Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/YZrrIS1uyvvpfiokGjBgWoKKx2Q.roa
File: YZrrIS1uyvvpfiokGjBgWoKKx2Q.roa (raw, json)
Hash identifier: NFEZSuiE4iYY76ilz90CMVTFHUXb1u+bH5D25HQ5550=
Subject key identifier: 61:9A:EB:21:2D:6E:CA:FB:E9:7E:2A:24:1A:30:60:5A:82:8A:C7:64
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 018CCA2B7269956365F36D6D2DD426EA80B4
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/YZrrIS1uyvvpfiokGjBgWoKKx2Q.roa
Signing time: Tue 02 Jan 2024 12:34:54 +0000
ROA not before: Tue 02 Jan 2024 12:34:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41152
IP address blocks: 193.148.64.0/22 maxlen: 22
91.227.246.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 06 Jun 2024 10:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:72:69:95:63:65:f3:6d:6d:2d:d4:26:ea:80:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jan 2 12:34:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=619aeb212d6ecafbe97e2a241a30605a828ac764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:db:29:df:f4:de:a1:a6:0f:b6:47:3c:4c:
2b:89:c9:8a:2a:bc:0b:be:7c:70:f0:2b:19:ae:24:
be:3d:7b:ca:64:8c:22:d3:82:49:af:f2:53:c8:a4:
df:6c:8e:93:83:b2:85:41:86:b6:2b:51:a9:45:b0:
5f:18:6a:f2:03:37:ba:61:30:dc:a2:8a:fc:96:aa:
3f:cc:4b:dd:81:1c:74:89:00:28:47:e5:cf:c7:f1:
86:7a:c8:cb:04:53:37:ae:35:ed:a7:7d:8b:ca:ef:
02:6d:03:2c:4b:c6:df:97:24:31:38:57:eb:be:2f:
81:4d:1e:f5:4e:b5:55:35:a5:5e:05:99:a7:66:b4:
3a:28:33:4a:36:f0:83:b6:42:dd:89:b8:c8:0d:d9:
09:f0:b8:ad:82:d6:84:ba:c3:d3:2b:13:fb:6f:ec:
86:d4:da:60:28:79:5c:f6:cd:2a:e2:39:da:a8:3b:
7f:4f:83:75:b5:bb:83:05:1e:b2:56:e4:bf:c5:49:
03:7f:7b:56:81:82:ff:f2:1a:20:73:ec:a7:76:36:
60:14:87:12:86:0d:be:5b:e0:e3:f7:00:e9:81:47:
b8:8e:b7:4f:90:b5:39:49:38:09:ab:2c:f7:57:a0:
90:53:0f:74:85:5b:f9:08:34:64:68:af:19:96:44:
2f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:EB:21:2D:6E:CA:FB:E9:7E:2A:24:1A:30:60:5A:82:8A:C7:64
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/YZrrIS1uyvvpfiokGjBgWoKKx2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.246.0/23
193.148.64.0/22
Signature Algorithm: sha256WithRSAEncryption
06:32:ef:57:54:8e:00:a4:f5:eb:29:75:92:29:a4:da:ce:62:
f8:6e:a6:a5:a0:b6:ad:75:04:b8:c2:db:91:17:0e:b6:8d:5e:
80:19:5e:06:11:f4:73:5d:73:50:9f:82:a8:0d:98:cd:17:c9:
68:3a:26:fc:f4:a7:22:dc:dd:72:2d:ef:8b:d6:94:95:8e:e8:
74:8e:db:a6:7a:b4:e7:8d:fe:1c:0f:55:d8:e7:7f:66:6a:ec:
56:f2:d3:c2:04:d9:99:70:c5:f0:4a:11:f0:4c:e8:2e:b3:ec:
0b:13:b3:19:7a:79:e3:5a:cf:46:d2:2c:f4:ff:ea:dd:ea:0d:
4d:0e:5a:3d:09:5c:47:12:80:45:fd:a8:d6:c2:f9:cd:a5:b7:
e9:1e:54:27:f6:de:b5:c2:b3:1b:e1:b5:bc:71:92:e7:9b:48:
30:c2:be:d4:81:74:5e:ce:23:d3:e7:3f:97:6a:69:1c:a4:a3:
9f:65:ea:be:0a:43:92:69:02:69:81:2f:d7:5f:ea:fa:a1:16:
43:02:3d:d6:ad:2f:2d:b1:d8:c1:23:4b:18:fa:53:f0:14:87:
7c:5a:4b:78:72:44:31:3c:12:fc:ca:a6:d0:98:d7:e9:3e:3a:
02:47:0a:8c:7d:d0:82:f7:94:e5:09:87:30:ff:bd:08:ea:2f:
2d:7c:26:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK3JplWNl821tLdQm6oC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjQwMTAyMTIzNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlhZWIyMTJkNmVjYWZiZTk3ZTJhMjQxYTMwNjA1YTgyOGFjNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/bKd/03qGmD7ZHPEwricmKKrwL
vnxw8CsZriS+PXvKZIwi04JJr/JTyKTfbI6Tg7KFQYa2K1GpRbBfGGryAze6YTDc
oor8lqo/zEvdgRx0iQAoR+XPx/GGesjLBFM3rjXtp32Lyu8CbQMsS8bflyQxOFfr
vi+BTR71TrVVNaVeBZmnZrQ6KDNKNvCDtkLdibjIDdkJ8LitgtaEusPTKxP7b+yG
1NpgKHlc9s0q4jnaqDt/T4N1tbuDBR6yVuS/xUkDf3tWgYL/8hogc+yndjZgFIcS
hg2+W+Dj9wDpgUe4jrdPkLU5STgJqyz3V6CQUw90hVv5CDRkaK8ZlkQv/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGGa6yEtbsr76X4qJBowYFqCisdkMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvWVpycklTMXV5dnZwZmlva0dqQmdXb0tLeDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+P2AwQC
wZRAMA0GCSqGSIb3DQEBCwUAA4IBAQAGMu9XVI4ApPXrKXWSKaTazmL4bqaloLat
dQS4wtuRFw62jV6AGV4GEfRzXXNQn4KoDZjNF8loOib89Kci3N1yLe+L1pSVjuh0
jtumerTnjf4cD1XY539mauxW8tPCBNmZcMXwShHwTOgus+wLE7MZennjWs9G0iz0
/+rd6g1NDlo9CVxHEoBF/ajWwvnNpbfpHlQn9t61wrMb4bW8cZLnm0gwwr7UgXRe
ziPT5z+XamkcpKOfZeq+CkOSaQJpgS/XX+r6oRZDAj3WrS8tsdjBI0sY+lPwFId8
Wkt4ckQxPBL8yqbQmNfpPjoCRwqMfdCC95TlCYcw/70I6i8tfCbQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:21 2024 by rpki-client on console-ams.rpki-client.org