Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/yvGGag-sXWMJkM9GfhUYknQkfMo.roa
File: yvGGag-sXWMJkM9GfhUYknQkfMo.roa (raw, json)
Hash identifier: isdXoPxOKSQyjQMuo377Nlj+uut5wJt5K6wNzfZB5GY=
Subject key identifier: CA:F1:86:6A:0F:AC:5D:63:09:90:CF:46:7E:15:18:92:74:24:7C:CA
Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Certificate serial: 01856C4A4CE4351221F592C71C51E4BD5CB7
Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/yvGGag-sXWMJkM9GfhUYknQkfMo.roa
Signing time: Sun 01 Jan 2023 07:44:46 +0000
ROA not before: Sun 01 Jan 2023 07:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20733
IP address blocks: 147.78.117.0/24 maxlen: 24
147.78.116.0/24 maxlen: 24
147.78.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:4c:e4:35:12:21:f5:92:c7:1c:51:e4:bd:5c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Validity
Not Before: Jan 1 07:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caf1866a0fac5d630990cf467e15189274247cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8e:51:9a:a2:f8:be:b8:4c:2a:f0:41:92:f7:
a7:c0:d8:4d:01:47:bc:63:44:d5:4d:6e:a4:62:92:
85:35:1d:4f:4c:10:bc:df:89:69:cc:5c:37:0f:64:
7a:92:f1:1a:4f:d7:65:2e:ae:85:69:25:0d:29:c3:
72:f1:2b:00:97:ee:3e:24:96:59:c1:38:ac:8e:f8:
2a:5c:24:7d:d0:6d:d1:68:9b:94:45:6d:37:16:dd:
ac:bb:5d:4d:f7:05:e0:6e:72:de:af:6f:0f:12:3b:
ed:4a:e6:48:2a:d5:b9:b1:92:c6:e6:cb:8f:83:fc:
69:1e:fc:0d:dc:26:97:63:88:20:c0:f0:96:9a:2f:
83:ee:59:7a:de:f4:9e:8d:c1:26:b2:aa:88:dc:1d:
96:3a:f6:37:fa:03:32:1e:21:a9:2f:75:f6:cd:ef:
59:9a:98:e9:21:2e:93:13:0f:3c:7f:8e:60:cb:c4:
72:12:b6:4d:b3:f3:18:49:e6:ab:45:5e:b6:05:32:
8f:35:6a:f6:66:f7:a3:9e:d1:fd:37:ba:1c:c8:c4:
8e:0d:d5:f5:45:48:66:8e:7a:d8:29:a9:5c:3f:4f:
16:cd:42:7b:10:3c:64:54:a7:a3:7c:99:cd:f1:9c:
c3:5a:8c:5b:13:df:69:b5:20:e6:4e:ce:51:8e:11:
02:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F1:86:6A:0F:AC:5D:63:09:90:CF:46:7E:15:18:92:74:24:7C:CA
X509v3 Authority Key Identifier:
keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/yvGGag-sXWMJkM9GfhUYknQkfMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:37:d2:dd:77:a3:fb:fb:4f:86:0c:e3:2b:ec:71:a0:ce:d3:
80:02:3d:4e:68:80:b9:5b:eb:15:8c:aa:34:8c:99:15:f5:a3:
5a:76:8d:57:ba:52:c7:5e:6d:71:bb:16:b7:81:55:bd:2b:4e:
5f:29:c9:a9:33:45:2e:17:ab:33:c9:d0:ff:4c:06:b8:56:f5:
3c:c0:34:8f:de:0e:79:4e:be:84:2d:85:1d:76:46:5b:a3:ae:
f4:67:b7:d1:4c:f9:82:e0:d4:9f:55:39:c8:f1:58:8e:af:80:
bc:e8:8a:4e:42:fe:75:1a:2f:b4:2c:c9:17:cd:37:15:fc:4c:
5b:60:26:2a:1e:ab:8a:1a:25:d7:21:8f:f6:65:a7:3a:47:3c:
32:db:c0:0a:8c:b9:c9:3e:0f:4c:63:e9:84:12:28:9c:e8:59:
f7:33:b4:c8:90:27:9e:c5:33:7a:89:ee:87:9d:81:71:36:2b:
65:d1:db:ee:67:56:c3:1d:c3:ee:b3:45:59:e4:18:ca:00:58:
17:06:ab:ea:84:39:2a:ab:95:8d:a1:93:42:66:e7:ac:d3:fe:
ec:d1:b6:e7:b3:be:69:1a:dd:51:25:a1:1f:35:53:50:11:5a:
98:99:32:8f:76:3c:73:4b:c3:e2:40:6e:ad:01:81:40:5a:82:
50:09:45:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSkzkNRIh9ZLHHFHkvVy3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Yjc4OWIzMmUxNmU5ZGQyZjcwNTEzMTE5ZGM3N2VhNjFm
ZjFlMDkwHhcNMjMwMTAxMDc0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWYxODY2YTBmYWM1ZDYzMDk5MGNmNDY3ZTE1MTg5Mjc0MjQ3Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq45RmqL4vrhMKvBBkvenwNhNAUe8
Y0TVTW6kYpKFNR1PTBC834lpzFw3D2R6kvEaT9dlLq6FaSUNKcNy8SsAl+4+JJZZ
wTisjvgqXCR90G3RaJuURW03Ft2su11N9wXgbnLer28PEjvtSuZIKtW5sZLG5suP
g/xpHvwN3CaXY4ggwPCWmi+D7ll63vSejcEmsqqI3B2WOvY3+gMyHiGpL3X2ze9Z
mpjpIS6TEw88f45gy8RyErZNs/MYSearRV62BTKPNWr2ZvejntH9N7ocyMSODdX1
RUhmjnrYKalcP08WzUJ7EDxkVKejfJnN8ZzDWoxbE99ptSDmTs5RjhEC4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrxhmoPrF1jCZDPRn4VGJJ0JHzKMB8GA1UdIwQY
MBaAFKa3ibMuFundL3BRMRncd+ph/x4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEt
MDZjOTI5NmYwOGEyLzEveXZHR2FnLXNYV01Ka005R2ZoVVlrblFrZk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEtMDZjOTI5NmYwOGEy
LzEvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk050MA0G
CSqGSIb3DQEBCwUAA4IBAQAtN9Ldd6P7+0+GDOMr7HGgztOAAj1OaIC5W+sVjKo0
jJkV9aNado1XulLHXm1xuxa3gVW9K05fKcmpM0UuF6szydD/TAa4VvU8wDSP3g55
Tr6ELYUddkZbo670Z7fRTPmC4NSfVTnI8ViOr4C86IpOQv51Gi+0LMkXzTcV/Exb
YCYqHquKGiXXIY/2Zac6Rzwy28AKjLnJPg9MY+mEEiic6Fn3M7TIkCeexTN6ie6H
nYFxNitl0dvuZ1bDHcPus0VZ5BjKAFgXBqvqhDkqq5WNoZNCZues0/7s0bbns75p
Gt1RJaEfNVNQEVqYmTKPdjxzS8PiQG6tAYFAWoJQCUVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:30 2024 by rpki-client on console-ams.rpki-client.org