Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/YL4B7A8DIwWTdxnBBEAFmOvUks4.roa
File: YL4B7A8DIwWTdxnBBEAFmOvUks4.roa (raw, json)
Hash identifier: K8eYGWLWK9hXZa7vqhMUXZqZKhM/0vVbkszK02pYtzY=
Subject key identifier: 60:BE:01:EC:0F:03:23:05:93:77:19:C1:04:40:05:98:EB:D4:92:CE
Certificate issuer: /CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Certificate serial: 01856E6FD47F791F1A06E5E9D0EFEA584EB2
Authority key identifier: 0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/YL4B7A8DIwWTdxnBBEAFmOvUks4.roa
Signing time: Sun 01 Jan 2023 17:45:00 +0000
ROA not before: Sun 01 Jan 2023 17:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204512
IP address blocks: 157.97.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:d4:7f:79:1f:1a:06:e5:e9:d0:ef:ea:58:4e:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Validity
Not Before: Jan 1 17:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60be01ec0f032305937719c104400598ebd492ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6f:60:c4:21:cf:1d:e6:f5:a0:b7:71:b1:fd:
7c:aa:e7:ae:8a:c1:93:89:fc:f2:a9:89:07:2c:ff:
4b:a2:0b:0e:3e:60:a3:0e:78:86:80:3e:70:ea:f8:
71:a3:01:aa:9b:5d:65:4f:c4:c3:33:53:bd:14:da:
b9:4e:0b:73:5e:08:c1:71:f6:7e:0d:e6:19:d5:5b:
e3:35:32:d6:cf:4f:03:34:69:83:92:88:af:83:95:
aa:e1:27:91:04:84:a8:a9:1c:56:4d:27:8e:75:d3:
79:24:67:b6:7a:89:e3:66:b8:04:dc:dc:dd:33:c4:
42:19:c0:e3:97:9a:b6:b6:ab:d1:56:3c:74:17:a4:
7b:ce:52:cd:33:bb:3c:ca:2d:a6:3d:83:f6:82:ad:
58:c7:51:b5:45:e2:a9:d8:94:16:16:bd:b1:84:79:
85:9c:c9:25:17:44:a3:ce:cb:19:cd:27:9e:fd:71:
00:f1:0a:2d:88:8f:b9:1d:89:33:9e:95:8e:26:ce:
38:d5:6f:c8:12:ac:9f:11:fd:75:2c:7d:da:f3:0e:
8f:c6:3a:dc:de:82:e6:00:4e:26:21:58:14:69:0e:
cf:f4:6f:7b:ce:f2:63:07:a3:f5:ff:6c:f6:1e:86:
b3:4c:00:b1:8f:07:d6:46:49:8d:81:03:be:9b:32:
9f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BE:01:EC:0F:03:23:05:93:77:19:C1:04:40:05:98:EB:D4:92:CE
X509v3 Authority Key Identifier:
keyid:0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/YL4B7A8DIwWTdxnBBEAFmOvUks4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.75.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:9c:95:e2:3b:ed:32:3d:56:b4:5f:75:d8:b5:11:60:72:6a:
6a:bd:b4:98:9a:a5:70:e8:7c:07:66:66:2b:f4:ff:98:85:55:
76:37:ee:ed:5c:9c:38:04:a6:30:fe:7d:08:1a:9a:88:25:ac:
44:8f:1e:6f:fc:14:43:57:e7:9b:bb:66:64:1b:d8:48:eb:ac:
9b:16:6e:34:6a:d6:7e:a1:44:81:78:11:ab:10:fc:95:31:ef:
1d:7a:61:d3:e0:cd:52:53:a3:ae:6a:7c:fe:c0:5a:77:0c:45:
71:1f:0d:5b:3b:33:08:df:f9:75:65:0d:21:cb:fa:92:90:cd:
05:bc:7e:ba:e1:19:c7:77:13:d2:02:bd:0a:35:26:32:30:ad:
a1:86:42:c3:cf:a3:e0:f2:e3:1a:59:88:b6:9a:fd:44:ac:68:
5c:fd:f6:2a:4b:ae:66:0a:44:b3:00:a9:b1:25:40:83:54:bf:
dc:8d:d1:b4:36:14:a8:14:f3:12:5e:93:91:79:e9:6c:a1:16:
2f:da:21:7f:ec:14:de:dc:c6:b9:d0:35:14:5d:06:4c:fb:b2:
ce:79:b0:44:29:ac:ce:00:80:b9:23:d1:54:a7:03:02:7d:71:
31:7a:ea:cf:fd:e3:ff:c0:6a:7d:26:7e:c2:fb:c1:c0:1c:03:
11:90:69:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub9R/eR8aBuXp0O/qWE6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGNiZWU1MTk5MGYxZTA1YTlkMWRjMGMyZjJmM2E4YTM0
NzBjMTMwHhcNMjMwMTAxMTc0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJlMDFlYzBmMDMyMzA1OTM3NzE5YzEwNDQwMDU5OGViZDQ5MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW9gxCHPHeb1oLdxsf18queuisGT
ifzyqYkHLP9LogsOPmCjDniGgD5w6vhxowGqm11lT8TDM1O9FNq5TgtzXgjBcfZ+
DeYZ1VvjNTLWz08DNGmDkoivg5Wq4SeRBISoqRxWTSeOddN5JGe2eonjZrgE3Nzd
M8RCGcDjl5q2tqvRVjx0F6R7zlLNM7s8yi2mPYP2gq1Yx1G1ReKp2JQWFr2xhHmF
nMklF0SjzssZzSee/XEA8QotiI+5HYkznpWOJs441W/IEqyfEf11LH3a8w6Pxjrc
3oLmAE4mIVgUaQ7P9G97zvJjB6P1/2z2HoazTACxjwfWRkmNgQO+mzKf9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGC+AewPAyMFk3cZwQRABZjr1JLOMB8GA1UdIwQY
MBaAFA2MvuUZkPHgWp0dwMLy86ijRwwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWIt
MWIxZTc4Y2JiYjA5LzEvWUw0QjdBOERJd1dUZHhuQkJFQUZtT3ZVa3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWItMWIxZTc4Y2JiYjA5
LzEvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnWFLMA0G
CSqGSIb3DQEBCwUAA4IBAQBenJXiO+0yPVa0X3XYtRFgcmpqvbSYmqVw6HwHZmYr
9P+YhVV2N+7tXJw4BKYw/n0IGpqIJaxEjx5v/BRDV+ebu2ZkG9hI66ybFm40atZ+
oUSBeBGrEPyVMe8demHT4M1SU6Ouanz+wFp3DEVxHw1bOzMI3/l1ZQ0hy/qSkM0F
vH664RnHdxPSAr0KNSYyMK2hhkLDz6Pg8uMaWYi2mv1ErGhc/fYqS65mCkSzAKmx
JUCDVL/cjdG0NhSoFPMSXpOReelsoRYv2iF/7BTe3Ma50DUUXQZM+7LOebBEKazO
AIC5I9FUpwMCfXExeurP/eP/wGp9Jn7C+8HAHAMRkGlR
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:20 2024 by rpki-client on console-fra.rpki-client.org