Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Y9SYmLw1U_VDRGPISsM4xA36n80.roa
File: Y9SYmLw1U_VDRGPISsM4xA36n80.roa (raw, json)
Hash identifier: n54DNUdksQM/HwAEXEn06K1EQygjeZ+7TEwsFga5Mek=
Subject key identifier: 63:D4:98:98:BC:35:53:F5:43:44:63:C8:4A:C3:38:C4:0D:FA:9F:CD
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 018573562AF5D53B6FCD4CC494607053D767
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Y9SYmLw1U_VDRGPISsM4xA36n80.roa
Signing time: Mon 02 Jan 2023 16:35:04 +0000
ROA not before: Mon 02 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206995
IP address blocks: 176.42.9.0/24 maxlen: 24
176.42.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 15:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:2a:f5:d5:3b:6f:cd:4c:c4:94:60:70:53:d7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 2 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63d49898bc3553f5434463c84ac338c40dfa9fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:bf:6c:f3:81:0a:41:68:8b:c1:24:0b:41:
ed:a1:0e:b5:90:a2:ac:05:d5:10:73:3d:69:6d:e6:
2f:85:64:9c:d0:8e:dc:e9:5c:b2:9c:e3:0d:3b:1b:
fc:ec:00:7d:fd:b6:7a:ed:ef:0a:f2:09:40:c9:ec:
6f:fe:4c:a9:c8:79:40:1a:51:d9:ad:6c:13:b2:5a:
9d:d2:b2:7c:8b:a2:15:2e:64:f1:b1:a6:98:a1:35:
af:ab:53:cc:e0:58:13:27:18:3e:58:b6:dc:05:aa:
5f:a7:3a:d6:4a:a9:9a:8a:4f:d0:fb:8a:cc:87:18:
72:23:9e:21:d6:b8:f2:11:99:8c:ce:de:85:cc:6a:
55:1a:6b:f0:31:3f:12:8e:5d:40:49:8a:94:a4:73:
4c:07:d6:d2:d3:08:c2:38:66:aa:76:68:3b:28:53:
45:29:22:ff:53:62:29:be:06:07:60:7b:57:45:f9:
b1:12:df:a5:07:de:2d:bf:3a:43:8c:ed:ab:32:b1:
8a:18:05:42:67:6f:09:68:99:6d:ce:18:cb:81:74:
c1:24:51:96:17:c0:d8:42:16:54:86:4d:f2:60:b3:
18:86:03:b5:cc:03:36:b1:43:32:60:93:b7:42:e9:
b6:59:4f:c7:55:88:8c:b6:f7:17:71:25:bb:0c:ca:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D4:98:98:BC:35:53:F5:43:44:63:C8:4A:C3:38:C4:0D:FA:9F:CD
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/Y9SYmLw1U_VDRGPISsM4xA36n80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.42.9.0/24
176.42.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:ee:91:32:74:9b:9e:ce:32:1c:66:0c:52:4b:0a:b2:ff:ba:
86:2e:3d:bb:50:71:e1:ee:6c:0a:66:7c:31:16:75:b0:ca:c8:
bf:06:e6:ae:41:06:5d:b3:28:5d:23:f1:53:c9:1d:c8:f2:85:
84:35:8b:7f:a2:3a:47:92:5a:a5:84:0c:d4:c4:df:90:5a:1d:
22:28:f3:c8:4f:11:f8:4c:90:6a:66:07:bf:63:e7:3d:7a:5e:
da:ec:ef:3e:11:9e:d9:26:75:3a:e3:be:5e:5e:bc:e1:fc:4a:
23:f8:2b:7e:aa:23:9f:5d:f3:b3:b6:70:a5:13:47:aa:cf:08:
fa:0f:78:80:f9:26:b9:a5:ea:20:a8:97:3c:40:3b:18:35:e6:
09:37:ae:3d:8b:56:10:29:74:73:a1:d5:94:8e:f8:42:ac:6a:
5b:ac:35:6b:57:7a:fb:f9:5d:01:40:51:b5:0e:90:d9:e6:52:
cf:89:3a:28:61:e8:46:67:87:77:5a:e5:ad:0d:8c:30:90:56:
7b:d1:f8:fc:50:ec:dc:43:a3:c0:bc:d5:72:55:98:d5:fa:b8:
65:8d:36:06:2f:b3:aa:09:a9:11:38:e0:be:07:93:53:30:22:
f6:65:f4:be:b6:60:88:b6:92:06:22:a8:84:a1:29:82:12:81:
5f:1e:0f:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzVir11TtvzUzElGBwU9dnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwMTAyMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q0OTg5OGJjMzU1M2Y1NDM0NDYzYzg0YWMzMzhjNDBkZmE5ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmO/bPOBCkFoi8EkC0HtoQ61kKKs
BdUQcz1pbeYvhWSc0I7c6VyynOMNOxv87AB9/bZ67e8K8glAyexv/kypyHlAGlHZ
rWwTslqd0rJ8i6IVLmTxsaaYoTWvq1PM4FgTJxg+WLbcBapfpzrWSqmaik/Q+4rM
hxhyI54h1rjyEZmMzt6FzGpVGmvwMT8Sjl1ASYqUpHNMB9bS0wjCOGaqdmg7KFNF
KSL/U2IpvgYHYHtXRfmxEt+lB94tvzpDjO2rMrGKGAVCZ28JaJltzhjLgXTBJFGW
F8DYQhZUhk3yYLMYhgO1zAM2sUMyYJO3Qum2WU/HVYiMtvcXcSW7DMoQVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGPUmJi8NVP1Q0RjyErDOMQN+p/NMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvWTlTWW1MdzFVX1ZEUkdQSVNzTTR4QTM2bjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsCoJAwQA
sCrvMA0GCSqGSIb3DQEBCwUAA4IBAQCo7pEydJuezjIcZgxSSwqy/7qGLj27UHHh
7mwKZnwxFnWwysi/BuauQQZdsyhdI/FTyR3I8oWENYt/ojpHklqlhAzUxN+QWh0i
KPPITxH4TJBqZge/Y+c9el7a7O8+EZ7ZJnU6475eXrzh/Eoj+Ct+qiOfXfOztnCl
E0eqzwj6D3iA+Sa5peogqJc8QDsYNeYJN649i1YQKXRzodWUjvhCrGpbrDVrV3r7
+V0BQFG1DpDZ5lLPiTooYehGZ4d3WuWtDYwwkFZ70fj8UOzcQ6PAvNVyVZjV+rhl
jTYGL7OqCakROOC+B5NTMCL2ZfS+tmCItpIGIqiEoSmCEoFfHg9d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org