Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Y3vwiYI_mDo31I6z1LsDEGEPp-4.roa
File: Y3vwiYI_mDo31I6z1LsDEGEPp-4.roa (raw, json)
Hash identifier: 9rg84hLy9G+9kbzzhDIlHwW+2OCCMZL4z3CEtioh8NQ=
Subject key identifier: 63:7B:F0:89:82:3F:98:3A:37:D4:8E:B3:D4:BB:03:10:61:0F:A7:EE
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018B66CBD408FE41B7171BF37AE794B64C0C
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Y3vwiYI_mDo31I6z1LsDEGEPp-4.roa
Signing time: Wed 25 Oct 2023 12:25:15 +0000
ROA not before: Wed 25 Oct 2023 12:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212212
IP address blocks: 151.248.70.0/23 maxlen: 23
91.239.164.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 25 Oct 2023 13:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:cb:d4:08:fe:41:b7:17:1b:f3:7a:e7:94:b6:4c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Oct 25 12:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=637bf089823f983a37d48eb3d4bb0310610fa7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6b:d6:f4:41:16:6f:e1:3e:1f:c9:42:f8:db:
43:d8:e5:4d:82:51:10:b6:ff:73:25:5c:36:c5:ad:
2f:13:1d:c5:9e:38:3d:35:6d:c3:42:d4:70:f3:f8:
6c:83:53:18:6d:71:9e:78:24:81:33:d4:53:12:33:
35:1f:2e:ce:af:58:cf:8b:ce:e4:1e:34:e6:9a:8f:
39:37:d9:5c:bf:9f:f5:a8:b0:1e:d9:7f:0c:3c:26:
59:ca:11:69:90:1d:d2:b1:2d:68:c2:ba:9c:17:81:
37:1b:d1:78:76:c8:1d:d6:99:9b:00:b8:bd:5f:cb:
d8:7d:27:47:29:a9:da:72:68:8e:1a:b9:af:c0:ef:
d8:91:ee:98:d8:b4:83:a6:59:cd:dd:71:3e:db:ee:
88:00:27:6b:a9:f1:d5:ec:80:b3:31:db:0f:b0:40:
45:9c:6a:02:b2:45:30:a2:2f:8d:d1:38:55:b7:bf:
56:e7:07:e7:bd:bf:1a:e0:f3:25:00:40:6a:de:f9:
66:8a:ea:b4:04:46:75:fe:a2:08:6e:88:04:31:14:
bb:0b:72:25:d3:e0:c9:7a:1e:83:af:1a:34:50:85:
d6:85:44:83:03:af:4d:21:a1:80:0d:3d:3d:4c:68:
49:da:79:e2:c7:2b:e0:2b:c1:3c:d2:3c:42:55:9c:
fc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7B:F0:89:82:3F:98:3A:37:D4:8E:B3:D4:BB:03:10:61:0F:A7:EE
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/Y3vwiYI_mDo31I6z1LsDEGEPp-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.164.0/22
91.242.48.0/23
151.248.70.0/23
Signature Algorithm: sha256WithRSAEncryption
63:88:da:5d:ab:5e:8f:5b:89:85:a5:de:dc:09:8e:a1:eb:30:
01:dc:82:39:45:b3:40:06:fd:5d:45:c2:20:b1:9f:4e:19:b5:
ff:aa:43:f4:27:bd:18:3a:26:dd:25:e7:01:d5:99:4a:29:9b:
d2:1d:b3:cb:2f:5c:d4:df:22:9a:47:a8:2c:a0:21:3f:b7:6d:
b1:5c:c3:bc:3a:2f:d6:62:f6:ee:98:c4:5e:c5:84:2c:e2:1b:
cc:22:0d:55:86:36:a5:3c:65:29:c2:21:f7:bc:76:27:10:35:
76:58:6d:76:23:cd:6c:c3:37:f5:c6:09:20:21:9e:ea:72:ef:
bc:81:99:2f:1d:96:72:06:ae:6a:06:ab:34:12:41:27:14:56:
f0:48:1d:fb:59:cb:63:06:70:34:ba:25:f0:fb:87:e5:ec:44:
f9:58:c7:af:50:5e:bc:ce:f0:a3:36:11:cb:fd:69:07:c1:64:
dc:d4:e4:d3:93:78:36:ce:17:a7:26:34:b4:4f:e3:e8:46:aa:
98:95:09:92:8c:24:74:e7:ce:50:76:31:7a:17:9e:de:17:f6:
42:d3:c5:dc:d7:a6:8e:a8:d9:0e:6b:a7:aa:ee:e4:ee:26:b1:
15:0b:b8:f7:f6:a2:bb:51:3a:67:e7:3d:2e:a5:65:b9:78:a5:
da:77:af:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtmy9QI/kG3FxvzeueUtkwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMxMDI1MTIyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdiZjA4OTgyM2Y5ODNhMzdkNDhlYjNkNGJiMDMxMDYxMGZhN2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2vW9EEWb+E+H8lC+NtD2OVNglEQ
tv9zJVw2xa0vEx3Fnjg9NW3DQtRw8/hsg1MYbXGeeCSBM9RTEjM1Hy7Or1jPi87k
HjTmmo85N9lcv5/1qLAe2X8MPCZZyhFpkB3SsS1owrqcF4E3G9F4dsgd1pmbALi9
X8vYfSdHKanacmiOGrmvwO/Yke6Y2LSDplnN3XE+2+6IACdrqfHV7ICzMdsPsEBF
nGoCskUwoi+N0ThVt79W5wfnvb8a4PMlAEBq3vlmiuq0BEZ1/qIIbogEMRS7C3Il
0+DJeh6Drxo0UIXWhUSDA69NIaGADT09TGhJ2nnixyvgK8E80jxCVZz8/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGN78ImCP5g6N9SOs9S7AxBhD6fuMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvWTN2d2lZSV9tRG8zMUk2ejFMc0RFR0VQcC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW++kAwQB
W/IwAwQBl/hGMA0GCSqGSIb3DQEBCwUAA4IBAQBjiNpdq16PW4mFpd7cCY6h6zAB
3II5RbNABv1dRcIgsZ9OGbX/qkP0J70YOibdJecB1ZlKKZvSHbPLL1zU3yKaR6gs
oCE/t22xXMO8Oi/WYvbumMRexYQs4hvMIg1VhjalPGUpwiH3vHYnEDV2WG12I81s
wzf1xgkgIZ7qcu+8gZkvHZZyBq5qBqs0EkEnFFbwSB37WctjBnA0uiXw+4fl7ET5
WMevUF68zvCjNhHL/WkHwWTc1OTTk3g2zhenJjS0T+PoRqqYlQmSjCR0585QdjF6
F57eF/ZC08Xc16aOqNkOa6eq7uTuJrEVC7j39qK7UTpn5z0upWW5eKXad6/2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org