Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/YCswGeyb8arW6PAmWxBfNhKobf8.roa
File: YCswGeyb8arW6PAmWxBfNhKobf8.roa (raw, json)
Hash identifier: XIx0dIfTUKNp+8q7TGH58bNCfyG4wGvcXO8eDcO3wnc=
Subject key identifier: 60:2B:30:19:EC:9B:F1:AA:D6:E8:F0:26:5B:10:5F:36:12:A8:6D:FF
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 01856FCBB2F236CE53AD198E46C7C2EF54E1
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/YCswGeyb8arW6PAmWxBfNhKobf8.roa
Signing time: Mon 02 Jan 2023 00:04:58 +0000
ROA not before: Mon 02 Jan 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205530
IP address blocks: 81.89.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 17:09:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:b2:f2:36:ce:53:ad:19:8e:46:c7:c2:ef:54:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Jan 2 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=602b3019ec9bf1aad6e8f0265b105f3612a86dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f7:33:8d:69:12:99:d1:87:35:da:d4:9f:6b:
d4:43:bb:e1:71:9e:cc:13:58:53:18:a0:b6:20:57:
c3:fa:eb:44:2e:02:fd:ed:f8:33:9e:61:50:eb:48:
44:6c:b9:24:13:4e:b4:52:38:ea:43:f0:2d:db:5e:
01:54:84:e1:32:48:45:18:c0:ad:b5:57:f1:ae:3f:
7f:dc:0d:69:c9:11:fe:15:b4:f1:9c:bf:cf:27:a8:
f5:bc:5e:e8:0c:cd:fa:f4:60:d2:b6:7d:77:de:5b:
37:20:89:28:3f:bc:43:71:d2:c4:dc:b5:ad:da:71:
5d:cd:fb:15:ca:f8:f2:a6:3b:b4:b0:83:ce:e1:58:
63:d9:ec:b7:41:fe:6e:72:68:c7:6c:ff:98:38:53:
5c:52:5b:42:bd:de:5a:cb:b4:16:6e:dc:0a:2a:c6:
e1:39:d1:66:a1:cc:4f:43:49:6c:20:f5:c6:3b:2b:
5f:5f:eb:aa:f8:68:ef:21:30:95:37:00:44:a5:d4:
8a:a0:47:cf:df:7e:92:6d:98:f5:a6:e9:c5:35:07:
63:2c:43:b5:40:8d:16:3a:ed:94:0f:f1:22:e0:58:
0f:94:d0:a6:82:f4:3a:3f:ee:a9:5d:a1:71:e8:10:
e8:a0:05:21:de:0c:59:15:79:45:1a:72:9c:c7:43:
ce:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:2B:30:19:EC:9B:F1:AA:D6:E8:F0:26:5B:10:5F:36:12:A8:6D:FF
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/YCswGeyb8arW6PAmWxBfNhKobf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.88.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:d3:44:b1:ba:86:28:90:05:18:d1:e2:ba:8d:b3:cf:40:b1:
45:13:77:60:2a:4f:33:4d:bb:fc:be:95:eb:dd:13:83:24:1b:
bd:36:eb:e5:4b:08:3f:0f:ca:80:68:d8:32:81:02:25:54:6b:
ba:79:f0:20:d0:7c:19:4c:d9:72:b3:8f:7d:fc:5b:db:1f:ba:
6a:c5:ba:dc:0f:4b:62:de:a1:1d:a2:67:ea:f2:04:8f:b5:be:
f7:38:4a:d3:18:21:d9:bd:bd:37:0c:55:4c:6e:54:86:0e:f8:
c3:a4:15:9d:89:35:44:0a:96:85:d3:20:1b:c3:0e:9c:b8:d5:
3b:48:f2:74:55:fc:5a:71:b0:f8:93:b9:57:ee:91:59:bb:63:
96:8a:65:45:7d:6a:90:38:c3:ef:fc:98:25:ee:b1:b6:d5:40:
1c:db:a4:e0:af:74:f3:0f:a0:da:39:29:af:95:05:16:e9:f8:
cf:f2:0c:a4:a5:ea:16:5c:63:05:ab:ab:5b:8f:85:4b:27:ee:
03:d8:7f:29:5c:58:86:38:5b:f7:d3:ea:14:b2:8b:ce:c5:4b:
cd:73:eb:09:4a:54:37:39:ed:0c:cb:d4:f5:6b:bd:a9:86:23:
ef:aa:4b:1f:a9:1d:db:6e:b5:85:bb:53:cf:bf:ce:a8:34:66:
91:2b:06:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy7LyNs5TrRmORsfC71ThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjMwMTAyMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDJiMzAxOWVjOWJmMWFhZDZlOGYwMjY1YjEwNWYzNjEyYTg2ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPczjWkSmdGHNdrUn2vUQ7vhcZ7M
E1hTGKC2IFfD+utELgL97fgznmFQ60hEbLkkE060UjjqQ/At214BVIThMkhFGMCt
tVfxrj9/3A1pyRH+FbTxnL/PJ6j1vF7oDM369GDStn133ls3IIkoP7xDcdLE3LWt
2nFdzfsVyvjypju0sIPO4Vhj2ey3Qf5ucmjHbP+YOFNcUltCvd5ay7QWbtwKKsbh
OdFmocxPQ0lsIPXGOytfX+uq+GjvITCVNwBEpdSKoEfP336SbZj1punFNQdjLEO1
QI0WOu2UD/Ei4FgPlNCmgvQ6P+6pXaFx6BDooAUh3gxZFXlFGnKcx0POFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGArMBnsm/Gq1ujwJlsQXzYSqG3/MB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvWUNzd0dleWI4YXJXNlBBbVd4QmZOaEtvYmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVlYMA0G
CSqGSIb3DQEBCwUAA4IBAQBP00SxuoYokAUY0eK6jbPPQLFFE3dgKk8zTbv8vpXr
3RODJBu9NuvlSwg/D8qAaNgygQIlVGu6efAg0HwZTNlys499/FvbH7pqxbrcD0ti
3qEdomfq8gSPtb73OErTGCHZvb03DFVMblSGDvjDpBWdiTVECpaF0yAbww6cuNU7
SPJ0VfxacbD4k7lX7pFZu2OWimVFfWqQOMPv/Jgl7rG21UAc26Tgr3TzD6DaOSmv
lQUW6fjP8gykpeoWXGMFq6tbj4VLJ+4D2H8pXFiGOFv30+oUsovOxUvNc+sJSlQ3
Oe0My9T1a72phiPvqksfqR3bbrWFu1PPv86oNGaRKwbF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:45 2024 by rpki-client on console-fra.rpki-client.org