Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/yvOTpgZLhlf4wZqb8w9L-XP1TFE.roa
File: yvOTpgZLhlf4wZqb8w9L-XP1TFE.roa (raw, json)
Hash identifier: tmclRmNsJafl1gCmN4DAxSWmW3lu+Ihq90vYasyy3eY=
Subject key identifier: CA:F3:93:A6:06:4B:86:57:F8:C1:9A:9B:F3:0F:4B:F9:73:F5:4C:51
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0185735628DB394981A3CF8294932804D696
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/yvOTpgZLhlf4wZqb8w9L-XP1TFE.roa
Signing time: Mon 02 Jan 2023 16:35:04 +0000
ROA not before: Mon 02 Jan 2023 16:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199515
IP address blocks: 213.153.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:28:db:39:49:81:a3:cf:82:94:93:28:04:d6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 2 16:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf393a6064b8657f8c19a9bf30f4bf973f54c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5a:a0:09:34:08:b2:26:2d:3e:f8:88:c7:70:
44:46:8d:e1:42:25:ba:13:d5:d3:2a:47:c3:ba:90:
03:c0:c3:30:f0:33:10:78:db:53:60:14:34:14:bb:
0b:c2:23:58:43:72:c9:0f:d9:06:34:ab:8a:24:30:
96:9a:dd:27:0d:0d:d1:bd:cc:d6:53:9b:95:5b:ca:
0b:c2:0e:66:4a:71:e7:32:14:29:19:f1:61:f1:d6:
f4:45:70:60:da:57:f5:a8:f7:92:2e:62:bd:13:7f:
41:17:6c:6c:7e:b4:d5:eb:75:87:8c:33:7c:b6:09:
20:69:72:ed:c9:68:d5:8f:b2:b8:53:bf:0c:cd:26:
78:9e:f3:47:c3:a9:db:65:df:7a:f7:29:83:e4:8f:
06:9d:5d:55:87:6d:0b:3a:ab:fb:32:91:f9:3b:e4:
ec:aa:e0:3c:09:66:10:cb:16:a3:d4:02:33:82:70:
f4:5d:8a:a0:4e:e6:17:40:f4:8f:1d:45:7e:e8:34:
7f:a7:a2:e2:ab:0e:ae:18:87:a7:02:01:55:b5:9a:
b7:7a:9f:1a:a0:23:d7:f8:d4:9f:40:ad:2c:1e:48:
1f:85:d6:b4:a8:76:54:07:3d:89:13:f8:3d:95:71:
95:91:b9:10:b1:fd:bd:89:c8:cf:89:71:ce:97:3c:
80:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F3:93:A6:06:4B:86:57:F8:C1:9A:9B:F3:0F:4B:F9:73:F5:4C:51
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/yvOTpgZLhlf4wZqb8w9L-XP1TFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.153.232.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9e:d4:b1:9f:49:d2:d9:40:c0:f1:9d:08:a3:02:8f:f8:96:
3a:0d:a4:cf:17:ff:82:ec:a3:12:f4:bd:c4:71:fa:cf:b6:f8:
96:1b:c5:8a:e9:f3:e9:34:43:c8:1c:a1:e3:67:67:bb:17:72:
67:02:e3:17:82:76:8b:30:7e:60:c7:8f:37:fd:3e:1f:7f:3e:
f4:d2:0d:6e:0b:ac:85:86:25:be:d1:f1:71:47:ac:97:92:ac:
89:5d:03:d9:92:38:5c:c3:7d:3f:a2:12:18:c9:29:44:fd:b1:
30:db:6b:dd:da:f8:47:ce:3e:a6:50:74:78:9b:35:55:d6:0e:
23:c7:c1:42:9d:67:f3:38:8a:38:3d:e3:53:9d:ae:45:ad:cf:
55:46:e3:dc:29:f6:5d:c7:b0:35:5f:8d:ae:d4:8f:43:e6:d7:
24:e2:09:8c:88:ed:6b:23:b0:d2:7f:d0:06:dd:16:22:ab:62:
41:67:de:26:fc:d1:17:67:d5:f7:01:4d:7b:7d:96:af:5c:10:
5a:df:80:79:5a:41:aa:e9:13:85:ce:41:87:c0:e6:92:31:9f:
b4:c9:f2:70:d4:58:eb:73:c5:73:4e:78:ec:e1:b5:54:4f:dd:
43:35:e1:b0:70:13:62:ef:6c:1f:30:4b:49:7e:58:0b:79:44:
79:a6:12:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVijbOUmBo8+ClJMoBNaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjMwMTAyMTYzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWYzOTNhNjA2NGI4NjU3ZjhjMTlhOWJmMzBmNGJmOTczZjU0YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVqgCTQIsiYtPviIx3BERo3hQiW6
E9XTKkfDupADwMMw8DMQeNtTYBQ0FLsLwiNYQ3LJD9kGNKuKJDCWmt0nDQ3RvczW
U5uVW8oLwg5mSnHnMhQpGfFh8db0RXBg2lf1qPeSLmK9E39BF2xsfrTV63WHjDN8
tgkgaXLtyWjVj7K4U78MzSZ4nvNHw6nbZd969ymD5I8GnV1Vh20LOqv7MpH5O+Ts
quA8CWYQyxaj1AIzgnD0XYqgTuYXQPSPHUV+6DR/p6Liqw6uGIenAgFVtZq3ep8a
oCPX+NSfQK0sHkgfhda0qHZUBz2JE/g9lXGVkbkQsf29icjPiXHOlzyAuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrzk6YGS4ZX+MGam/MPS/lz9UxRMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEveXZPVHBnWkxobGY0d1pxYjh3OUwtWFAxVEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZnoMA0G
CSqGSIb3DQEBCwUAA4IBAQCBntSxn0nS2UDA8Z0IowKP+JY6DaTPF/+C7KMS9L3E
cfrPtviWG8WK6fPpNEPIHKHjZ2e7F3JnAuMXgnaLMH5gx483/T4ffz700g1uC6yF
hiW+0fFxR6yXkqyJXQPZkjhcw30/ohIYySlE/bEw22vd2vhHzj6mUHR4mzVV1g4j
x8FCnWfzOIo4PeNTna5Frc9VRuPcKfZdx7A1X42u1I9D5tck4gmMiO1rI7DSf9AG
3RYiq2JBZ94m/NEXZ9X3AU17fZavXBBa34B5WkGq6ROFzkGHwOaSMZ+0yfJw1Fjr
c8VzTnjs4bVUT91DNeGwcBNi72wfMEtJflgLeUR5phKq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org