Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YWfmetMA0d_FZs7447zFiPOn_G0.roa
File: YWfmetMA0d_FZs7447zFiPOn_G0.roa (raw, json)
Hash identifier: RV14cPwDJSMPjq30qOnQv8DrLKij5pBV3akSDlt7HEc=
Subject key identifier: 61:67:E6:7A:D3:00:D1:DF:C5:66:CE:F8:E3:BC:C5:88:F3:A7:FC:6D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018C123C78D0C3C201372598073C269ECF76
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YWfmetMA0d_FZs7447zFiPOn_G0.roa
Signing time: Mon 27 Nov 2023 19:23:22 +0000
ROA not before: Mon 27 Nov 2023 19:23:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13886
IP address blocks: 45.150.32.0/22 maxlen: 22
45.43.165.0/24 maxlen: 24
64.137.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:3c:78:d0:c3:c2:01:37:25:98:07:3c:26:9e:cf:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 27 19:23:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6167e67ad300d1dfc566cef8e3bcc588f3a7fc6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fb:78:a0:8f:6c:96:7f:ef:76:f6:ad:b5:5b:
3a:86:6b:97:eb:00:d8:a1:8c:fb:db:91:0c:75:ac:
c7:77:b0:81:05:ad:4b:7e:dc:4b:6d:aa:ed:e4:cb:
b5:3a:ab:e1:35:b7:c0:c8:38:83:0d:19:eb:57:1d:
8e:bc:bd:0d:4e:37:8e:c4:36:40:f9:67:a3:0d:1b:
c7:80:ba:99:f8:b2:45:aa:75:25:15:e8:2a:e7:bc:
5c:f9:4d:19:a8:b3:5c:66:9d:03:ff:af:54:6b:3a:
b7:5e:0d:f0:8b:e1:fc:e0:d7:71:fa:84:29:8f:c3:
ca:18:f8:c1:42:cc:2e:1d:5c:49:0e:e9:5a:5e:ca:
1a:bf:d2:f9:cc:8d:c6:ac:29:7b:19:6f:6a:04:b5:
d2:9f:9f:1d:c9:e7:9b:64:1f:7a:0f:4d:b0:c2:98:
ec:6c:db:ed:ae:1e:9d:e0:85:f2:8c:dd:6d:28:21:
2e:73:ae:2f:78:25:7e:3c:43:67:70:c9:7e:d4:ec:
bb:e0:ea:46:19:8e:85:20:44:b9:ee:86:d1:a1:c2:
dc:fd:31:86:9e:c0:ad:af:76:b3:8f:b6:aa:08:df:
64:3c:34:90:22:a8:9e:72:3d:ec:b9:3d:91:be:07:
6f:ec:fc:83:06:2c:f0:6e:1d:53:82:a0:39:12:76:
04:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:67:E6:7A:D3:00:D1:DF:C5:66:CE:F8:E3:BC:C5:88:F3:A7:FC:6D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YWfmetMA0d_FZs7447zFiPOn_G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.51.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ad:72:0d:ce:13:f6:99:b4:1c:80:a3:2f:7e:d1:28:aa:de:
cd:80:d5:c3:1a:ea:5b:62:b6:73:08:3a:84:6a:65:2e:a2:7f:
81:cb:f0:46:9a:b0:fd:c5:71:47:d9:7c:30:75:5d:fc:ee:e5:
76:9c:6c:1f:a2:21:d5:81:07:59:66:fd:2a:45:e9:2c:74:f5:
6e:1b:de:b0:e0:2c:d8:03:81:5f:15:a7:7a:28:9b:da:88:68:
e2:19:09:40:06:6a:10:02:b7:2c:2c:a0:8c:6d:54:b9:d1:88:
7e:95:35:b7:1c:0d:7c:72:d7:e8:30:82:eb:88:a6:64:20:f1:
23:03:36:ec:9c:f2:63:ed:79:1c:dc:42:21:ff:7c:55:f3:be:
f6:2b:37:01:74:f7:7c:16:4d:42:52:9e:af:20:ae:98:a0:67:
ad:0d:12:6c:7b:42:9f:3b:6e:1f:8e:ca:72:1a:30:17:10:5c:
6a:19:c1:99:4c:27:18:8e:c9:50:86:7c:fc:10:4a:31:a9:78:
4a:10:c8:cb:a1:31:b3:86:f5:14:91:45:ee:81:5b:c2:2e:29:
66:16:1b:28:f0:3a:4d:e8:b9:4c:4c:74:34:c9:53:fd:d9:63:
4f:80:87:3c:99:c3:59:a9:a1:56:90:04:fa:74:e2:b8:d5:fb:
fd:76:c7:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwSPHjQw8IBNyWYBzwmns92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMxMTI3MTkyMzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTY3ZTY3YWQzMDBkMWRmYzU2NmNlZjhlM2JjYzU4OGYzYTdmYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/t4oI9sln/vdvattVs6hmuX6wDY
oYz725EMdazHd7CBBa1LftxLbart5Mu1OqvhNbfAyDiDDRnrVx2OvL0NTjeOxDZA
+WejDRvHgLqZ+LJFqnUlFegq57xc+U0ZqLNcZp0D/69Uazq3Xg3wi+H84Ndx+oQp
j8PKGPjBQswuHVxJDulaXsoav9L5zI3GrCl7GW9qBLXSn58dyeebZB96D02wwpjs
bNvtrh6d4IXyjN1tKCEuc64veCV+PENncMl+1Oy74OpGGY6FIES57obRocLc/TGG
nsCtr3azj7aqCN9kPDSQIqiecj3suT2Rvgdv7PyDBizwbh1TgqA5EnYEEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGFn5nrTANHfxWbO+OO8xYjzp/xtMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWVdmbWV0TUEwZF9GWnM3NDQ3ekZpUE9uX0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSulAwQC
LZYgAwQAQIkzMA0GCSqGSIb3DQEBCwUAA4IBAQBNrXINzhP2mbQcgKMvftEoqt7N
gNXDGupbYrZzCDqEamUuon+By/BGmrD9xXFH2XwwdV387uV2nGwfoiHVgQdZZv0q
ReksdPVuG96w4CzYA4FfFad6KJvaiGjiGQlABmoQArcsLKCMbVS50Yh+lTW3HA18
ctfoMILriKZkIPEjAzbsnPJj7Xkc3EIh/3xV8772KzcBdPd8Fk1CUp6vIK6YoGet
DRJse0KfO24fjspyGjAXEFxqGcGZTCcYjslQhnz8EEoxqXhKEMjLoTGzhvUUkUXu
gVvCLilmFhso8DpN6LlMTHQ0yVP92WNPgIc8mcNZqaFWkAT6dOK41fv9dscp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org