Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/YwHV7gJbNUK1nzH2FnMRpuMOGd4.roa
File: YwHV7gJbNUK1nzH2FnMRpuMOGd4.roa (raw, json)
Hash identifier: N540ZdDbtA7x1IaO2wKF7qeI12xRbTHx50kkKO9Zu+Y=
Subject key identifier: 63:01:D5:EE:02:5B:35:42:B5:9F:31:F6:16:73:11:A6:E3:0E:19:DE
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192D97244AA4ABBFDD2B54DA914E7D4A68B
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/YwHV7gJbNUK1nzH2FnMRpuMOGd4.roa
Signing time: Tue 29 Oct 2024 18:03:17 +0000
ROA not before: Tue 29 Oct 2024 18:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34773
IP address blocks: 91.233.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:72:44:aa:4a:bb:fd:d2:b5:4d:a9:14:e7:d4:a6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 29 18:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6301d5ee025b3542b59f31f6167311a6e30e19de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ca:10:b2:14:51:e7:f5:1b:fb:54:4b:7b:69:
51:c8:5b:36:08:74:b0:af:39:ec:a3:3d:82:fd:9c:
d2:b1:b8:41:bb:40:13:07:e1:67:70:36:d8:d9:eb:
9e:4b:97:68:af:2b:5c:e2:3e:61:c5:7d:48:dc:c9:
05:16:d8:d0:8e:78:7d:dc:04:af:39:15:d1:72:5c:
35:30:54:5f:46:f5:e6:b4:4a:67:ed:ef:39:de:4f:
31:83:84:45:1b:30:70:00:28:b6:94:7a:19:fb:ae:
c1:6e:a2:4e:ae:22:22:cc:07:61:f6:8f:cf:bc:16:
79:f7:63:50:18:7e:ec:f6:7b:d4:e7:17:3d:75:db:
cd:3d:44:1c:89:f9:8d:6b:88:c4:9a:0d:30:5d:35:
aa:a3:96:d2:77:1f:80:c0:e1:27:ad:f7:b2:c5:d2:
0f:9f:b6:4d:3c:46:d7:12:b3:c9:5e:6e:8e:22:17:
9e:c2:7e:24:0e:ac:5f:ac:f8:f3:52:46:da:3f:5d:
8b:89:44:e1:3a:9f:68:9c:af:9e:43:01:a7:2e:10:
41:04:66:69:82:a9:42:86:f8:d3:a7:41:39:b4:cd:
71:69:0a:f7:d3:9b:67:9c:34:bd:ed:21:06:b3:70:
50:e5:6f:b3:26:73:df:d5:a9:8b:72:7d:fc:c3:d3:
74:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:01:D5:EE:02:5B:35:42:B5:9F:31:F6:16:73:11:A6:E3:0E:19:DE
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/YwHV7gJbNUK1nzH2FnMRpuMOGd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.121.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:30:3a:e7:47:1f:04:70:50:b6:3c:15:a7:bf:7a:a9:61:2a:
c5:ed:18:89:a6:f4:c2:7b:33:2a:97:d2:f3:40:c5:10:dc:ec:
42:30:76:ba:3f:d9:34:4a:15:fe:a9:67:db:5d:c4:d3:f0:a0:
0d:b8:de:b3:f7:36:3f:e8:9f:88:4a:c9:d7:cf:be:84:c9:11:
40:f2:d2:ce:99:d4:d5:bc:07:6e:d5:02:c9:fe:66:18:d1:83:
04:40:cc:69:33:0e:9f:46:da:d7:4a:42:d3:74:23:72:5a:40:
04:cd:a2:f3:f2:f5:0b:f9:c6:96:c6:f8:27:a6:a2:ee:58:bc:
b6:04:3a:68:07:84:60:33:ed:67:c5:87:ff:4c:30:66:b0:fa:
71:57:c4:80:bd:73:a1:4b:a8:a0:9e:f2:d0:9c:c5:1e:01:27:
13:d8:de:03:df:a4:03:64:ce:7c:ac:a7:2d:33:a3:7d:cd:5f:
b1:64:b1:b6:9f:f1:bc:98:de:3e:62:9a:a5:bd:f6:39:8f:d5:
82:63:d5:d6:76:01:ae:e6:13:c4:25:70:96:09:25:34:a6:79:
cb:d7:c8:45:1d:9c:80:ae:2c:bf:26:36:07:79:fd:cc:dc:59:
fe:b8:32:e0:0f:2a:a0:48:d2:8c:c8:64:68:78:b2:c3:b6:1b:
1a:f2:d9:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLZckSqSrv90rVNqRTn1KaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDI5MTgwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAxZDVlZTAyNWIzNTQyYjU5ZjMxZjYxNjczMTFhNmUzMGUxOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMoQshRR5/Ub+1RLe2lRyFs2CHSw
rznsoz2C/ZzSsbhBu0ATB+FncDbY2eueS5dorytc4j5hxX1I3MkFFtjQjnh93ASv
ORXRclw1MFRfRvXmtEpn7e853k8xg4RFGzBwACi2lHoZ+67BbqJOriIizAdh9o/P
vBZ592NQGH7s9nvU5xc9ddvNPUQcifmNa4jEmg0wXTWqo5bSdx+AwOEnrfeyxdIP
n7ZNPEbXErPJXm6OIheewn4kDqxfrPjzUkbaP12LiUThOp9onK+eQwGnLhBBBGZp
gqlChvjTp0E5tM1xaQr305tnnDS97SEGs3BQ5W+zJnPf1amLcn38w9N0OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMB1e4CWzVCtZ8x9hZzEabjDhneMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvWXdIVjdnSmJOVUsxbnpIMkZuTVJwdU1PR2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+l5MA0G
CSqGSIb3DQEBCwUAA4IBAQDUMDrnRx8EcFC2PBWnv3qpYSrF7RiJpvTCezMql9Lz
QMUQ3OxCMHa6P9k0ShX+qWfbXcTT8KANuN6z9zY/6J+ISsnXz76EyRFA8tLOmdTV
vAdu1QLJ/mYY0YMEQMxpMw6fRtrXSkLTdCNyWkAEzaLz8vUL+caWxvgnpqLuWLy2
BDpoB4RgM+1nxYf/TDBmsPpxV8SAvXOhS6ignvLQnMUeAScT2N4D36QDZM58rKct
M6N9zV+xZLG2n/G8mN4+YpqlvfY5j9WCY9XWdgGu5hPEJXCWCSU0pnnL18hFHZyA
riy/JjYHef3M3Fn+uDLgDyqgSNKMyGRoeLLDthsa8tkY
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:07 2025 by rpki-client