Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YQHVRb0Xfs2Skoomt_dwaRIxAeE.roa
File: YQHVRb0Xfs2Skoomt_dwaRIxAeE.roa (raw, json)
Hash identifier: Q8kogMuNqDTkUyX+mh3lvhhYE8a3Q7FwhSimRh5RA3E=
Subject key identifier: 61:01:D5:45:BD:17:7E:CD:92:92:8A:26:B7:F7:70:69:12:31:01:E1
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01880FF62462990805D3E7A05220D89783BB
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YQHVRb0Xfs2Skoomt_dwaRIxAeE.roa
Signing time: Fri 12 May 2023 12:36:09 +0000
ROA not before: Fri 12 May 2023 12:36:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.159.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 13 May 2023 16:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:f6:24:62:99:08:05:d3:e7:a0:52:20:d8:97:83:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: May 12 12:36:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6101d545bd177ecd92928a26b7f77069123101e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:02:00:cb:3b:28:be:db:ec:29:20:bf:01:
b7:3a:84:70:05:40:8a:b2:af:ec:c3:7f:e3:ca:a1:
27:4b:8c:7b:84:79:95:b5:c6:6f:74:31:35:94:86:
9e:5f:90:81:1d:7a:e2:54:b9:ff:5e:84:77:09:76:
36:e4:f5:e3:f4:ea:fb:1a:98:0c:54:df:bc:e1:27:
fd:ea:2a:5e:71:66:80:9f:f5:22:9b:07:8d:ef:e0:
ec:72:74:2e:30:c4:35:8a:88:db:15:7e:4e:55:c8:
cc:63:d8:30:04:7a:90:aa:6c:f7:a6:d1:10:8d:16:
51:e1:4a:27:1a:64:b0:1e:40:5f:7d:b0:ec:77:73:
34:81:d8:3c:ef:f7:29:0f:dd:4e:9a:2a:1d:5e:bc:
a2:9c:5e:b5:9e:e8:2d:9a:43:14:05:cc:74:8b:e2:
71:a6:93:c6:da:3f:2b:b5:32:76:ac:79:a4:46:df:
c2:96:b2:9b:38:37:14:a1:50:22:ef:6f:5d:df:4f:
6e:e5:0a:e1:b9:9e:de:0e:48:d0:1b:5f:cc:4b:22:
d3:48:a6:e9:d6:4e:8f:2f:cc:67:7a:c5:fa:8c:4f:
54:03:5a:9f:a2:9a:de:9e:1a:2f:63:e4:80:5c:5d:
8e:64:1a:aa:54:31:0a:34:a1:d6:f9:2a:26:54:74:
d9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:01:D5:45:BD:17:7E:CD:92:92:8A:26:B7:F7:70:69:12:31:01:E1
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/YQHVRb0Xfs2Skoomt_dwaRIxAeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.159.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
99:d5:67:38:3c:fb:5b:4a:74:e5:a1:02:11:7d:1d:71:2d:71:
56:d1:72:c4:eb:f1:c8:83:0c:8b:9a:65:27:cb:57:21:33:6e:
e8:5c:3e:2e:d6:70:a7:e1:eb:5e:54:6f:ce:67:f3:b3:45:db:
da:02:43:78:3d:78:cc:b2:c7:5d:35:13:74:b3:26:2d:3e:53:
91:6c:1f:c0:b6:3a:05:3b:36:40:e4:e0:cb:b5:20:48:2c:7c:
79:bb:cc:6d:2a:8a:5a:65:95:a2:45:55:c9:8c:56:04:70:8e:
84:8c:85:37:41:6a:3e:64:03:5c:95:48:01:c2:d8:5c:1c:e7:
b8:e8:42:3b:a8:87:b5:50:26:f6:c3:7a:55:f9:52:df:ac:23:
93:f3:08:17:60:9a:f7:98:52:6d:75:3e:29:cd:c2:83:d0:5f:
3d:e8:60:63:60:08:b0:c2:75:67:5f:01:8b:1d:30:9d:3e:06:
aa:68:76:9c:aa:9a:21:ef:c4:db:bd:3b:26:b4:b0:0c:43:41:
40:b5:b5:5a:ee:99:16:8e:e5:ff:bd:ac:45:8a:3d:a1:3e:b0:
de:6e:4f:25:f1:99:3f:ac:b4:da:49:17:c2:ab:4f:5c:79:7b:
d7:c3:bc:8f:c7:6b:fa:81:fa:25:9d:48:45:62:e4:0c:5d:6d:
5f:df:36:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYgP9iRimQgF0+egUiDYl4O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNTEyMTIzNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTAxZDU0NWJkMTc3ZWNkOTI5MjhhMjZiN2Y3NzA2OTEyMzEwMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinwCAMs7KL7b7CkgvwG3OoRwBUCK
sq/sw3/jyqEnS4x7hHmVtcZvdDE1lIaeX5CBHXriVLn/XoR3CXY25PXj9Or7GpgM
VN+84Sf96ipecWaAn/UimweN7+DscnQuMMQ1iojbFX5OVcjMY9gwBHqQqmz3ptEQ
jRZR4UonGmSwHkBffbDsd3M0gdg87/cpD91OmiodXryinF61nugtmkMUBcx0i+Jx
ppPG2j8rtTJ2rHmkRt/ClrKbODcUoVAi729d309u5QrhuZ7eDkjQG1/MSyLTSKbp
1k6PL8xnesX6jE9UA1qfoprenhovY+SAXF2OZBqqVDEKNKHW+SomVHTZTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGEB1UW9F37NkpKKJrf3cGkSMQHhMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvWVFIVlJiMFhmczJTa29vbXRfZHdhUkl4QWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UR2fMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ1Wc4PPtbSnTl
oQIRfR1xLXFW0XLE6/HIgwyLmmUny1chM27oXD4u1nCn4eteVG/OZ/OzRdvaAkN4
PXjMssddNRN0syYtPlORbB/AtjoFOzZA5ODLtSBILHx5u8xtKopaZZWiRVXJjFYE
cI6EjIU3QWo+ZANclUgBwthcHOe46EI7qIe1UCb2w3pV+VLfrCOT8wgXYJr3mFJt
dT4pzcKD0F896GBjYAiwwnVnXwGLHTCdPgaqaHacqpoh78TbvTsmtLAMQ0FAtbVa
7pkWjuX/vaxFij2hPrDebk8l8Zk/rLTaSRfCq09ceXvXw7yPx2v6gfolnUhFYuQM
XW1f3zZ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org