Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/yn5fLUeiLUdRM2FcVtjCs1RBxRU.roa
File: yn5fLUeiLUdRM2FcVtjCs1RBxRU.roa (raw, json)
Hash identifier: kj8LswiJuX4FUekvTaViMDZ9JhYCAG3izl/zqEHjD+I=
Subject key identifier: CA:7E:5F:2D:47:A2:2D:47:51:33:61:5C:56:D8:C2:B3:54:41:C5:15
Certificate issuer: /CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Certificate serial: 01856CF847FFE075BB4D68CE7F21F2C5EAEA
Authority key identifier: 3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/yn5fLUeiLUdRM2FcVtjCs1RBxRU.roa
Signing time: Sun 01 Jan 2023 10:54:48 +0000
ROA not before: Sun 01 Jan 2023 10:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208684
IP address blocks: 91.230.168.0/24 maxlen: 24
91.230.188.0/24 maxlen: 24
91.231.47.0/24 maxlen: 24
45.89.112.0/22 maxlen: 22
91.231.89.0/24 maxlen: 24
2a0b:2640::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:47:ff:e0:75:bb:4d:68:ce:7f:21:f2:c5:ea:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f47f75757413ccc172d3d1b826fae5ae9385a1b
Validity
Not Before: Jan 1 10:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca7e5f2d47a22d475133615c56d8c2b35441c515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:eb:bd:1b:c9:7b:c1:bc:7d:5b:53:60:fb:5d:
0f:2f:6b:b8:49:83:67:f8:3d:c0:f7:be:32:84:00:
94:41:92:a2:f5:29:4a:b2:7c:4d:1d:9d:e6:8e:bc:
9c:29:bd:a5:39:75:02:d2:06:91:99:f4:93:dd:8b:
6d:cf:b3:f2:52:67:8f:29:11:59:11:0f:c6:e4:64:
fc:0b:b5:70:a1:ef:43:8b:93:9e:79:76:8d:6a:cf:
4b:3b:8e:ab:b5:24:b1:43:40:f7:50:2d:ed:62:ce:
2b:85:63:92:3f:e1:f0:88:d3:22:1b:95:23:55:2e:
f5:cd:6a:20:bf:bd:58:eb:2e:b9:d5:d2:98:be:9c:
75:66:b8:0d:1f:c1:0a:ce:bb:c0:95:d6:ff:ed:2c:
a6:a4:b7:eb:a8:31:e6:e8:b4:4d:40:e1:14:b2:f4:
97:0c:0e:2e:a9:93:d9:c3:4f:d5:aa:5c:2d:2d:89:
18:8f:a4:a9:93:52:1a:35:c9:f7:00:17:26:94:25:
39:d3:a1:cd:e7:0e:f9:57:04:86:8e:5a:6c:6c:a9:
92:68:9b:bf:79:f5:eb:34:c6:e4:20:3b:ed:3e:73:
e0:e3:cb:10:db:84:93:1b:26:c0:a2:df:df:3c:fc:
6e:1f:29:27:db:29:ab:81:21:89:98:4c:87:22:cb:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7E:5F:2D:47:A2:2D:47:51:33:61:5C:56:D8:C2:B3:54:41:C5:15
X509v3 Authority Key Identifier:
keyid:3F:47:F7:57:57:41:3C:CC:17:2D:3D:1B:82:6F:AE:5A:E9:38:5A:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P0f3V1dBPMwXLT0bgm-uWuk4Whs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/yn5fLUeiLUdRM2FcVtjCs1RBxRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9f88d8-8a6d-4c5c-b194-e155acc6b84e/1/P0f3V1dBPMwXLT0bgm-uWuk4Whs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.112.0/22
91.230.168.0/24
91.230.188.0/24
91.231.47.0/24
91.231.89.0/24
IPv6:
2a0b:2640::/29
Signature Algorithm: sha256WithRSAEncryption
6b:3d:cf:c3:5c:f9:66:6d:de:7f:37:67:ef:ab:91:51:30:ad:
fc:9f:78:23:60:8c:c3:5d:5a:5f:af:15:4b:30:1f:bd:db:01:
24:7c:da:94:ee:62:08:89:cc:6f:2e:7d:17:11:71:cd:9b:fe:
65:82:dd:f7:d0:58:13:8e:bd:c8:e2:25:02:7d:c5:9a:5e:f1:
ed:65:08:e8:c5:7c:1e:b4:71:7f:92:08:3d:e0:8b:5d:30:7f:
43:0b:a0:54:44:79:35:e8:7d:d1:17:2c:de:b6:4a:ec:9a:d7:
c7:55:82:76:60:fd:93:5b:87:3d:d3:23:6c:30:90:68:12:ce:
9f:16:96:12:5c:73:fb:b3:bc:04:fd:36:93:bc:cf:e4:8b:7f:
7d:d7:56:f7:02:34:b8:dc:58:56:0c:0f:3c:77:7b:9e:5b:3f:
1d:2a:71:90:00:24:98:a3:0e:5a:8f:5b:c9:f3:48:91:87:6d:
0c:af:84:6e:0f:ed:1f:4a:75:f7:ad:60:7b:3d:4b:23:05:e2:
bc:f8:d6:e9:f6:66:d6:5b:c5:a7:2e:97:36:f8:01:ec:73:05:
81:87:9a:d4:5b:cd:5f:cd:59:78:c5:17:3c:03:12:99:54:48:
09:2f:a1:e1:c6:45:c5:c1:b2:11:00:c6:83:6e:31:41:89:4a:
53:26:33:4d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVs+Ef/4HW7TWjOfyHyxerqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNDdmNzU3NTc0MTNjY2MxNzJkM2QxYjgyNmZhZTVhZTkz
ODVhMWIwHhcNMjMwMTAxMTA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTdlNWYyZDQ3YTIyZDQ3NTEzMzYxNWM1NmQ4YzJiMzU0NDFjNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuu9G8l7wbx9W1Ng+10PL2u4SYNn
+D3A974yhACUQZKi9SlKsnxNHZ3mjrycKb2lOXUC0gaRmfST3Yttz7PyUmePKRFZ
EQ/G5GT8C7Vwoe9Di5OeeXaNas9LO46rtSSxQ0D3UC3tYs4rhWOSP+HwiNMiG5Uj
VS71zWogv71Y6y651dKYvpx1ZrgNH8EKzrvAldb/7SympLfrqDHm6LRNQOEUsvSX
DA4uqZPZw0/VqlwtLYkYj6Spk1IaNcn3ABcmlCU506HN5w75VwSGjlpsbKmSaJu/
efXrNMbkIDvtPnPg48sQ24STGybAot/fPPxuHykn2ymrgSGJmEyHIss7cwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMp+Xy1Hoi1HUTNhXFbYwrNUQcUVMB8GA1UdIwQY
MBaAFD9H91dXQTzMFy09G4JvrlrpOFobMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQt
ZTE1NWFjYzZiODRlLzEveW41ZkxVZWlMVWRSTTJGY1Z0akNzMVJCeFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85Zjg4ZDgtOGE2ZC00YzVjLWIxOTQtZTE1NWFjYzZiODRl
LzEvUDBmM1YxZEJQTXdYTFQwYmdtLXVXdWs0V2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVlwAwQA
W+aoAwQAW+a8AwQAW+cvAwQAW+dZMA0EAgACMAcDBQMqCyZAMA0GCSqGSIb3DQEB
CwUAA4IBAQBrPc/DXPlmbd5/N2fvq5FRMK38n3gjYIzDXVpfrxVLMB+92wEkfNqU
7mIIicxvLn0XEXHNm/5lgt330FgTjr3I4iUCfcWaXvHtZQjoxXwetHF/kgg94Itd
MH9DC6BURHk16H3RFyzetkrsmtfHVYJ2YP2TW4c90yNsMJBoEs6fFpYSXHP7s7wE
/TaTvM/ki39911b3AjS43FhWDA88d3ueWz8dKnGQACSYow5aj1vJ80iRh20Mr4Ru
D+0fSnX3rWB7PUsjBeK8+Nbp9mbWW8WnLpc2+AHscwWBh5rUW81fzVl4xRc8AxKZ
VEgJL6HhxkXFwbIRAMaDbjFBiUpTJjNN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:51 2024 by rpki-client on console-fra.rpki-client.org