Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/YcW6-Vjm5JF6_Es4iu172IBDhq4.roa
File: YcW6-Vjm5JF6_Es4iu172IBDhq4.roa (raw, json)
Hash identifier: UtE5m4kchQvNw6pRyJopwxen2Blj1yjvGzQsLe5EsWo=
Subject key identifier: 61:C5:BA:F9:58:E6:E4:91:7A:FC:4B:38:8A:ED:7B:D8:80:43:86:AE
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 01867DFDE707359F5635B792441987D32B52
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/YcW6-Vjm5JF6_Es4iu172IBDhq4.roa
Signing time: Thu 23 Feb 2023 11:17:17 +0000
ROA not before: Thu 23 Feb 2023 11:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207849
IP address blocks: 89.234.164.0/22 maxlen: 22
89.234.168.0/22 maxlen: 22
2a00:5881:b100::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:fd:e7:07:35:9f:56:35:b7:92:44:19:87:d3:2b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Feb 23 11:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c5baf958e6e4917afc4b388aed7bd8804386ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:b9:79:7d:38:ca:67:b1:26:f0:6a:c2:09:
ea:f4:4f:81:36:9c:d9:14:b1:6c:bf:48:06:22:00:
50:4d:30:95:2a:8e:d7:79:b0:5e:e0:df:92:b2:ed:
94:bd:a5:8b:b7:ca:7b:26:6b:75:4c:5a:fd:b9:1a:
7e:e1:03:d5:9d:e9:a9:29:68:02:fd:da:a5:72:b1:
4e:3f:94:13:ea:2d:72:bb:39:e0:c4:c4:3c:b8:e7:
ec:f8:0d:73:2d:38:44:c8:e0:cf:7c:91:7d:a3:cf:
07:ed:bd:91:a6:eb:f8:b1:79:5d:c8:35:b4:53:f4:
c4:72:6b:81:2f:7d:ce:5e:b1:27:0a:3b:6c:46:65:
12:f9:aa:5c:79:d8:bc:68:c2:6f:71:58:c4:f4:ac:
2d:29:1a:8f:9c:9d:f3:08:7b:13:5d:96:c0:98:a0:
bd:35:81:c9:7b:88:76:8b:f0:5d:c0:e3:9b:8e:a9:
51:65:7a:7c:4e:e6:a6:fd:8d:a8:c9:85:3b:97:8f:
90:53:f6:89:78:de:47:0f:7f:8a:2a:c2:71:84:af:
04:98:7e:fa:f7:d8:3c:82:c7:60:33:d9:e1:6a:f0:
5f:ab:4b:82:9f:61:55:48:03:e6:e0:ba:1a:4b:b3:
36:65:c5:68:51:ba:65:0e:ce:ae:9f:0d:0a:b8:32:
c6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C5:BA:F9:58:E6:E4:91:7A:FC:4B:38:8A:ED:7B:D8:80:43:86:AE
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/YcW6-Vjm5JF6_Es4iu172IBDhq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.164.0-89.234.171.255
IPv6:
2a00:5881:b100::/40
Signature Algorithm: sha256WithRSAEncryption
55:2f:91:dd:76:4a:a9:57:8d:14:e6:9b:28:5c:b3:61:ff:f0:
13:3d:3b:b2:59:e6:fa:e4:7e:ed:83:16:23:1f:54:d3:67:cb:
ad:b6:6f:75:30:29:1d:7c:8e:d0:0e:d5:ca:eb:d9:2e:c7:e1:
f8:7d:2b:37:b5:6c:53:fc:09:1b:9e:09:d7:3a:33:1e:7c:cb:
01:a5:06:ac:87:56:5b:f1:28:16:7b:c2:a3:4f:45:7c:55:cc:
d3:16:0d:b2:f5:8f:58:6b:bd:51:b8:f3:d2:8e:a3:2c:84:20:
60:18:cd:6e:6e:41:a0:db:45:7e:f6:79:23:ed:20:3b:68:65:
31:63:3e:b5:ba:03:90:f0:ea:5e:34:4d:38:80:3d:da:e3:f9:
5d:9f:13:fe:ea:b0:91:aa:90:a2:64:04:5a:b3:75:80:00:42:
4f:c4:a5:3b:d5:b8:c1:b3:e8:58:40:6b:2d:30:b2:71:df:b4:
9c:55:99:fb:00:de:b5:e7:52:dc:bc:3a:1e:54:17:1e:5d:84:
17:2b:86:41:57:29:2f:58:e5:86:c7:b1:47:11:8e:8e:69:7c:
9c:cd:c8:d2:4f:57:43:67:f2:19:04:1f:e6:59:f5:96:75:1a:
bb:ef:46:e4:39:11:1a:1e:d4:65:45:24:67:54:00:65:7b:75:
ae:9d:9d:3e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZ9/ecHNZ9WNbeSRBmH0ytSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjMwMjIzMTExNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM1YmFmOTU4ZTZlNDkxN2FmYzRiMzg4YWVkN2JkODgwNDM4NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOK5eX04ymexJvBqwgnq9E+BNpzZ
FLFsv0gGIgBQTTCVKo7XebBe4N+Ssu2UvaWLt8p7Jmt1TFr9uRp+4QPVnempKWgC
/dqlcrFOP5QT6i1yuzngxMQ8uOfs+A1zLThEyODPfJF9o88H7b2Rpuv4sXldyDW0
U/TEcmuBL33OXrEnCjtsRmUS+apcedi8aMJvcVjE9KwtKRqPnJ3zCHsTXZbAmKC9
NYHJe4h2i/BdwOObjqlRZXp8Tuam/Y2oyYU7l4+QU/aJeN5HD3+KKsJxhK8EmH76
99g8gsdgM9nhavBfq0uCn2FVSAPm4LoaS7M2ZcVoUbplDs6unw0KuDLGSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGHFuvlY5uSRevxLOIrte9iAQ4auMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL1ljVzYtVmptNUpGNl9FczRpdTE3MklCRGhxNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMBQEAgABMA4wDAMEAlnq
pAMEAlnqqDAOBAIAAjAIAwYAKgBYgbEwDQYJKoZIhvcNAQELBQADggEBAFUvkd12
SqlXjRTmmyhcs2H/8BM9O7JZ5vrkfu2DFiMfVNNny622b3UwKR18jtAO1crr2S7H
4fh9Kze1bFP8CRueCdc6Mx58ywGlBqyHVlvxKBZ7wqNPRXxVzNMWDbL1j1hrvVG4
89KOoyyEIGAYzW5uQaDbRX72eSPtIDtoZTFjPrW6A5Dw6l40TTiAPdrj+V2fE/7q
sJGqkKJkBFqzdYAAQk/EpTvVuMGz6FhAay0wsnHftJxVmfsA3rXnUty8Oh5UFx5d
hBcrhkFXKS9Y5YbHsUcRjo5pfJzNyNJPV0Nn8hkEH+ZZ9ZZ1GrvvRuQ5ERoe1GVF
JGdUAGV7da6dnT4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org