Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/ytU1nfzKNEoNEfZLWuMRAGB9IMo.roa
File: ytU1nfzKNEoNEfZLWuMRAGB9IMo.roa (raw, json)
Hash identifier: rvMZTD23e/69sV3Oxyc6yRMCIBtmyqktmF1AxMrWJnc=
Subject key identifier: CA:D5:35:9D:FC:CA:34:4A:0D:11:F6:4B:5A:E3:11:00:60:7D:20:CA
Certificate issuer: /CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Certificate serial: 018570152C432FE328B2C613A20D5E8E3CBC
Authority key identifier: 62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/ytU1nfzKNEoNEfZLWuMRAGB9IMo.roa
Signing time: Mon 02 Jan 2023 01:25:13 +0000
ROA not before: Mon 02 Jan 2023 01:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51793
IP address blocks: 91.221.78.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2c:43:2f:e3:28:b2:c6:13:a2:0d:5e:8e:3c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626aa89132d2a684d8d2a1a3f7e40f2234636f38
Validity
Not Before: Jan 2 01:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cad5359dfcca344a0d11f64b5ae31100607d20ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:be:71:d4:28:58:d6:3a:81:57:5a:db:26:8e:
e9:ce:5c:0d:e3:a0:e1:da:49:80:be:ba:2e:4a:39:
82:c4:d3:62:92:66:d2:3d:67:64:1e:19:1e:39:0d:
a1:ab:15:bf:f7:47:f4:21:93:13:5b:28:3e:0f:9a:
c0:ec:62:98:59:f5:af:09:9f:c5:04:70:82:b7:e1:
42:35:ad:9d:76:cf:84:54:5b:a1:69:49:3f:eb:f5:
7a:d0:44:98:08:9d:1b:b4:79:02:88:f4:f6:9f:48:
c0:de:02:94:37:55:67:8c:6d:00:71:41:26:05:97:
24:2b:61:7f:6c:91:d8:8f:8f:50:2f:cd:c2:70:81:
49:48:c5:00:17:08:c2:68:f5:59:8d:3b:34:ad:14:
62:a9:1c:4c:21:5c:eb:7e:2a:ab:4e:74:84:9e:d6:
96:bf:03:12:c5:e7:69:bd:28:7f:80:80:07:19:bd:
ec:46:08:16:03:a4:23:ee:bc:2b:b6:d4:13:57:50:
e7:cf:34:21:c8:d3:ae:cb:6e:59:5a:fe:23:2b:dd:
63:65:79:a4:34:a4:38:e9:a2:8d:5e:c4:c1:62:fd:
e8:f5:6c:a0:e1:44:0e:03:00:94:2b:81:5e:bd:8b:
94:a6:6f:79:39:eb:b7:fb:b0:d0:53:80:4a:20:93:
19:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D5:35:9D:FC:CA:34:4A:0D:11:F6:4B:5A:E3:11:00:60:7D:20:CA
X509v3 Authority Key Identifier:
keyid:62:6A:A8:91:32:D2:A6:84:D8:D2:A1:A3:F7:E4:0F:22:34:63:6F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmqokTLSpoTY0qGj9-QPIjRjbzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/ytU1nfzKNEoNEfZLWuMRAGB9IMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4cc0a8-ec44-49dd-a3e2-2926fc5f61b7/1/YmqokTLSpoTY0qGj9-QPIjRjbzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.78.0/23
Signature Algorithm: sha256WithRSAEncryption
15:d0:1e:e4:44:46:ce:d1:6f:fe:0e:47:5d:30:20:3c:70:a4:
6a:9b:95:88:70:05:c3:de:0b:bf:f1:de:bf:ae:30:74:55:7a:
a1:57:bc:ff:2f:69:58:0c:12:68:8f:96:17:79:9e:1f:81:3d:
2f:fc:3d:05:10:34:b7:0a:11:bb:40:99:b8:7c:7d:0d:9f:b5:
1a:d0:38:78:65:e0:45:f4:20:5b:8c:71:4e:b6:af:88:44:1f:
9f:4d:c0:2d:20:0f:d8:77:1f:75:92:35:1e:5c:48:94:e4:7d:
c2:ca:97:2c:bb:ef:c8:82:8c:11:fa:24:b4:bb:61:71:25:4c:
21:af:ae:9e:81:90:72:96:d0:4c:ac:aa:64:d4:19:ac:45:ed:
73:d8:33:10:20:96:96:a6:1a:46:85:cd:8f:ce:2e:4e:27:c9:
6f:25:0f:5c:78:23:54:aa:d9:4a:4e:26:e6:07:57:78:dc:87:
ec:d2:6f:06:29:72:e2:3d:ba:51:3e:fb:dd:45:34:76:d7:89:
5f:72:33:63:50:e3:d5:1e:06:e4:26:e9:3c:49:71:9b:74:3e:
19:e1:6d:47:7a:39:c1:f5:ba:0c:a5:f3:64:64:22:be:5c:3c:
f3:b7:d8:a8:2d:4f:ad:48:24:ff:f4:9b:b4:72:0b:bf:f6:17:
0b:ec:f3:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFSxDL+MossYTog1ejjy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmFhODkxMzJkMmE2ODRkOGQyYTFhM2Y3ZTQwZjIyMzQ2
MzZmMzgwHhcNMjMwMTAyMDEyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQ1MzU5ZGZjY2EzNDRhMGQxMWY2NGI1YWUzMTEwMDYwN2QyMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm75x1ChY1jqBV1rbJo7pzlwN46Dh
2kmAvrouSjmCxNNikmbSPWdkHhkeOQ2hqxW/90f0IZMTWyg+D5rA7GKYWfWvCZ/F
BHCCt+FCNa2dds+EVFuhaUk/6/V60ESYCJ0btHkCiPT2n0jA3gKUN1VnjG0AcUEm
BZckK2F/bJHYj49QL83CcIFJSMUAFwjCaPVZjTs0rRRiqRxMIVzrfiqrTnSEntaW
vwMSxedpvSh/gIAHGb3sRggWA6Qj7rwrttQTV1DnzzQhyNOuy25ZWv4jK91jZXmk
NKQ46aKNXsTBYv3o9Wyg4UQOAwCUK4FevYuUpm95Oeu3+7DQU4BKIJMZpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrVNZ38yjRKDRH2S1rjEQBgfSDKMB8GA1UdIwQY
MBaAFGJqqJEy0qaE2NKho/fkDyI0Y284MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTIt
MjkyNmZjNWY2MWI3LzEveXRVMW5mektORW9ORWZaTFd1TVJBR0I5SU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80Y2MwYTgtZWM0NC00OWRkLWEzZTItMjkyNmZjNWY2MWI3
LzEvWW1xb2tUTFNwb1RZMHFHajktUVBJalJqYnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW91OMA0G
CSqGSIb3DQEBCwUAA4IBAQAV0B7kREbO0W/+DkddMCA8cKRqm5WIcAXD3gu/8d6/
rjB0VXqhV7z/L2lYDBJoj5YXeZ4fgT0v/D0FEDS3ChG7QJm4fH0Nn7Ua0Dh4ZeBF
9CBbjHFOtq+IRB+fTcAtIA/Ydx91kjUeXEiU5H3Cypcsu+/IgowR+iS0u2FxJUwh
r66egZByltBMrKpk1BmsRe1z2DMQIJaWphpGhc2Pzi5OJ8lvJQ9ceCNUqtlKTibm
B1d43Ifs0m8GKXLiPbpRPvvdRTR214lfcjNjUOPVHgbkJuk8SXGbdD4Z4W1HejnB
9boMpfNkZCK+XDzzt9ioLU+tSCT/9Ju0cgu/9hcL7PO6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:46 2024 by rpki-client on console-ams.rpki-client.org