Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa
File: YOP26b8wiijGVmsTRRSTROtxPaY.roa (raw, json)
Hash identifier: qJ+GwuiQ/WP4Hlep8Se+L6nsyOgYUjeZI2QmqtUWp1M=
Subject key identifier: 60:E3:F6:E9:BF:30:8A:28:C6:56:6B:13:45:14:93:44:EB:71:3D:A6
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0187C74A3550E061AFFE494D89FCF6DF84B4
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa
Signing time: Fri 28 Apr 2023 09:55:41 +0000
ROA not before: Fri 28 Apr 2023 09:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:4a:35:50:e0:61:af:fe:49:4d:89:fc:f6:df:84:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 28 09:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60e3f6e9bf308a28c6566b1345149344eb713da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2b:c4:d5:ba:4b:f8:03:d8:2d:49:15:a7:7c:
eb:41:36:48:ef:5b:86:8c:cc:ab:0c:7d:f1:c3:d0:
12:40:f5:ca:b3:91:00:e9:f2:b1:4e:f0:ea:53:28:
71:76:ad:8a:b9:19:7e:4f:b6:52:fd:48:72:da:e0:
07:c9:04:42:ce:65:65:19:eb:f3:fb:67:07:93:e7:
f2:e4:fe:12:83:13:08:9c:dc:fd:04:69:df:c9:db:
ca:b3:90:4a:ee:c9:ba:fe:22:62:2d:68:a5:3d:23:
91:19:d1:5c:5c:82:ff:e3:91:fb:2c:51:13:ab:42:
e2:f1:30:97:17:3b:da:f9:20:09:fa:ef:4b:48:ea:
2d:f0:09:57:36:5b:87:f8:ec:39:26:77:a2:e7:31:
d9:c2:f7:bb:f2:46:96:5a:2f:c9:25:a4:a2:e5:c2:
4a:7f:f9:7a:92:98:5f:6f:ed:91:86:2f:f7:72:1c:
e3:61:90:5a:e9:bc:69:92:5a:1b:97:15:de:fa:e3:
1a:45:ae:3b:46:32:35:2b:6e:22:e1:29:d0:bd:d5:
57:e5:aa:86:61:1b:c1:9f:01:cc:91:41:e9:d8:87:
a6:fe:dd:fd:41:02:5f:ce:02:c2:be:b0:d5:f5:ea:
2c:6e:a4:ae:e2:c8:c6:52:71:a5:4f:cb:ae:9b:07:
b2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E3:F6:E9:BF:30:8A:28:C6:56:6B:13:45:14:93:44:EB:71:3D:A6
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YOP26b8wiijGVmsTRRSTROtxPaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:72:cc:4f:f0:d0:8b:04:18:22:16:73:5a:51:4b:fc:6a:bd:
fd:eb:76:38:7f:8e:31:e3:74:53:53:41:a8:0e:fa:b1:ff:75:
93:ac:ef:a3:81:d9:c5:93:b1:60:a4:22:00:b0:2c:8a:7f:5e:
9d:78:41:7d:22:c6:52:d4:a5:d6:f6:8a:64:18:30:3a:79:58:
f7:82:a8:91:c5:80:06:d5:e9:c4:ed:2b:01:03:22:c0:c1:bf:
60:5f:d1:71:f1:f6:2d:5a:58:d1:0c:b5:9c:a3:8f:e7:c3:22:
d1:2c:62:44:70:9f:05:a7:00:5d:a3:ac:8d:0c:94:3b:b7:18:
ad:f8:71:00:7a:48:3a:cd:11:ec:9d:8a:16:e6:73:6b:00:37:
35:51:c3:8f:66:4a:72:fb:43:06:b6:66:46:90:98:58:a0:3a:
aa:02:7c:f1:3a:75:86:aa:95:84:1e:59:a1:be:91:1a:60:59:
c8:4f:12:1c:95:bc:11:14:2f:f9:8f:54:59:91:4f:e2:7d:ff:
b4:43:73:d8:6c:cd:7d:89:bc:55:0d:8e:2f:cc:5f:a0:0c:25:
b3:b8:e7:35:09:0c:b0:dd:17:00:26:9d:20:a4:9e:4f:1d:68:
7a:57:e1:b4:4f:10:f6:09:4f:8d:2a:e7:db:95:91:0f:9c:42:
23:3e:f3:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfHSjVQ4GGv/klNifz234S0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDI4MDk1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUzZjZlOWJmMzA4YTI4YzY1NjZiMTM0NTE0OTM0NGViNzEzZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyvE1bpL+APYLUkVp3zrQTZI71uG
jMyrDH3xw9ASQPXKs5EA6fKxTvDqUyhxdq2KuRl+T7ZS/Uhy2uAHyQRCzmVlGevz
+2cHk+fy5P4SgxMInNz9BGnfydvKs5BK7sm6/iJiLWilPSORGdFcXIL/45H7LFET
q0Li8TCXFzva+SAJ+u9LSOot8AlXNluH+Ow5Jnei5zHZwve78kaWWi/JJaSi5cJK
f/l6kphfb+2Rhi/3chzjYZBa6bxpkloblxXe+uMaRa47RjI1K24i4SnQvdVX5aqG
YRvBnwHMkUHp2Iem/t39QQJfzgLCvrDV9eosbqSu4sjGUnGlT8uumwey5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDj9um/MIooxlZrE0UUk0TrcT2mMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWU9QMjZiOHdpaWpHVm1zVFJSU1RST3R4UGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLULgMA0E
AgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBfcsxP8NCLBBgiFnNaUUv8
ar3963Y4f44x43RTU0GoDvqx/3WTrO+jgdnFk7FgpCIAsCyKf16deEF9IsZS1KXW
9opkGDA6eVj3gqiRxYAG1enE7SsBAyLAwb9gX9Fx8fYtWljRDLWco4/nwyLRLGJE
cJ8FpwBdo6yNDJQ7txit+HEAekg6zRHsnYoW5nNrADc1UcOPZkpy+0MGtmZGkJhY
oDqqAnzxOnWGqpWEHlmhvpEaYFnITxIclbwRFC/5j1RZkU/iff+0Q3PYbM19ibxV
DY4vzF+gDCWzuOc1CQyw3RcAJp0gpJ5PHWh6V+G0TxD2CU+NKufblZEPnEIjPvOb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org