Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yn7HmJH9ilc8UUCEiwdoMNm_hxs.roa
File: yn7HmJH9ilc8UUCEiwdoMNm_hxs.roa (raw, json)
Hash identifier: VUpI1aDAvzrzqqlZqKJmWZ+UZatVkbnS5RGDgcfay6I=
Subject key identifier: CA:7E:C7:98:91:FD:8A:57:3C:51:40:84:8B:07:68:30:D9:BF:87:1B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A787762782D63A6F8B91269808545
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yn7HmJH9ilc8UUCEiwdoMNm_hxs.roa
Signing time: Tue 02 Jan 2024 12:33:50 +0000
ROA not before: Tue 02 Jan 2024 12:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212517
IP address blocks: 202.133.88.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 03:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:78:77:62:78:2d:63:a6:f8:b9:12:69:80:85:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca7ec79891fd8a573c5140848b076830d9bf871b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:81:c6:e3:88:a5:07:bf:56:02:e7:6c:d9:33:
be:ef:7f:01:e5:75:4c:74:b8:39:ad:e3:f8:e7:57:
1e:c9:23:00:11:4f:62:68:d3:bf:a6:3f:25:f6:ee:
a0:fd:f1:59:c6:ab:76:18:0e:98:60:ac:ac:72:bf:
a4:d6:47:34:9c:7c:96:7b:97:37:d1:ae:8b:f8:33:
53:81:12:84:16:b4:38:23:0c:40:30:be:40:1b:98:
40:8e:b6:eb:b8:8c:c5:a2:a9:9b:e2:6c:36:77:91:
02:aa:78:7b:0f:8a:5a:39:f6:68:04:f8:34:ca:7c:
9e:58:0f:91:0d:7f:e8:3d:81:d6:6a:f8:54:4f:d1:
20:08:6c:05:4b:e9:6e:23:22:39:ad:b6:1c:a7:69:
6d:9f:84:4d:48:e4:bd:d0:29:4a:c1:6a:f2:eb:90:
7e:0e:2d:84:c8:7e:e0:39:dc:c8:37:9a:89:5b:d3:
da:c8:ff:03:96:a4:ba:af:31:86:06:03:37:1f:e8:
a7:18:74:24:70:7b:6c:c5:2a:36:a6:98:42:b7:70:
3b:13:22:ed:db:74:b1:35:c6:e8:4d:d5:f8:9e:9e:
8f:22:03:f5:cc:40:a9:d2:b8:ae:db:81:ee:08:25:
11:61:2a:86:60:1d:a0:5a:93:7a:77:dd:71:27:0a:
04:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7E:C7:98:91:FD:8A:57:3C:51:40:84:8B:07:68:30:D9:BF:87:1B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/yn7HmJH9ilc8UUCEiwdoMNm_hxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.10.0/24
202.133.88.0/23
Signature Algorithm: sha256WithRSAEncryption
de:a4:bc:0e:f0:a0:41:6a:da:b7:7c:79:2e:6c:f2:96:26:5e:
6f:c9:09:71:11:61:eb:70:39:98:a0:50:3e:de:b6:01:b3:fa:
89:77:03:c9:52:1d:33:e8:6e:76:7b:dc:cb:4e:b7:5d:f8:22:
19:0d:9f:d4:62:11:b1:b2:b3:5a:e3:cf:c2:f8:08:7c:3b:b5:
01:73:ca:38:ef:d0:ac:ed:72:3b:2c:61:0a:17:de:e4:7e:78:
78:98:e0:b4:bd:41:de:0f:81:d8:0c:bb:ec:85:b5:1b:22:08:
3b:1b:59:41:bb:d0:d3:01:1e:08:36:38:2c:8b:82:d2:84:49:
a7:0d:5c:d8:03:5f:61:cc:10:c7:24:1a:16:6c:d9:4c:16:0c:
e5:fb:52:74:4b:75:f7:b7:2b:a8:e7:50:46:a7:f6:ba:35:84:
d9:21:6c:90:6b:5b:8b:34:f1:32:e6:e6:66:cb:0f:ff:7e:c4:
64:69:4e:9e:d9:41:1b:a2:38:10:81:7d:e0:85:a4:70:13:fb:
5e:4c:1f:fd:2b:f7:b6:8c:ad:a6:97:9e:d0:72:e4:39:33:5b:
1f:a7:f6:6e:34:5e:0c:df:36:04:b3:6a:66:cb:bb:9e:2f:75:
31:e4:4f:08:e0:3a:e9:14:d0:eb:ab:0b:93:7c:dc:f7:96:50:
9d:e0:aa:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKnh3YngtY6b4uRJpgIVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTdlYzc5ODkxZmQ4YTU3M2M1MTQwODQ4YjA3NjgzMGQ5YmY4NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIHG44ilB79WAuds2TO+738B5XVM
dLg5reP451ceySMAEU9iaNO/pj8l9u6g/fFZxqt2GA6YYKyscr+k1kc0nHyWe5c3
0a6L+DNTgRKEFrQ4IwxAML5AG5hAjrbruIzFoqmb4mw2d5ECqnh7D4paOfZoBPg0
ynyeWA+RDX/oPYHWavhUT9EgCGwFS+luIyI5rbYcp2ltn4RNSOS90ClKwWry65B+
Di2EyH7gOdzIN5qJW9PayP8DlqS6rzGGBgM3H+inGHQkcHtsxSo2pphCt3A7EyLt
23SxNcboTdX4np6PIgP1zECp0riu24HuCCURYSqGYB2gWpN6d91xJwoE2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMp+x5iR/YpXPFFAhIsHaDDZv4cbMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveW43SG1KSDlpbGM4VVVDRWl3ZG9NTm1faHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsKAwQB
yoVYMA0GCSqGSIb3DQEBCwUAA4IBAQDepLwO8KBBatq3fHkubPKWJl5vyQlxEWHr
cDmYoFA+3rYBs/qJdwPJUh0z6G52e9zLTrdd+CIZDZ/UYhGxsrNa48/C+Ah8O7UB
c8o479Cs7XI7LGEKF97kfnh4mOC0vUHeD4HYDLvshbUbIgg7G1lBu9DTAR4INjgs
i4LShEmnDVzYA19hzBDHJBoWbNlMFgzl+1J0S3X3tyuo51BGp/a6NYTZIWyQa1uL
NPEy5uZmyw//fsRkaU6e2UEbojgQgX3ghaRwE/teTB/9K/e2jK2ml57QcuQ5M1sf
p/ZuNF4M3zYEs2pmy7ueL3Ux5E8I4DrpFNDrqwuTfNz3llCd4Kpx
-----END CERTIFICATE-----
Generated at Sun Jan 14 05:15:09 2024 by rpki-client on console-fra.rpki-client.org