28:e3:48:ff:90:40:8a:e4:b0:71:99:75:88:fd:19:23:
8d:83:a3:66:8a:39:e0:34:be:dd:1d:0a:2e:da:40:d5:70:2e:
fd:63:cd:0e:6a:36:1d:32:e2:5f:2b:3a:7a:d9:16:31:44:93:
87:9a:c8:23:f8:84:f3:96:d2:dc:4f:8c:ef:b5:81:07:a4:23:
7b:57:36:aa:05:28:87:c6:1f:3d:0f:a7:52:c8:18:85:e3:d1:
d3:d1:65:23:46:07:f0:7e:4e:47:40:e1:dc:db:1f:b0:1f:de:
8b:38:b4:1b:cd:03:2e:ee:51:cb:ca:d5:b8:c3:27:56:1d:51:
11:01:93:e4:75:28:55:12:9b:71:14:9b:08:f1:0e:d3:48:74:
83:c1:ec:4d:6a:79:68:3f:0e:90:3e:90:bc:2f:48:fc:30:4b:
7c:f4:88:f1:32:0e:3e:52:c4:21:77:93:05:6e:04:7d:e3:82:
14:b1:f3:66:9d:15:0d:3f:a5:10:37:9f:82:de:c5:75:70:56:
12:12:6e:34:33:0c:af:10:b0:66:79:b2:ca:98:9e:22:b8:70:
91:e0:48:e0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVx8RsrL7g9qe6dJ6cACcJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMWYxMzg4MmRkMDZkMDk4ZWM0OWE3NTkxMDEzMjliMWYy
MDFmMWQwHhcNMjMwMTAyMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE2NzdiNDYxN2JiZDAyY2Y3ZDllYzNlNWM3YTEzMzVlMTBkMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaFBW8XdgHXhYgKCADt769qZelUN
CnMm2IQyL+ytAt829AsFBTwS6oXBq26wOcLG1+yj+dRrvdkIdtpSn+huzpefFITq
QZljneOUFJy4hxnrzNDAk7pnsTkiG4q9Seu8vYn58i4cp75yaEKn4ilMN2uvANt0
QI+sZdImIa+w0yoQz8UsbCwZ0yXN+GiWXWGWgoM2rZ3nK9PAlrcmmUgzBbi6qR/x
062rvUGN9oz7aR9rNZ9LCNMQaQrpkkY++ffjmleHPLV3LFwqzdByd7OXD/kBCUOy
vufsVkC9tP/eP1gZ7BUNkcXaxPeGPoCnVoSnHhIvmFm4XAc1mCSDKZdYpQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGGmd7Rhe70Cz32ew+XHoTNeENDSMB8GA1UdIwQY
MBaAFBIfE4gt0G0JjsSadZEBMpsfIB8dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWg4VGlDM1FiUW1PeEpwMWtRRXlteDhnSHgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNWRmMGEtOGFmNi00ZmYwLWIzNDUt
MGQyNzc2NzM3NGVjLzEvWWFaM3RHRjd2UUxQZlo3RDVjZWhNMTRRME5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNWRmMGEtOGFmNi00ZmYwLWIzNDUtMGQyNzc2NzM3NGVj
LzEvRWg4VGlDM1FiUW1PeEpwMWtRRXlteDhnSHgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk9IwDQYJ
KoZIhvcNAQELBQADggEBAIWCS7zN6axfo+dNIu475GHuCtsIwLq5J9tI7F1OmlTi
UJn6sH4dKONI/5BAiuSwcZl1iP0ZI42Do2aKOeA0vt0dCi7aQNVwLv1jzQ5qNh0y
4l8rOnrZFjFEk4eayCP4hPOW0txPjO+1gQekI3tXNqoFKIfGHz0Pp1LIGIXj0dPR
ZSNGB/B+TkdA4dzbH7Af3os4tBvNAy7uUcvK1bjDJ1YdUREBk+R1KFUSm3EUmwjx
DtNIdIPB7E1qeWg/DpA+kLwvSPwwS3z0iPEyDj5SxCF3kwVuBH3jghSx82adFQ0/
pRA3n4LexXVwVhISbjQzDK8QsGZ5ssqYniK4cJHgSOA=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:55 2024 by rpki-client on console-ams.rpki-client.org