Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YKwDDaknH-aZ2g_FO7g02MQsFEs.roa
File: YKwDDaknH-aZ2g_FO7g02MQsFEs.roa (raw, json)
Hash identifier: Sps2tJZ5iCOTXEsm5rqGgPae/kHH2xQOfVqpiTmFoa0=
Subject key identifier: 60:AC:03:0D:A9:27:1F:E6:99:DA:0F:C5:3B:B8:34:D8:C4:2C:14:4B
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01936C9FC46568A45EADEA16EE02060CC928
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YKwDDaknH-aZ2g_FO7g02MQsFEs.roa
Signing time: Wed 27 Nov 2024 07:57:09 +0000
ROA not before: Wed 27 Nov 2024 07:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 213.18.224.0/20 maxlen: 24
217.177.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 22:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:9f:c4:65:68:a4:5e:ad:ea:16:ee:02:06:0c:c9:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 27 07:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60ac030da9271fe699da0fc53bb834d8c42c144b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:a4:f8:20:d2:49:5f:86:be:d5:b3:2b:60:
53:2f:70:3b:99:52:91:0b:87:9c:57:b3:3c:94:b4:
bf:5a:ee:59:4f:14:b0:f8:20:f0:13:69:ae:83:a4:
57:2c:3a:8d:f2:83:96:74:28:ed:cc:8d:47:25:67:
35:7b:4d:c4:2e:2b:93:ad:02:af:37:ca:46:c5:62:
18:57:71:4f:f3:7f:f2:3d:a5:16:ec:a0:69:a4:0c:
0e:d9:57:1a:c6:50:40:6e:34:e9:76:f2:c9:2e:12:
6c:f4:ed:ad:66:c5:5f:49:0c:2e:0e:d0:9c:b4:57:
97:be:1e:bc:b7:87:f9:3b:0f:28:d8:e6:2a:e5:6b:
d2:83:b5:4c:91:57:5c:ca:16:1c:ed:dd:7a:13:f0:
5a:70:0f:06:40:6a:3a:7c:e9:20:14:47:52:3d:16:
6b:b1:1f:f4:1d:fb:2d:e1:96:f7:09:59:aa:a5:d6:
a3:a9:3d:54:f2:55:f3:91:4d:cb:7c:d2:a7:8d:17:
64:32:86:83:b8:5c:91:c7:8b:e9:91:90:26:c8:bf:
4d:64:49:9b:c6:62:66:fa:cf:c6:22:c8:6c:f9:6c:
3d:62:ea:db:a8:1d:c3:01:14:b7:4d:2e:1b:05:43:
15:58:f6:13:80:ec:6d:1f:96:e2:03:a6:eb:37:49:
35:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AC:03:0D:A9:27:1F:E6:99:DA:0F:C5:3B:B8:34:D8:C4:2C:14:4B
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YKwDDaknH-aZ2g_FO7g02MQsFEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.224.0/20
217.177.0.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:53:70:31:4a:8f:1e:f3:59:80:f8:84:1c:62:e5:b8:c5:d0:
8a:41:5d:e1:5f:db:af:5b:b4:8b:ca:99:52:3c:02:3a:9e:b9:
cf:43:3f:c9:73:d1:43:18:31:dd:8f:78:ac:61:56:2a:e6:c8:
71:92:4e:82:f0:1c:8b:76:59:3f:5b:4f:c4:3c:fe:91:87:e9:
58:a1:5d:30:a3:cc:67:c8:72:bb:97:31:88:9b:89:52:4c:a0:
7a:72:e7:e2:bf:95:3a:ba:b0:65:da:9a:58:2b:da:58:50:65:
9e:00:1f:57:68:a6:dd:58:16:54:a5:4d:64:44:8f:ba:3c:7f:
e2:20:05:7f:74:69:17:77:dd:ca:2e:d3:61:b4:49:28:bd:e6:
09:8d:83:d1:67:d4:df:ff:ea:1e:d7:b6:20:34:50:53:a4:db:
a2:6f:c1:68:fe:98:d4:14:44:f3:a9:6c:e1:26:9f:12:87:8d:
d2:aa:3f:ce:d8:ff:7a:b3:b1:99:8b:69:a9:14:a2:cd:78:41:
c7:20:b9:d6:e7:74:79:70:a7:b3:7a:43:50:eb:17:fd:b3:61:
32:e0:26:0b:b4:5c:dd:f1:d5:9e:a1:8e:2c:29:a8:b9:dc:3d:
3b:d9:75:08:49:dc:41:ba:7d:ec:47:6f:69:a7:b5:7e:a2:6a:
8c:be:31:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNsn8RlaKRereoW7gIGDMkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTI3MDc1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFjMDMwZGE5MjcxZmU2OTlkYTBmYzUzYmI4MzRkOGM0MmMxNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM+k+CDSSV+GvtWzK2BTL3A7mVKR
C4ecV7M8lLS/Wu5ZTxSw+CDwE2mug6RXLDqN8oOWdCjtzI1HJWc1e03ELiuTrQKv
N8pGxWIYV3FP83/yPaUW7KBppAwO2VcaxlBAbjTpdvLJLhJs9O2tZsVfSQwuDtCc
tFeXvh68t4f5Ow8o2OYq5WvSg7VMkVdcyhYc7d16E/BacA8GQGo6fOkgFEdSPRZr
sR/0Hfst4Zb3CVmqpdajqT1U8lXzkU3LfNKnjRdkMoaDuFyRx4vpkZAmyL9NZEmb
xmJm+s/GIshs+Ww9YurbqB3DARS3TS4bBUMVWPYTgOxtH5biA6brN0k1QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCsAw2pJx/mmdoPxTu4NNjELBRLMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvWUt3RERha25ILWFaMmdfRk83ZzAyTVFzRkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE1RLgAwQD
2bEAMA0GCSqGSIb3DQEBCwUAA4IBAQCdU3AxSo8e81mA+IQcYuW4xdCKQV3hX9uv
W7SLyplSPAI6nrnPQz/Jc9FDGDHdj3isYVYq5shxkk6C8ByLdlk/W0/EPP6Rh+lY
oV0wo8xnyHK7lzGIm4lSTKB6cufiv5U6urBl2ppYK9pYUGWeAB9XaKbdWBZUpU1k
RI+6PH/iIAV/dGkXd93KLtNhtEkoveYJjYPRZ9Tf/+oe17YgNFBTpNuib8Fo/pjU
FETzqWzhJp8Sh43Sqj/O2P96s7GZi2mpFKLNeEHHILnW53R5cKezekNQ6xf9s2Ey
4CYLtFzd8dWeoY4sKai53D072XUISdxBun3sR29pp7V+omqMvjFb
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:04:38 2025 by rpki-client