Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yuPko35gnbRxX2xcJAk22MjaRfs.roa
File: yuPko35gnbRxX2xcJAk22MjaRfs.roa (raw, json)
Hash identifier: f5YFiqDgKg/TMZWj6i2H8cQve7Ie0UoR/J/v+LWwy2A=
Subject key identifier: CA:E3:E4:A3:7E:60:9D:B4:71:5F:6C:5C:24:09:36:D8:C8:DA:45:FB
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018EE1B173BD10D9F669ED2504E6A2C31038
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yuPko35gnbRxX2xcJAk22MjaRfs.roa
Signing time: Mon 15 Apr 2024 12:18:06 +0000
ROA not before: Mon 15 Apr 2024 12:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 46.8.5.0/24 maxlen: 24
188.130.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 09:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:b1:73:bd:10:d9:f6:69:ed:25:04:e6:a2:c3:10:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 15 12:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cae3e4a37e609db4715f6c5c240936d8c8da45fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:fe:9e:78:2e:04:c4:08:e0:b2:a2:95:8e:
d7:49:a1:6a:e0:21:8b:7f:2a:c2:27:47:76:05:bf:
42:a7:63:63:85:87:73:f2:4e:03:0d:46:30:f5:04:
b8:cd:5f:ae:8d:08:d8:44:95:18:f0:24:84:0f:e8:
57:80:eb:a5:b6:af:fd:6d:2c:bb:f9:4c:d1:59:6f:
39:2f:c4:94:c4:dd:04:40:34:a5:a9:22:5b:14:bb:
4a:72:4d:8b:ad:01:dc:81:c5:44:4c:2c:12:7d:e6:
b4:81:29:6f:29:87:3e:6e:9e:22:10:a1:44:d3:cb:
cc:2f:88:fa:9e:d4:e1:65:29:b2:c5:4d:ec:37:10:
70:8f:1e:00:d2:5b:c4:9a:dc:45:7b:83:90:f0:83:
85:ba:e0:3c:73:9c:9a:ed:22:33:81:c8:21:68:dd:
f9:bd:a4:38:fd:84:c3:92:e9:b7:3c:59:6e:ce:37:
00:32:c7:d2:2a:9f:4b:c2:eb:bb:fc:73:d0:3a:bb:
c7:22:f4:06:71:49:5b:cf:98:52:c0:4d:dc:3e:41:
5d:f6:cd:4c:a0:9b:b7:86:89:8d:23:2f:a5:06:1e:
f1:54:24:33:e0:75:e1:08:dd:2a:1b:94:16:f1:92:
82:39:ab:c1:47:99:e0:b0:11:7c:3d:6e:55:23:16:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E3:E4:A3:7E:60:9D:B4:71:5F:6C:5C:24:09:36:D8:C8:DA:45:FB
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/yuPko35gnbRxX2xcJAk22MjaRfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.5.0/24
188.130.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:4e:ad:33:fa:99:13:e9:fb:f6:b4:9c:4a:2f:0b:65:4c:52:
8e:3d:72:2a:63:8b:61:cd:c5:1a:b1:12:4b:46:c5:7d:db:89:
b1:73:09:ae:ad:d9:d1:d2:5b:6e:ca:49:56:68:42:d6:eb:70:
11:5d:50:30:c8:ad:e0:9c:c4:3e:9f:d8:8f:21:80:c5:fd:46:
57:83:16:5d:ce:c2:bd:f4:a2:0a:e8:47:5f:6b:7d:72:72:21:
8b:4e:c9:d0:21:7a:c0:d7:08:2f:38:6e:d8:18:8d:18:fa:95:
85:d4:f0:75:bd:72:f4:d5:be:02:25:f6:a2:11:ee:ab:2e:d2:
0b:12:fc:62:17:ef:94:a9:c8:ee:b9:ed:dd:e4:b2:e4:8d:63:
01:72:0c:d7:1f:b2:0d:e0:51:fc:7e:71:6c:93:16:4b:89:03:
29:3b:4a:19:60:67:1e:4d:23:39:2b:2a:12:6a:56:52:0f:00:
2a:7d:95:3a:03:99:9f:eb:c9:2e:fa:a0:ad:b1:e4:76:a7:a0:
c7:69:2a:2c:b9:18:90:0c:b3:da:c5:7e:6d:52:d3:36:8c:5d:
77:00:a6:de:bf:9d:89:b2:6b:72:d3:b0:d7:b0:5a:12:f9:66:
77:55:a6:20:82:e9:e7:60:0a:fc:41:16:f0:d4:3a:e6:18:ff:
b7:c9:19:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7hsXO9ENn2ae0lBOaiwxA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNDE1MTIxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWUzZTRhMzdlNjA5ZGI0NzE1ZjZjNWMyNDA5MzZkOGM4ZGE0NWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYb+nnguBMQI4LKilY7XSaFq4CGL
fyrCJ0d2Bb9Cp2NjhYdz8k4DDUYw9QS4zV+ujQjYRJUY8CSED+hXgOultq/9bSy7
+UzRWW85L8SUxN0EQDSlqSJbFLtKck2LrQHcgcVETCwSfea0gSlvKYc+bp4iEKFE
08vML4j6ntThZSmyxU3sNxBwjx4A0lvEmtxFe4OQ8IOFuuA8c5ya7SIzgcghaN35
vaQ4/YTDkum3PFluzjcAMsfSKp9Lwuu7/HPQOrvHIvQGcUlbz5hSwE3cPkFd9s1M
oJu3homNIy+lBh7xVCQz4HXhCN0qG5QW8ZKCOavBR5ngsBF8PW5VIxb5HwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMrj5KN+YJ20cV9sXCQJNtjI2kX7MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEveXVQa28zNWduYlJ4WDJ4Y0pBazIyTWphUmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALggFAwQA
vILNMA0GCSqGSIb3DQEBCwUAA4IBAQCeTq0z+pkT6fv2tJxKLwtlTFKOPXIqY4th
zcUasRJLRsV924mxcwmurdnR0ltuyklWaELW63ARXVAwyK3gnMQ+n9iPIYDF/UZX
gxZdzsK99KIK6Edfa31yciGLTsnQIXrA1wgvOG7YGI0Y+pWF1PB1vXL01b4CJfai
Ee6rLtILEvxiF++Uqcjuue3d5LLkjWMBcgzXH7IN4FH8fnFskxZLiQMpO0oZYGce
TSM5KyoSalZSDwAqfZU6A5mf68ku+qCtseR2p6DHaSosuRiQDLPaxX5tUtM2jF13
AKbev52Jsmty07DXsFoS+WZ3VaYggunnYAr8QRbw1DrmGP+3yRnF
-----END CERTIFICATE-----
Generated at Tue Jun 25 13:08:02 2024 by rpki-client on console-ams.rpki-client.org