Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YZ2f5fXFCGUgvpjE8cRmeyFTlrw.roa
File: YZ2f5fXFCGUgvpjE8cRmeyFTlrw.roa (raw, json)
Hash identifier: oPtYdHy23D5pbMYYQFov86SYvE4tvJv2w+lH8V3voAQ=
Subject key identifier: 61:9D:9F:E5:F5:C5:08:65:20:BE:98:C4:F1:C4:66:7B:21:53:96:BC
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A994F318E53D7244CDE26526D38F61B
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YZ2f5fXFCGUgvpjE8cRmeyFTlrw.roa
Signing time: Sat 25 Mar 2023 21:07:47 +0000
ROA not before: Sat 25 Mar 2023 21:07:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35830
IP address blocks: 193.151.188.0/24 maxlen: 24
89.19.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:99:4f:31:8e:53:d7:24:4c:de:26:52:6d:38:f6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:07:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619d9fe5f5c5086520be98c4f1c4667b215396bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:88:ae:e8:75:30:e6:49:5e:30:0a:56:d9:86:
9c:8e:fb:a9:a3:e6:54:27:2c:25:fe:92:c7:7f:c3:
73:17:7c:fa:83:ef:8a:10:b6:40:a8:ee:81:08:56:
be:32:ff:9c:8b:80:c8:a1:7e:51:e5:f0:6a:6b:81:
f3:7e:48:d9:6b:e8:c3:0c:13:df:6f:07:73:50:e5:
b8:13:9c:dd:7a:c4:7c:24:1f:c5:99:da:1d:79:fb:
41:0b:aa:4b:05:1f:0c:29:7f:a0:10:a7:30:82:ee:
80:38:41:fe:79:f3:7c:80:32:a9:bb:ec:45:ba:21:
f2:4b:a8:47:3e:85:a9:4f:68:08:50:3f:bf:11:77:
41:2f:36:b8:91:af:64:9d:b6:39:38:df:5f:47:9c:
a7:76:70:9e:ff:ca:35:f0:ae:32:cd:0c:f3:9a:fc:
6f:56:e5:92:3b:4c:71:4e:a1:23:2c:5d:d1:10:6f:
2f:aa:6e:65:8a:42:df:e6:7c:a8:a9:22:22:5d:86:
de:21:38:9e:be:a0:2d:3c:f3:92:fa:63:70:7f:fc:
2a:ac:ef:a3:4b:a2:3c:fe:5f:49:cb:3c:b6:77:07:
17:96:88:01:0d:ee:62:3f:0a:9f:c1:ed:b5:b0:8f:
e3:fd:2d:9c:92:1d:4b:26:f0:04:2c:2e:8b:ef:12:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9D:9F:E5:F5:C5:08:65:20:BE:98:C4:F1:C4:66:7B:21:53:96:BC
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YZ2f5fXFCGUgvpjE8cRmeyFTlrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.35.0/24
193.151.188.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:58:80:3a:83:44:8f:c7:85:dd:bc:33:7c:8b:94:41:eb:c8:
d5:d2:8d:2c:74:a3:b0:34:49:0d:21:48:48:9d:64:15:9d:f6:
ef:e6:63:79:5e:f7:03:07:5d:59:0f:05:d6:2e:54:11:58:ba:
23:db:96:da:36:c5:81:6d:19:ce:9b:e3:f2:bf:77:85:17:1c:
83:5f:9c:62:64:fb:55:d9:5f:a2:6b:61:24:20:69:c1:fe:05:
7f:4a:e6:e1:e1:a9:74:b3:2e:14:ee:5c:9f:bc:16:b4:ec:72:
49:6f:51:97:c4:a1:7b:94:53:05:c1:31:cd:09:59:82:05:0d:
b1:cd:56:e6:48:cd:31:31:4c:31:00:02:8b:72:2d:8d:dc:dc:
58:74:0c:fa:eb:42:06:33:89:0a:1d:97:ef:2d:8b:44:c4:08:
b5:11:1c:b6:12:0a:32:c2:98:0e:95:02:77:50:a5:2e:ee:bf:
44:f0:1b:2f:52:78:56:29:94:0c:e2:da:2f:38:8c:35:fa:c6:
0b:0f:21:a1:59:f2:f5:7e:5d:40:b6:2c:25:bb:ca:90:aa:42:
7a:30:34:79:96:a4:55:5b:98:34:dc:9f:fe:1e:95:08:96:14:
ba:55:dd:d1:74:4c:7b:a8:4d:d1:47:3c:9a:21:80:bd:f0:2d:
42:f5:7d:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcamU8xjlPXJEzeJlJtOPYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlkOWZlNWY1YzUwODY1MjBiZTk4YzRmMWM0NjY3YjIxNTM5NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioiu6HUw5kleMApW2Yacjvupo+ZU
Jywl/pLHf8NzF3z6g++KELZAqO6BCFa+Mv+ci4DIoX5R5fBqa4HzfkjZa+jDDBPf
bwdzUOW4E5zdesR8JB/FmdodeftBC6pLBR8MKX+gEKcwgu6AOEH+efN8gDKpu+xF
uiHyS6hHPoWpT2gIUD+/EXdBLza4ka9knbY5ON9fR5yndnCe/8o18K4yzQzzmvxv
VuWSO0xxTqEjLF3REG8vqm5likLf5nyoqSIiXYbeITievqAtPPOS+mNwf/wqrO+j
S6I8/l9Jyzy2dwcXlogBDe5iPwqfwe21sI/j/S2ckh1LJvAELC6L7xKjPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGGdn+X1xQhlIL6YxPHEZnshU5a8MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvWVoyZjVmWEZDR1VndnBqRThjUm1leUZUbHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRMjAwQA
wZe8MA0GCSqGSIb3DQEBCwUAA4IBAQB/WIA6g0SPx4XdvDN8i5RB68jV0o0sdKOw
NEkNIUhInWQVnfbv5mN5XvcDB11ZDwXWLlQRWLoj25baNsWBbRnOm+Pyv3eFFxyD
X5xiZPtV2V+ia2EkIGnB/gV/Subh4al0sy4U7lyfvBa07HJJb1GXxKF7lFMFwTHN
CVmCBQ2xzVbmSM0xMUwxAAKLci2N3NxYdAz660IGM4kKHZfvLYtExAi1ERy2Egoy
wpgOlQJ3UKUu7r9E8BsvUnhWKZQM4tovOIw1+sYLDyGhWfL1fl1Atiwlu8qQqkJ6
MDR5lqRVW5g03J/+HpUIlhS6Vd3RdEx7qE3RRzyaIYC98C1C9X0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org