Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/yC4DBZoLYxHdSEW3qXpiZoDShz0.roa
File: yC4DBZoLYxHdSEW3qXpiZoDShz0.roa (raw, json)
Hash identifier: pJqJa+tKd0D9MQG6siMD8VlZHRuCI068fDS1lHpvbWE=
Subject key identifier: C8:2E:03:05:9A:0B:63:11:DD:48:45:B7:A9:7A:62:66:80:D2:87:3D
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 018572712A0A2B516A50821BA8E5AEAF6560
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/yC4DBZoLYxHdSEW3qXpiZoDShz0.roa
Signing time: Mon 02 Jan 2023 12:24:57 +0000
ROA not before: Mon 02 Jan 2023 12:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208271
IP address blocks: 147.78.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:2a:0a:2b:51:6a:50:82:1b:a8:e5:ae:af:65:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Jan 2 12:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c82e03059a0b6311dd4845b7a97a626680d2873d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:43:95:3d:3b:77:48:49:54:2f:4d:71:19:
4c:06:e1:4c:67:91:21:66:10:bc:81:c0:31:88:9a:
91:08:64:06:1e:a6:6f:3a:ea:81:13:d3:f6:29:9b:
af:7c:93:6e:cb:2a:bf:71:f0:24:fb:cb:ec:f7:44:
0e:79:0e:c4:b5:bd:9f:e9:70:c9:e9:e0:b8:65:b6:
2c:40:fc:24:e7:13:51:a4:86:4f:03:7e:c3:b8:87:
7a:af:ae:f0:4d:9b:14:d8:7a:95:7e:3c:78:69:2c:
9c:51:31:4e:5d:ac:e1:0b:5e:73:b1:a6:b2:4b:1f:
a3:c5:8c:b8:9a:0e:4d:55:d5:0e:6b:8d:f2:26:f0:
75:71:cb:e0:95:1f:af:d0:5f:b9:65:c2:81:1f:19:
80:ee:0a:e6:eb:a1:56:01:90:81:9b:35:bd:d2:3e:
6f:25:86:5f:70:e9:47:2e:b3:73:59:3a:10:04:2f:
55:a4:7e:a1:39:4d:15:48:d7:2c:62:24:1f:57:04:
53:89:c6:7d:f5:ad:2c:9e:03:59:18:4b:8a:3d:f3:
55:1c:52:b4:32:b3:e2:e6:06:24:d2:bc:49:46:99:
73:29:ef:be:78:b9:d9:81:38:2a:53:f1:1a:d6:02:
45:dd:fa:a1:81:b3:fc:a5:ca:40:0e:a8:8a:2e:b9:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2E:03:05:9A:0B:63:11:DD:48:45:B7:A9:7A:62:66:80:D2:87:3D
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/yC4DBZoLYxHdSEW3qXpiZoDShz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.34.0/24
Signature Algorithm: sha256WithRSAEncryption
74:bc:2e:cb:bb:41:fb:d0:58:bc:49:a3:cb:b2:98:18:38:00:
f8:6c:4b:e6:eb:fa:f0:a0:56:24:8a:12:c1:df:40:19:29:b3:
73:19:e2:5b:52:26:eb:a5:89:44:37:98:7d:31:7a:ff:24:66:
e8:ae:fb:da:fb:85:6c:c0:db:98:eb:d2:08:30:ae:f5:96:a0:
35:aa:e1:df:da:9d:53:9f:7d:a5:d8:21:26:80:69:65:82:e1:
b9:00:55:7b:4a:1d:22:50:ad:74:ff:eb:0c:ec:d6:ac:ff:25:
49:14:70:b5:f5:73:a8:24:26:88:47:76:46:0b:9b:6b:49:8f:
af:be:02:b6:7e:1b:bf:f0:af:74:ce:d8:6f:50:cc:1a:94:70:
5f:4d:04:cd:f1:80:8b:92:02:9e:a6:a3:26:3f:be:10:2d:2a:
b1:5e:3a:f0:5d:d4:52:1a:f6:4e:c2:51:e0:dc:82:b2:bc:fc:
18:7c:18:4a:f7:d7:d4:8c:74:af:12:f9:c4:c5:68:1e:85:f6:
e8:0a:23:20:86:aa:3e:7c:cf:3e:72:7a:ef:e6:ad:a4:8a:7c:
2d:ad:1a:dc:d9:ef:bf:83:74:a5:dd:74:f6:b5:01:67:9c:05:
a6:23:5d:a8:20:77:03:45:ed:51:c1:8a:24:d4:ec:79:e1:17:
d7:f8:32:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycSoKK1FqUIIbqOWur2VgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjMwMTAyMTIyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODJlMDMwNTlhMGI2MzExZGQ0ODQ1YjdhOTdhNjI2NjgwZDI4NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobNDlT07d0hJVC9NcRlMBuFMZ5Eh
ZhC8gcAxiJqRCGQGHqZvOuqBE9P2KZuvfJNuyyq/cfAk+8vs90QOeQ7Etb2f6XDJ
6eC4ZbYsQPwk5xNRpIZPA37DuId6r67wTZsU2HqVfjx4aSycUTFOXazhC15zsaay
Sx+jxYy4mg5NVdUOa43yJvB1ccvglR+v0F+5ZcKBHxmA7grm66FWAZCBmzW90j5v
JYZfcOlHLrNzWToQBC9VpH6hOU0VSNcsYiQfVwRTicZ99a0sngNZGEuKPfNVHFK0
MrPi5gYk0rxJRplzKe++eLnZgTgqU/Ea1gJF3fqhgbP8pcpADqiKLrl+FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMguAwWaC2MR3UhFt6l6YmaA0oc9MB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEveUM0REJab0xZeEhkU0VXM3FYcGlab0RTaHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04iMA0G
CSqGSIb3DQEBCwUAA4IBAQB0vC7Lu0H70Fi8SaPLspgYOAD4bEvm6/rwoFYkihLB
30AZKbNzGeJbUibrpYlEN5h9MXr/JGborvva+4VswNuY69IIMK71lqA1quHf2p1T
n32l2CEmgGllguG5AFV7Sh0iUK10/+sM7Nas/yVJFHC19XOoJCaIR3ZGC5trSY+v
vgK2fhu/8K90zthvUMwalHBfTQTN8YCLkgKepqMmP74QLSqxXjrwXdRSGvZOwlHg
3IKyvPwYfBhK99fUjHSvEvnExWgehfboCiMghqo+fM8+cnrv5q2kinwtrRrc2e+/
g3Sl3XT2tQFnnAWmI12oIHcDRe1RwYok1Ox54RfX+DJb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:20 2024 by rpki-client on console-fra.rpki-client.org