Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Yb0HZm1EssARbYMHqW36XwyYmPY.roa
File: Yb0HZm1EssARbYMHqW36XwyYmPY.roa (raw, json)
Hash identifier: sOijElkQ3xrbWGeJm0lgxq+AUphLhrlY4po2/4D0i0g=
Subject key identifier: 61:BD:07:66:6D:44:B2:C0:11:6D:83:07:A9:6D:FA:5F:0C:98:98:F6
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01914D8EF35331F8BEEB09A9E307C90BC249
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Yb0HZm1EssARbYMHqW36XwyYmPY.roa
Signing time: Tue 13 Aug 2024 21:04:59 +0000
ROA not before: Tue 13 Aug 2024 21:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 46.249.109.0/24 maxlen: 24
82.115.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 21:13:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:8e:f3:53:31:f8:be:eb:09:a9:e3:07:c9:0b:c2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 13 21:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61bd07666d44b2c0116d8307a96dfa5f0c9898f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d5:bf:c6:62:49:28:9f:02:65:54:75:ee:74:
79:71:12:3a:89:3c:2f:67:44:f0:16:66:a9:23:ec:
87:60:f0:d4:1f:c9:19:e4:ab:a3:21:d7:89:c7:4d:
fa:e5:ae:62:f2:be:46:84:ba:64:e5:3f:be:3e:92:
b0:1c:7d:48:6d:cb:22:33:b4:89:40:0c:3e:cf:22:
c5:40:88:29:9b:42:25:94:69:d0:fe:75:8a:79:f9:
54:90:db:8b:a2:2c:66:b5:a5:70:89:0c:66:09:6d:
2b:b0:ee:cf:64:33:d7:2e:24:ec:d6:f5:60:e8:ca:
1c:80:20:e6:9a:3b:72:c6:95:34:82:d7:1e:67:97:
82:1b:60:59:13:53:4b:52:67:74:ce:97:ef:f3:9f:
9b:5f:d6:1b:0c:11:2a:2a:aa:ca:00:a7:e1:2e:f9:
24:d7:49:83:12:36:96:05:51:50:36:0c:03:fd:d3:
24:0c:33:de:41:d7:92:a4:5c:5c:12:66:34:b6:0c:
31:a3:00:1d:60:11:1a:0c:30:e0:35:fb:26:a8:a7:
a9:fa:47:53:ff:5a:1a:72:f4:b2:bb:91:d6:4b:85:
05:45:3d:b3:d7:a7:44:97:41:25:d1:ef:1e:92:23:
b3:78:d5:23:db:a3:c4:d8:eb:2c:7d:08:9a:f1:c9:
82:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BD:07:66:6D:44:B2:C0:11:6D:83:07:A9:6D:FA:5F:0C:98:98:F6
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Yb0HZm1EssARbYMHqW36XwyYmPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.109.0/24
82.115.28.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:39:ec:59:32:20:71:c1:0d:c3:9a:c2:9d:19:15:d1:6f:ce:
b9:9f:a2:d2:2f:6f:66:95:7f:53:e0:2e:39:03:06:ea:05:65:
65:1b:e2:e2:50:52:12:a2:3d:34:ab:ac:e9:a2:3e:44:81:e8:
66:27:81:36:a4:c5:29:c7:93:03:17:2e:b6:c5:10:00:dc:b4:
d6:d6:3a:ea:d3:ab:db:f6:02:04:13:d8:42:4c:a3:fe:e4:e8:
d9:42:44:d7:c7:cd:e0:3b:98:90:d0:9d:fb:31:05:fd:43:ff:
e4:17:ef:25:89:3e:cb:72:27:71:35:66:4f:ae:25:1a:8e:e5:
77:29:87:20:1e:72:e5:2f:64:b3:fa:76:f0:75:db:56:f0:09:
17:1f:6a:9f:c9:0f:c8:2e:88:ec:fc:28:c2:34:e1:47:9c:59:
2f:c8:61:b7:0a:dd:77:91:8f:b5:8a:b6:a6:05:0a:b2:6a:f1:
22:82:f6:e2:7f:bb:8f:b0:f4:00:a6:d5:24:d6:81:d6:a3:6a:
76:01:c3:4e:fd:a0:2b:57:fb:07:d8:61:10:4b:f6:63:a2:12:
cf:fe:fa:4c:80:05:cf:43:76:3e:58:04:2d:3d:3c:23:9f:a8:
85:b0:00:e5:8f:58:61:7d:7a:f3:87:5e:b3:ad:4d:85:ec:69:
ed:78:e4:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFNjvNTMfi+6wmp4wfJC8JJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODEzMjEwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJkMDc2NjZkNDRiMmMwMTE2ZDgzMDdhOTZkZmE1ZjBjOTg5OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dW/xmJJKJ8CZVR17nR5cRI6iTwv
Z0TwFmapI+yHYPDUH8kZ5KujIdeJx0365a5i8r5GhLpk5T++PpKwHH1IbcsiM7SJ
QAw+zyLFQIgpm0IllGnQ/nWKeflUkNuLoixmtaVwiQxmCW0rsO7PZDPXLiTs1vVg
6MocgCDmmjtyxpU0gtceZ5eCG2BZE1NLUmd0zpfv85+bX9YbDBEqKqrKAKfhLvkk
10mDEjaWBVFQNgwD/dMkDDPeQdeSpFxcEmY0tgwxowAdYBEaDDDgNfsmqKep+kdT
/1oacvSyu5HWS4UFRT2z16dEl0El0e8ekiOzeNUj26PE2OssfQia8cmC8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGG9B2ZtRLLAEW2DB6lt+l8MmJj2MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWWIwSFptMUVzc0FSYllNSHFXMzZYd3lZbVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvltAwQA
UnMcMA0GCSqGSIb3DQEBCwUAA4IBAQAOOexZMiBxwQ3DmsKdGRXRb865n6LSL29m
lX9T4C45AwbqBWVlG+LiUFISoj00q6zpoj5EgehmJ4E2pMUpx5MDFy62xRAA3LTW
1jrq06vb9gIEE9hCTKP+5OjZQkTXx83gO5iQ0J37MQX9Q//kF+8liT7LcidxNWZP
riUajuV3KYcgHnLlL2Sz+nbwddtW8AkXH2qfyQ/ILojs/CjCNOFHnFkvyGG3Ct13
kY+1iramBQqyavEigvbif7uPsPQAptUk1oHWo2p2AcNO/aArV/sH2GEQS/ZjohLP
/vpMgAXPQ3Y+WAQtPTwjn6iFsADlj1hhfXrzh16zrU2F7GnteOQA
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:48:05 2025 by rpki-client