Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/sn_yxfmMdjuylqlmmsMMdRgkvvc.roa
File: sn_yxfmMdjuylqlmmsMMdRgkvvc.roa (raw, json)
Hash identifier: qYt5vYySTIctfux4WRkn4nMabucIAIUYbvI6+NKnowk=
Subject key identifier: B2:7F:F2:C5:F9:8C:76:3B:B2:96:A9:66:9A:C3:0C:75:18:24:BE:F7
Certificate issuer: /CN=5de458f21d406466bdf68240f505eefd197ba936
Certificate serial: 018570CC0FE5196EB71A5AC5E21FA0BBCC58
Authority key identifier: 5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/sn_yxfmMdjuylqlmmsMMdRgkvvc.roa
Signing time: Mon 02 Jan 2023 04:44:59 +0000
ROA not before: Mon 02 Jan 2023 04:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16290
IP address blocks: 217.117.128.0/22 maxlen: 22
217.117.136.0/21 maxlen: 21
84.23.160.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:0f:e5:19:6e:b7:1a:5a:c5:e2:1f:a0:bb:cc:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5de458f21d406466bdf68240f505eefd197ba936
Validity
Not Before: Jan 2 04:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b27ff2c5f98c763bb296a9669ac30c751824bef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d1:ee:48:e3:f1:39:db:5a:81:ae:ad:47:19:
e1:a6:db:fe:93:70:89:ef:13:17:53:06:2c:16:a6:
8f:74:7d:3a:fb:a6:34:b9:51:12:d0:6e:22:db:17:
ee:e1:70:51:e0:04:8e:c8:3d:ee:44:74:c6:8e:a9:
8f:e2:9e:f7:7a:ff:30:b8:4d:9b:1d:75:c8:2c:c1:
ef:f0:22:cc:8b:1d:54:cd:b7:9b:4d:54:64:91:75:
f5:83:4b:4d:fd:da:94:2d:52:d1:5e:dc:97:a1:7a:
6a:4e:08:f0:e4:e7:87:75:a6:90:2d:5d:ca:35:00:
4b:bf:cc:8a:bd:51:3c:2d:76:0d:af:48:a3:5d:94:
52:d0:e0:b6:37:a4:5f:79:89:62:91:5e:df:f6:fe:
cc:cb:33:90:61:cf:87:a0:24:f0:b4:aa:8b:5b:db:
f1:c0:16:80:2f:78:e9:e0:11:32:03:e9:61:82:55:
60:9f:30:20:f4:17:f6:f8:dc:6c:ca:f7:e0:3f:15:
2a:5c:13:2d:ad:78:27:93:fd:f6:89:46:9e:e0:34:
a4:49:4c:6a:07:ff:30:2a:55:74:ad:cc:9e:b8:7b:
5f:b8:f7:ea:5a:bc:85:db:cb:b7:ab:91:8c:11:4c:
51:14:92:52:29:60:f0:2b:02:6d:72:9f:d0:e9:e4:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7F:F2:C5:F9:8C:76:3B:B2:96:A9:66:9A:C3:0C:75:18:24:BE:F7
X509v3 Authority Key Identifier:
keyid:5D:E4:58:F2:1D:40:64:66:BD:F6:82:40:F5:05:EE:FD:19:7B:A9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeRY8h1AZGa99oJA9QXu_Rl7qTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/sn_yxfmMdjuylqlmmsMMdRgkvvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/e155ea-88cd-4414-aab6-23ab58d6415a/1/XeRY8h1AZGa99oJA9QXu_Rl7qTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.23.160.0/19
217.117.128.0/22
217.117.136.0/21
Signature Algorithm: sha256WithRSAEncryption
99:65:d9:00:43:d4:b6:2b:16:ba:d7:68:5c:df:41:b5:2b:ba:
d3:a4:be:7b:56:0a:79:df:e3:0e:28:1f:e9:1a:b6:f7:68:96:
f6:18:a6:f4:aa:5c:8f:d0:4a:cb:6b:b1:60:b1:1f:11:dd:78:
e6:c7:b7:07:3c:81:0d:27:8d:b7:a1:ab:39:76:69:87:1f:79:
5c:7e:59:ac:7c:11:cc:a1:29:f1:f3:80:af:d6:af:ac:b0:fb:
73:76:c0:95:6b:09:c0:2c:d6:e8:28:1e:e0:fb:c8:72:ac:2b:
ca:31:55:c6:1a:0a:e4:1b:80:ef:6f:92:7f:59:59:3a:10:d4:
a5:ac:06:e8:80:6a:91:5b:47:8e:82:99:e5:c7:9a:77:8e:03:
38:02:7f:bc:32:39:63:02:13:df:f0:5b:2c:43:8b:25:46:28:
5c:4f:e2:71:57:7c:b7:09:79:6a:da:1d:5e:1a:97:b0:4e:ad:
fc:35:df:37:5f:43:37:6b:71:1c:2f:ca:c3:c2:61:d5:8f:a5:
da:1e:fa:1c:ea:d3:16:9b:55:7c:37:13:1e:ec:00:e0:87:fc:
95:6c:b5:81:84:ba:f4:2c:0a:3e:f3:c9:9f:a3:20:39:be:1d:
e7:6c:0b:56:2b:8a:b5:8e:6b:07:8c:07:39:d5:ca:67:ba:d9:
fd:08:35:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwzA/lGW63GlrF4h+gu8xYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTQ1OGYyMWQ0MDY0NjZiZGY2ODI0MGY1MDVlZWZkMTk3
YmE5MzYwHhcNMjMwMTAyMDQ0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdmZjJjNWY5OGM3NjNiYjI5NmE5NjY5YWMzMGM3NTE4MjRiZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNHuSOPxOdtaga6tRxnhptv+k3CJ
7xMXUwYsFqaPdH06+6Y0uVES0G4i2xfu4XBR4ASOyD3uRHTGjqmP4p73ev8wuE2b
HXXILMHv8CLMix1UzbebTVRkkXX1g0tN/dqULVLRXtyXoXpqTgjw5OeHdaaQLV3K
NQBLv8yKvVE8LXYNr0ijXZRS0OC2N6RfeYlikV7f9v7MyzOQYc+HoCTwtKqLW9vx
wBaAL3jp4BEyA+lhglVgnzAg9Bf2+NxsyvfgPxUqXBMtrXgnk/32iUae4DSkSUxq
B/8wKlV0rcyeuHtfuPfqWryF28u3q5GMEUxRFJJSKWDwKwJtcp/Q6eTKIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLJ/8sX5jHY7spapZprDDHUYJL73MB8GA1UdIwQY
MBaAFF3kWPIdQGRmvfaCQPUF7v0Ze6k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYt
MjNhYjU4ZDY0MTVhLzEvc25feXhmbU1kanV5bHFsbW1zTU1kUmdrdnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lMTU1ZWEtODhjZC00NDE0LWFhYjYtMjNhYjU4ZDY0MTVh
LzEvWGVSWThoMUFaR2E5OW9KQTlRWHVfUmw3cVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVBegAwQC
2XWAAwQD2XWIMA0GCSqGSIb3DQEBCwUAA4IBAQCZZdkAQ9S2Kxa612hc30G1K7rT
pL57Vgp53+MOKB/pGrb3aJb2GKb0qlyP0ErLa7FgsR8R3Xjmx7cHPIENJ423oas5
dmmHH3lcflmsfBHMoSnx84Cv1q+ssPtzdsCVawnALNboKB7g+8hyrCvKMVXGGgrk
G4Dvb5J/WVk6ENSlrAbogGqRW0eOgpnlx5p3jgM4An+8MjljAhPf8FssQ4slRihc
T+JxV3y3CXlq2h1eGpewTq38Nd83X0M3a3EcL8rDwmHVj6XaHvoc6tMWm1V8NxMe
7ADgh/yVbLWBhLr0LAo+88mfoyA5vh3nbAtWK4q1jmsHjAc51cpnutn9CDXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:50 2024 by rpki-client on console-fra.rpki-client.org