Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/YnlnkiFOBJ6GikSDyC0-8Y9QiDw.roa
File: YnlnkiFOBJ6GikSDyC0-8Y9QiDw.roa (raw, json)
Hash identifier: fj7DqhfhFLs7mRLuUituTa/mjJLkhDziTHb6l4PSd70=
Subject key identifier: 62:79:67:92:21:4E:04:9E:86:8A:44:83:C8:2D:3E:F1:8F:50:88:3C
Certificate issuer: /CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Certificate serial: 0189D93FB7C0FB8B05454DF21852788F8A22
Authority key identifier: EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/YnlnkiFOBJ6GikSDyC0-8Y9QiDw.roa
Signing time: Wed 09 Aug 2023 07:42:58 +0000
ROA not before: Wed 09 Aug 2023 07:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42656
IP address blocks: 91.207.14.0/23 maxlen: 24
193.203.222.0/23 maxlen: 24
5.134.208.0/21 maxlen: 24
2a02:dc8::/30 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:3f:b7:c0:fb:8b:05:45:4d:f2:18:52:78:8f:8a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec9b0931118f08bf4a34b3e052fd8f8a5c1ecab0
Validity
Not Before: Aug 9 07:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62796792214e049e868a4483c82d3ef18f50883c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4f:66:df:85:51:4e:ee:72:34:6c:b2:3a:35:
96:d2:87:59:d9:fe:5a:7b:b2:cd:6c:f9:cb:85:fd:
57:10:38:a4:39:58:2c:ba:a9:3b:b1:59:d2:c0:ea:
bb:41:c3:55:ce:d6:c6:9a:15:96:fc:e1:0a:77:74:
01:d7:f5:9d:9e:2a:ce:38:43:1b:bb:8a:0d:b5:43:
e9:4a:97:78:74:87:b0:1c:a9:11:d4:4e:c5:49:21:
7a:c0:73:86:e2:00:5f:bd:b6:31:40:d8:76:da:a1:
33:65:9d:df:49:60:81:1b:3c:78:d6:57:6f:36:53:
7c:06:bd:80:1a:c2:00:3a:80:95:de:74:33:97:25:
09:5a:91:b6:1d:bf:54:4b:a7:99:27:e9:27:2c:f7:
c4:f4:7a:47:5e:ba:f1:6f:f4:f6:9b:a5:57:93:8a:
da:ae:0c:06:2a:37:e8:28:3c:c6:75:d6:5d:5a:44:
c3:af:e3:bb:8a:f0:44:d1:1a:4b:1d:97:14:3b:ed:
65:33:27:e2:af:6f:9a:48:89:fa:ea:47:e8:19:a2:
fb:73:33:a5:27:a8:a3:58:d4:98:d4:d0:99:8e:34:
8f:10:9c:13:a7:76:08:7b:3a:33:17:91:99:1e:5e:
40:6b:8c:51:ff:91:57:35:7f:60:a4:98:13:d3:46:
1c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:79:67:92:21:4E:04:9E:86:8A:44:83:C8:2D:3E:F1:8F:50:88:3C
X509v3 Authority Key Identifier:
keyid:EC:9B:09:31:11:8F:08:BF:4A:34:B3:E0:52:FD:8F:8A:5C:1E:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JsJMRGPCL9KNLPgUv2PilweyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/YnlnkiFOBJ6GikSDyC0-8Y9QiDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/0776a2-5e89-4e2c-9370-5b304eec0025/1/7JsJMRGPCL9KNLPgUv2PilweyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.208.0/21
91.207.14.0/23
193.203.222.0/23
IPv6:
2a02:dc8::/30
Signature Algorithm: sha256WithRSAEncryption
a3:23:c2:20:85:c5:38:31:9b:05:fd:d0:d4:5e:a8:03:6a:5d:
b2:95:07:26:d4:09:7b:ad:7d:5e:93:f4:a3:c6:7e:1f:e7:13:
6e:b6:01:54:6e:5c:79:68:d2:2a:85:62:ed:0a:ef:e0:2d:3a:
b8:f3:3f:da:0d:a5:13:e1:4a:a0:5d:ae:e5:ab:1c:f3:41:ff:
6a:b9:70:d3:66:5f:1f:18:2e:96:0d:f5:da:60:f4:ce:9d:23:
8e:27:1f:d5:96:22:0a:6a:86:98:c5:fb:9a:4a:67:8e:9f:64:
a7:5e:8b:05:ea:1e:82:ff:5a:af:9c:18:18:25:d4:fa:db:d0:
a8:c6:62:a9:b0:8c:e4:8c:fa:20:20:ac:7f:4d:ba:b1:16:3f:
fb:30:60:62:18:12:a0:74:b6:76:f2:d6:f6:40:48:f2:69:86:
79:de:63:bd:9b:06:84:e6:65:d1:7d:fd:c3:ae:f0:68:b0:81:
eb:6a:94:68:5a:b5:f9:42:bd:5d:9c:12:ff:8b:ff:84:19:89:
96:4d:09:21:ba:ad:d4:0b:52:df:29:31:56:21:81:bd:6d:6b:
fa:97:8b:78:83:4f:c0:b6:45:f4:d6:6e:4f:57:da:61:89:37:
d1:14:46:b0:f4:95:ad:ab:b0:65:05:12:d1:42:bb:f9:e0:10:
d2:89:2b:6e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYnZP7fA+4sFRU3yGFJ4j4oiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOWIwOTMxMTE4ZjA4YmY0YTM0YjNlMDUyZmQ4ZjhhNWMx
ZWNhYjAwHhcNMjMwODA5MDc0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc5Njc5MjIxNGUwNDllODY4YTQ0ODNjODJkM2VmMThmNTA4ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU9m34VRTu5yNGyyOjWW0odZ2f5a
e7LNbPnLhf1XEDikOVgsuqk7sVnSwOq7QcNVztbGmhWW/OEKd3QB1/WdnirOOEMb
u4oNtUPpSpd4dIewHKkR1E7FSSF6wHOG4gBfvbYxQNh22qEzZZ3fSWCBGzx41ldv
NlN8Br2AGsIAOoCV3nQzlyUJWpG2Hb9US6eZJ+knLPfE9HpHXrrxb/T2m6VXk4ra
rgwGKjfoKDzGddZdWkTDr+O7ivBE0RpLHZcUO+1lMyfir2+aSIn66kfoGaL7czOl
J6ijWNSY1NCZjjSPEJwTp3YIezozF5GZHl5Aa4xR/5FXNX9gpJgT00YcSwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGJ5Z5IhTgSehopEg8gtPvGPUIg8MB8GA1UdIwQY
MBaAFOybCTERjwi/SjSz4FL9j4pcHsqwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAt
NWIzMDRlZWMwMDI1LzEvWW5sbmtpRk9CSjZHaWtTRHlDMC04WTlRaUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8wNzc2YTItNWU4OS00ZTJjLTkzNzAtNWIzMDRlZWMwMDI1
LzEvN0pzSk1SR1BDTDlLTkxQZ1V2MlBpbHdleXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBYbQAwQB
W88OAwQBwcveMA0EAgACMAcDBQIqAg3IMA0GCSqGSIb3DQEBCwUAA4IBAQCjI8Ig
hcU4MZsF/dDUXqgDal2ylQcm1Al7rX1ek/Sjxn4f5xNutgFUblx5aNIqhWLtCu/g
LTq48z/aDaUT4UqgXa7lqxzzQf9quXDTZl8fGC6WDfXaYPTOnSOOJx/VliIKaoaY
xfuaSmeOn2SnXosF6h6C/1qvnBgYJdT629CoxmKpsIzkjPogIKx/TbqxFj/7MGBi
GBKgdLZ28tb2QEjyaYZ53mO9mwaE5mXRff3DrvBosIHrapRoWrX5Qr1dnBL/i/+E
GYmWTQkhuq3UC1LfKTFWIYG9bWv6l4t4g0/AtkX01m5PV9phiTfRFEaw9JWtq7Bl
BRLRQrv54BDSiStu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:14 2024 by rpki-client on console-fra.rpki-client.org