Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YptkbnoPXI35is4F8WkG2IJd13s.roa
File: YptkbnoPXI35is4F8WkG2IJd13s.roa (raw, json)
Hash identifier: SdimbCM1FdiYBROd/b2TE8IACXO2YXMnQb1qWM9gBaQ=
Subject key identifier: 62:9B:64:6E:7A:0F:5C:8D:F9:8A:CE:05:F1:69:06:D8:82:5D:D7:7B
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 018A4668721B9BABCD8E8176DF28ACFB3B7E
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YptkbnoPXI35is4F8WkG2IJd13s.roa
Signing time: Wed 30 Aug 2023 12:26:04 +0000
ROA not before: Wed 30 Aug 2023 12:26:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198369
IP address blocks: 81.19.132.0/24 maxlen: 32
81.19.134.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:68:72:1b:9b:ab:cd:8e:81:76:df:28:ac:fb:3b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Aug 30 12:26:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=629b646e7a0f5c8df98ace05f16906d8825dd77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f2:91:d9:bf:06:83:0b:2f:0c:47:36:a0:61:
7d:53:c2:e6:9c:76:91:e4:e7:c9:da:73:42:5a:50:
05:d3:cf:5d:b3:0f:85:cd:19:77:e2:e3:08:0e:de:
33:4d:a5:21:59:cd:4e:b2:0b:a7:79:a9:55:6f:eb:
7a:33:0a:af:ca:0e:6c:37:2f:98:d1:53:bb:7a:20:
ca:e3:ed:50:85:5d:89:b1:ad:bf:ed:2f:22:7d:75:
c3:7e:81:1d:4e:40:a8:5d:54:9a:67:86:24:81:91:
4b:61:39:f2:6b:2a:af:fe:2b:01:66:d2:76:cd:18:
a8:fd:f4:22:83:9a:17:f5:d3:5d:bb:84:60:fd:18:
f7:24:93:4a:69:b6:c7:81:03:c3:31:95:64:b8:d2:
e3:f0:eb:80:26:c8:15:45:11:f0:d9:19:67:e2:6e:
f9:55:39:da:a8:20:09:19:43:0a:f0:1a:34:06:db:
58:9a:f0:94:8e:83:46:2a:af:e8:e7:e8:e2:a7:ec:
e4:4f:21:a2:a5:28:d9:95:aa:f2:a1:e8:ae:eb:1e:
10:e9:ec:82:75:9d:69:64:0e:c1:20:a2:71:36:85:
95:cd:98:03:47:c9:71:d2:ca:98:a6:8c:b8:b2:b2:
d4:1d:b1:6e:b5:cb:d6:72:9f:6b:78:63:e9:d6:9b:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9B:64:6E:7A:0F:5C:8D:F9:8A:CE:05:F1:69:06:D8:82:5D:D7:7B
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/YptkbnoPXI35is4F8WkG2IJd13s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.132.0/24
81.19.134.0/24
Signature Algorithm: sha256WithRSAEncryption
37:bb:de:fa:97:f6:ad:4b:79:97:0b:92:0c:a3:8e:d3:31:81:
4b:8d:b6:ff:d3:0b:8b:02:3b:34:c2:0c:2a:fa:2d:a1:3a:7f:
43:08:d7:b1:3e:e2:07:02:cb:da:81:a1:db:40:c0:2c:62:e5:
c8:a9:3b:e0:ab:98:29:19:82:86:03:1c:9d:e9:57:fe:89:0f:
29:fb:1b:f2:dd:49:34:6b:43:97:48:9e:d5:ee:89:79:15:5b:
a5:a5:cd:71:fa:d9:f4:37:37:5b:61:bd:90:19:16:f3:1c:f3:
e1:88:87:8a:9f:3c:03:43:a9:71:15:ca:08:c0:bc:77:af:df:
b8:eb:77:77:17:7e:d8:4d:a6:2c:85:e8:40:e7:f8:67:c7:af:
d2:36:be:da:f2:65:ea:24:4e:a0:da:db:7a:72:15:d5:0c:ca:
e0:3f:81:3b:e0:83:46:e0:07:66:71:90:ce:dd:10:96:e3:4b:
25:c5:de:15:94:c7:cd:1e:89:ce:f5:76:b0:3d:8d:1a:cb:02:
f7:44:89:32:85:a5:75:95:88:e2:ee:b4:d7:cc:e3:5a:bb:b3:
3d:bd:2e:16:d2:39:be:6d:b5:0a:a8:4b:90:07:c7:7a:da:a4:
d9:d4:c9:e1:c1:a6:88:5a:57:9a:63:0d:2f:90:09:79:f3:e9:
d3:ee:70:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpGaHIbm6vNjoF23yis+zt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjMwODMwMTIyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjliNjQ2ZTdhMGY1YzhkZjk4YWNlMDVmMTY5MDZkODgyNWRkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPKR2b8GgwsvDEc2oGF9U8LmnHaR
5OfJ2nNCWlAF089dsw+FzRl34uMIDt4zTaUhWc1OsgunealVb+t6Mwqvyg5sNy+Y
0VO7eiDK4+1QhV2Jsa2/7S8ifXXDfoEdTkCoXVSaZ4YkgZFLYTnyayqv/isBZtJ2
zRio/fQig5oX9dNdu4Rg/Rj3JJNKabbHgQPDMZVkuNLj8OuAJsgVRRHw2Rln4m75
VTnaqCAJGUMK8Bo0BttYmvCUjoNGKq/o5+jip+zkTyGipSjZlaryoeiu6x4Q6eyC
dZ1pZA7BIKJxNoWVzZgDR8lx0sqYpoy4srLUHbFutcvWcp9reGPp1puhMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGKbZG56D1yN+YrOBfFpBtiCXdd7MB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvWXB0a2Jub1BYSTM1aXM0RjhXa0cySUpkMTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUROEAwQA
UROGMA0GCSqGSIb3DQEBCwUAA4IBAQA3u976l/atS3mXC5IMo47TMYFLjbb/0wuL
Ajs0wgwq+i2hOn9DCNexPuIHAsvagaHbQMAsYuXIqTvgq5gpGYKGAxyd6Vf+iQ8p
+xvy3Uk0a0OXSJ7V7ol5FVulpc1x+tn0NzdbYb2QGRbzHPPhiIeKnzwDQ6lxFcoI
wLx3r9+463d3F37YTaYshehA5/hnx6/SNr7a8mXqJE6g2tt6chXVDMrgP4E74ING
4AdmcZDO3RCW40slxd4VlMfNHonO9XawPY0aywL3RIkyhaV1lYji7rTXzONau7M9
vS4W0jm+bbUKqEuQB8d62qTZ1MnhwaaIWleaYw0vkAl58+nT7nCo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org