Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YnVmTx67eCs6PihD7qJ6Yq65y68.roa
File: YnVmTx67eCs6PihD7qJ6Yq65y68.roa (raw, json)
Hash identifier: kOf6W+10fEYCZJijT91+cCbKbTdFcp4RDIrwVGCPtEA=
Subject key identifier: 62:75:66:4F:1E:BB:78:2B:3A:3E:28:43:EE:A2:7A:62:AE:B9:CB:AF
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 01856F825D698908F2C729F6E2A866C44A27
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YnVmTx67eCs6PihD7qJ6Yq65y68.roa
Signing time: Sun 01 Jan 2023 22:44:52 +0000
ROA not before: Sun 01 Jan 2023 22:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 213.209.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 May 2023 10:06:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:5d:69:89:08:f2:c7:29:f6:e2:a8:66:c4:4a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 1 22:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6275664f1ebb782b3a3e2843eea27a62aeb9cbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7f:96:f4:94:f7:b2:1a:0b:f8:f5:bd:46:5e:
29:83:d7:f5:0e:07:82:ec:bc:c2:2f:14:f6:40:ec:
ee:94:99:0f:33:aa:00:57:06:b8:bc:83:19:bf:40:
39:cd:b5:8c:ef:ea:62:77:f1:61:bf:a7:c6:92:45:
7a:28:f2:c4:ba:4b:7c:48:71:32:e3:cf:8d:42:f6:
a6:90:44:26:0d:0e:c4:08:13:74:7a:9f:eb:44:29:
19:f5:3f:94:04:f7:72:61:73:99:57:c1:e7:af:7e:
e0:90:09:47:ac:1a:02:77:e8:b7:9d:3b:bd:c2:83:
83:2b:ed:96:26:1a:10:36:d7:6c:1e:01:d7:97:f5:
d1:ba:7f:34:9c:6c:db:09:ba:cc:b7:f4:3e:0f:a6:
dc:c5:51:b0:74:dd:92:5d:4e:95:ec:02:f9:32:5f:
9c:ae:32:43:eb:f3:86:c6:d3:47:dc:e8:6c:65:25:
25:de:bd:f2:20:7a:18:26:3f:9e:f4:f8:36:68:87:
6c:58:43:01:3c:05:9c:d5:22:53:e5:28:82:8c:cd:
98:b1:1a:ee:31:11:0a:c4:a7:95:5b:c5:5a:68:8e:
4c:ba:88:bc:5c:4c:19:cc:cc:78:7f:27:d3:a6:81:
d0:84:4f:52:db:e4:ce:ec:ad:64:47:8b:5f:54:da:
84:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:75:66:4F:1E:BB:78:2B:3A:3E:28:43:EE:A2:7A:62:AE:B9:CB:AF
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/YnVmTx67eCs6PihD7qJ6Yq65y68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.209.130.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:c6:2b:8c:9a:d2:e8:d2:a7:b7:76:3b:f8:63:f1:96:3f:05:
30:73:4b:30:40:55:aa:cf:2b:72:d7:bd:3b:df:f5:b4:b3:88:
b8:e4:9e:c0:11:b5:c3:e1:86:de:f9:d5:62:b1:10:08:72:a9:
c2:88:90:d5:58:53:a3:3c:14:8b:b6:6d:47:b2:a0:94:8f:f7:
9b:98:b3:ec:9a:9f:c5:4b:8a:b2:7d:6f:7e:15:2d:a8:0c:f7:
9b:22:3f:6f:21:2c:a4:4c:d3:f4:70:85:62:c6:34:97:1f:1c:
dc:08:b9:55:18:41:34:b0:88:ce:63:cf:36:11:c0:7a:5c:7f:
9e:76:71:12:84:75:66:2a:6c:f9:65:59:fe:cb:11:aa:59:3f:
bc:f3:c0:83:10:5d:0b:cd:bd:d0:01:30:36:d3:bf:36:75:26:
da:85:31:39:42:25:d9:16:22:0f:9e:32:79:d3:74:af:d3:01:
47:bd:d3:bc:a7:75:30:05:c9:fa:64:c8:d7:27:21:09:e6:86:
e8:37:a2:44:37:8a:fc:ee:18:7c:72:7d:f4:8c:c2:84:68:0c:
7d:12:cc:9d:65:6b:5e:fd:77:b6:ec:c8:a4:8f:7f:16:bf:57:
03:9f:fc:49:cb:77:01:ca:95:d4:a8:a4:84:06:f7:35:0a:9c:
26:13:bd:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgl1piQjyxyn24qhmxEonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMTAxMjI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc1NjY0ZjFlYmI3ODJiM2EzZTI4NDNlZWEyN2E2MmFlYjljYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3+W9JT3shoL+PW9Rl4pg9f1DgeC
7LzCLxT2QOzulJkPM6oAVwa4vIMZv0A5zbWM7+pid/Fhv6fGkkV6KPLEukt8SHEy
48+NQvamkEQmDQ7ECBN0ep/rRCkZ9T+UBPdyYXOZV8Hnr37gkAlHrBoCd+i3nTu9
woODK+2WJhoQNtdsHgHXl/XRun80nGzbCbrMt/Q+D6bcxVGwdN2SXU6V7AL5Ml+c
rjJD6/OGxtNH3OhsZSUl3r3yIHoYJj+e9Pg2aIdsWEMBPAWc1SJT5SiCjM2YsRru
MREKxKeVW8VaaI5Muoi8XEwZzMx4fyfTpoHQhE9S2+TO7K1kR4tfVNqE1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJ1Zk8eu3grOj4oQ+6iemKuucuvMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvWW5WbVR4NjdlQ3M2UGloRDdxSjZZcTY1eTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1dGCMA0G
CSqGSIb3DQEBCwUAA4IBAQC3xiuMmtLo0qe3djv4Y/GWPwUwc0swQFWqzyty1707
3/W0s4i45J7AEbXD4Ybe+dVisRAIcqnCiJDVWFOjPBSLtm1HsqCUj/ebmLPsmp/F
S4qyfW9+FS2oDPebIj9vISykTNP0cIVixjSXHxzcCLlVGEE0sIjOY882EcB6XH+e
dnEShHVmKmz5ZVn+yxGqWT+888CDEF0Lzb3QATA20782dSbahTE5QiXZFiIPnjJ5
03Sv0wFHvdO8p3UwBcn6ZMjXJyEJ5oboN6JEN4r87hh8cn30jMKEaAx9EsydZWte
/Xe27Mikj38Wv1cDn/xJy3cBypXUqKSEBvc1CpwmE70f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org