Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/yJMjl4JU1GRt0er0DYTscisvnDU.roa
File: yJMjl4JU1GRt0er0DYTscisvnDU.roa (raw, json)
Hash identifier: 3LBkWe47iImPV/Nx13nmywpbwRATnpcMMwfEh52l5N0=
Subject key identifier: C8:93:23:97:82:54:D4:64:6D:D1:EA:F4:0D:84:EC:72:2B:2F:9C:35
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0188962D037F2A6097D94C7035351177BD93
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/yJMjl4JU1GRt0er0DYTscisvnDU.roa
Signing time: Wed 07 Jun 2023 14:05:12 +0000
ROA not before: Wed 07 Jun 2023 14:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 07:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:2d:03:7f:2a:60:97:d9:4c:70:35:35:11:77:bd:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 7 14:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c89323978254d4646dd1eaf40d84ec722b2f9c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fa:fc:fa:c0:c7:67:90:bd:61:0b:b5:59:e4:
da:5f:c3:1d:ae:f7:37:01:b6:40:21:f3:cb:aa:f1:
b1:35:34:2f:cb:17:af:1f:be:3b:78:71:d0:cc:18:
9b:4e:80:59:75:c9:3a:87:9f:ba:bd:0b:15:c7:ef:
b0:f6:00:c8:f4:d4:f3:ed:71:93:19:71:28:99:c5:
2c:7b:86:28:71:25:90:de:80:93:0e:76:c2:13:c3:
a7:27:dc:26:24:d8:20:a4:ff:9c:2d:05:c8:65:6f:
16:20:c4:b8:74:34:e8:0e:b6:c4:0c:ca:b6:09:6e:
a1:14:5e:b7:e2:6e:0a:63:d5:50:18:a4:10:98:b0:
81:e9:6e:24:17:0d:9e:f1:e6:cf:45:ba:43:96:bd:
77:2b:4a:80:23:26:a5:53:31:71:31:46:7d:81:b0:
6d:d7:41:92:d6:f7:7d:47:78:a8:df:07:b8:e2:f8:
b9:1e:3b:33:52:39:e0:ba:14:b4:52:cd:c0:3d:6d:
ae:52:62:42:e5:df:2c:82:f2:f5:5d:a3:0a:3b:f3:
57:88:48:f0:d3:68:46:b6:1a:0e:19:a6:2d:9b:c2:
f6:45:6f:b9:6b:48:7f:4b:0e:26:46:fe:24:bd:ee:
dd:29:a7:bf:5e:ff:d5:1d:8f:40:74:98:02:cb:2a:
b0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:93:23:97:82:54:D4:64:6D:D1:EA:F4:0D:84:EC:72:2B:2F:9C:35
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/yJMjl4JU1GRt0er0DYTscisvnDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:2a:61:ef:78:18:0d:e6:7e:9a:42:75:3c:67:5d:77:65:62:
51:85:f8:60:78:ea:5f:e7:80:56:41:5b:e4:ce:2c:b5:b9:62:
a7:c2:fd:69:14:ed:40:38:5a:84:c4:4b:91:58:ef:26:e4:e9:
bf:28:49:45:77:e0:42:fa:8b:74:85:e4:ce:3f:99:08:b4:f8:
0d:7a:f8:8f:9c:d9:38:0a:01:ed:ce:12:6b:00:81:f8:1e:32:
c0:72:af:9e:12:5d:f5:48:df:69:1a:f7:22:37:29:b7:96:02:
27:46:1d:41:16:70:56:d3:53:6a:2b:d8:d0:bd:96:b8:ee:dc:
62:68:b9:4e:02:37:f3:e3:59:88:f4:79:a7:4a:fc:92:d1:3e:
46:21:ce:1f:60:e4:40:72:73:10:b5:52:35:10:06:de:e4:48:
81:91:56:40:7c:5b:91:b9:df:7e:b1:87:40:58:18:14:d4:a7:
92:f5:cc:a0:cf:2a:d5:18:46:2f:f7:d3:63:25:ce:6c:a3:bf:
56:db:a7:d6:e4:f1:28:da:84:45:dd:9e:5f:47:70:e2:83:78:
83:95:d6:39:2b:b9:d3:ca:25:07:f5:13:e1:33:52:00:36:74:
e1:b4:96:82:ed:6b:e0:78:04:27:70:06:7d:ff:3f:27:7f:5b:
ad:12:03:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiWLQN/KmCX2UxwNTURd72TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNjA3MTQwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODkzMjM5NzgyNTRkNDY0NmRkMWVhZjQwZDg0ZWM3MjJiMmY5YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/r8+sDHZ5C9YQu1WeTaX8Mdrvc3
AbZAIfPLqvGxNTQvyxevH747eHHQzBibToBZdck6h5+6vQsVx++w9gDI9NTz7XGT
GXEomcUse4YocSWQ3oCTDnbCE8OnJ9wmJNggpP+cLQXIZW8WIMS4dDToDrbEDMq2
CW6hFF634m4KY9VQGKQQmLCB6W4kFw2e8ebPRbpDlr13K0qAIyalUzFxMUZ9gbBt
10GS1vd9R3io3we44vi5HjszUjnguhS0Us3APW2uUmJC5d8sgvL1XaMKO/NXiEjw
02hGthoOGaYtm8L2RW+5a0h/Sw4mRv4kve7dKae/Xv/VHY9AdJgCyyqwXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMiTI5eCVNRkbdHq9A2E7HIrL5w1MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveUpNamw0SlUxR1J0MGVyMERZVHNjaXN2bkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ82AwQA
LV7VAwQAWS7ZAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQBfKmHveBgN5n6aQnU8
Z113ZWJRhfhgeOpf54BWQVvkziy1uWKnwv1pFO1AOFqExEuRWO8m5Om/KElFd+BC
+ot0heTOP5kItPgNeviPnNk4CgHtzhJrAIH4HjLAcq+eEl31SN9pGvciNym3lgIn
Rh1BFnBW01NqK9jQvZa47txiaLlOAjfz41mI9HmnSvyS0T5GIc4fYORAcnMQtVI1
EAbe5EiBkVZAfFuRud9+sYdAWBgU1KeS9cygzyrVGEYv99NjJc5so79W26fW5PEo
2oRF3Z5fR3Dig3iDldY5K7nTyiUH9RPhM1IANnThtJaC7WvgeAQncAZ9/z8nf1ut
EgMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org