Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Y9xFTgyWiHMX8R20-q9AuHbgSsQ.roa
File: Y9xFTgyWiHMX8R20-q9AuHbgSsQ.roa (raw, json)
Hash identifier: uOwjg0km+Aq16JuTC69P8qzvO77W36am01uRZBU8EqM=
Subject key identifier: 63:DC:45:4E:0C:96:88:73:17:F1:1D:B4:FA:AF:40:B8:76:E0:4A:C4
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018CCA2A476D0F759288CC13C2A96C70192A
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Y9xFTgyWiHMX8R20-q9AuHbgSsQ.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200482
IP address blocks: 81.29.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 06:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:47:6d:0f:75:92:88:cc:13:c2:a9:6c:70:19:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63dc454e0c96887317f11db4faaf40b876e04ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:bc:dc:66:37:45:27:e4:06:d6:38:96:21:
dd:26:dd:2d:d8:59:39:69:68:7d:35:62:f0:69:45:
67:1f:13:6f:96:0d:2c:a6:f0:bb:ae:c4:a8:4a:87:
5d:dc:fd:3c:5b:46:a5:f3:99:ca:e1:1e:96:80:f5:
23:c2:df:56:1c:39:7c:96:64:8a:54:11:00:78:77:
8e:c8:0d:84:7d:45:6f:bf:21:d0:6a:6c:93:32:47:
d9:49:f4:19:8d:b3:ab:02:ba:19:20:14:ad:07:61:
1c:80:c5:4a:69:97:cb:fc:19:e3:28:cf:ea:c1:87:
5c:75:5f:32:cb:b6:9b:a8:30:8e:15:37:23:e6:4a:
b1:03:04:23:be:06:46:90:1c:db:97:30:73:09:d7:
99:6d:29:89:e0:9a:99:73:8a:c6:99:e4:26:c9:69:
57:26:d9:b4:5a:aa:21:2c:3c:a9:ad:78:0c:b6:fa:
ab:15:20:35:10:83:b5:d2:f8:87:b6:55:52:ff:a3:
41:52:43:b1:b5:cb:c0:8f:09:a8:0f:e6:68:2a:6b:
b1:b6:cd:b4:ed:12:c4:07:e5:e9:79:a1:70:e2:2c:
aa:0d:c0:f1:5b:03:6d:9c:c5:82:a7:bd:3c:06:18:
b2:a1:02:ef:63:3e:1b:57:6d:c9:75:8c:52:ae:42:
81:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DC:45:4E:0C:96:88:73:17:F1:1D:B4:FA:AF:40:B8:76:E0:4A:C4
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Y9xFTgyWiHMX8R20-q9AuHbgSsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.145.0/24
Signature Algorithm: sha256WithRSAEncryption
99:a6:17:c5:8f:c7:6b:16:96:a6:81:79:13:01:02:09:28:78:
b2:30:a0:56:93:e0:49:a5:dd:37:6e:87:67:31:30:06:bc:f7:
11:58:ed:e3:67:65:6f:95:28:8d:33:30:fe:90:4a:70:3c:8a:
53:db:ff:f7:f8:c5:e0:74:a7:ee:bf:5b:66:03:e7:34:6f:de:
28:34:ff:be:22:71:b7:9e:aa:10:53:95:04:c2:05:b4:f3:ce:
c6:71:12:75:46:21:b2:df:76:25:37:c7:a9:cc:3f:7b:7f:76:
1d:d2:34:56:6e:07:6a:d3:a6:67:de:19:0c:99:bd:f8:45:f1:
18:96:6d:a2:5c:ce:74:31:57:8f:4d:c2:fa:58:72:c6:97:66:
e3:04:fa:4e:aa:0a:8b:5d:19:94:0a:e1:fd:42:5f:72:a5:92:
f5:61:40:af:4b:1b:19:b3:50:ba:c0:a2:a3:7b:28:9d:b3:fa:
a6:7a:70:a1:d5:c9:9a:da:5c:c2:03:df:c5:2c:06:7e:d7:ab:
9e:8b:72:46:f7:29:2e:13:38:65:29:03:f2:34:ec:69:74:cf:
94:e2:71:1a:42:27:e6:93:e9:b2:36:07:c7:ab:65:19:82:be:
58:b1:e5:b8:12:53:a9:b1:e8:3e:d4:05:eb:ad:c7:93:f0:a1:
d0:2e:be:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKkdtD3WSiMwTwqlscBkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RjNDU0ZTBjOTY4ODczMTdmMTFkYjRmYWFmNDBiODc2ZTA0YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnK83GY3RSfkBtY4liHdJt0t2Fk5
aWh9NWLwaUVnHxNvlg0spvC7rsSoSodd3P08W0al85nK4R6WgPUjwt9WHDl8lmSK
VBEAeHeOyA2EfUVvvyHQamyTMkfZSfQZjbOrAroZIBStB2EcgMVKaZfL/BnjKM/q
wYdcdV8yy7abqDCOFTcj5kqxAwQjvgZGkBzblzBzCdeZbSmJ4JqZc4rGmeQmyWlX
Jtm0WqohLDyprXgMtvqrFSA1EIO10viHtlVS/6NBUkOxtcvAjwmoD+ZoKmuxts20
7RLEB+XpeaFw4iyqDcDxWwNtnMWCp708BhiyoQLvYz4bV23JdYxSrkKBYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPcRU4MlohzF/EdtPqvQLh24ErEMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWTl4RlRneVdpSE1YOFIyMC1xOUF1SGJnU3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUR2RMA0G
CSqGSIb3DQEBCwUAA4IBAQCZphfFj8drFpamgXkTAQIJKHiyMKBWk+BJpd03bodn
MTAGvPcRWO3jZ2VvlSiNMzD+kEpwPIpT2//3+MXgdKfuv1tmA+c0b94oNP++InG3
nqoQU5UEwgW0887GcRJ1RiGy33YlN8epzD97f3Yd0jRWbgdq06Zn3hkMmb34RfEY
lm2iXM50MVePTcL6WHLGl2bjBPpOqgqLXRmUCuH9Ql9ypZL1YUCvSxsZs1C6wKKj
eyids/qmenCh1cma2lzCA9/FLAZ+16uei3JG9ykuEzhlKQPyNOxpdM+U4nEaQifm
k+myNgfHq2UZgr5YseW4ElOpseg+1AXrrceT8KHQLr51
-----END CERTIFICATE-----
Generated at Mon Jan 8 09:35:55 2024 by rpki-client on console-ams.rpki-client.org