Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/YjayRWKknnrfdqDOFh9FD1refNY.roa
File: YjayRWKknnrfdqDOFh9FD1refNY.roa (raw, json)
Hash identifier: xtx4mQdO7mkZSucX/ueClQxVIwNAmz/CwbXOVYWqEa8=
Subject key identifier: 62:36:B2:45:62:A4:9E:7A:DF:76:A0:CE:16:1F:45:0F:5A:DE:7C:D6
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 018F7BA388DD2D34B17B136673703578216C
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/YjayRWKknnrfdqDOFh9FD1refNY.roa
Signing time: Wed 15 May 2024 09:44:25 +0000
ROA not before: Wed 15 May 2024 09:44:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21343
IP address blocks: 91.223.19.0/24 maxlen: 24
195.234.112.0/22 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
Validation: Failed, certificate revoked on Wed 11 Sep 2024 07:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:a3:88:dd:2d:34:b1:7b:13:66:73:70:35:78:21:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: May 15 09:44:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6236b24562a49e7adf76a0ce161f450f5ade7cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f9:44:ae:67:ec:47:2e:02:d0:95:40:45:8d:
37:9e:83:22:ed:6e:42:16:0f:18:5c:f3:dd:55:7d:
78:36:45:1f:18:f8:79:43:d5:b4:08:d3:3b:a0:87:
d9:71:84:0f:8f:8f:c8:39:f5:67:02:2a:91:be:00:
16:f0:0b:42:ff:cd:64:cf:55:ab:75:79:c8:c8:53:
f3:f6:4a:d4:26:46:28:32:eb:92:45:1e:d4:51:d7:
57:a7:dc:de:98:23:5a:db:ec:cb:59:33:3b:66:71:
43:2c:eb:53:ee:8e:6a:69:91:02:26:2c:61:3a:3e:
fe:c2:ec:12:2c:a0:ce:2d:2b:88:e6:c8:9a:41:57:
6f:ae:bb:ba:e5:82:c8:d3:92:72:5d:4e:5f:da:7b:
13:c7:5e:3f:60:e1:0b:ae:71:8b:8e:ee:e0:e6:4d:
6b:56:39:0b:47:6d:e9:d6:1e:8c:60:94:3c:ac:4c:
b3:c6:41:d7:87:13:5f:17:39:29:ef:84:17:6f:4d:
d0:bd:df:70:53:14:16:64:cc:5e:59:a3:ca:58:f1:
ac:4c:98:b2:03:8c:57:ba:da:ca:40:c4:52:53:a5:
d5:f3:e3:95:5d:3f:4c:ea:e0:03:3e:31:01:4a:64:
6f:a5:68:d5:a1:34:aa:24:7c:8a:82:e9:10:9a:68:
55:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:36:B2:45:62:A4:9E:7A:DF:76:A0:CE:16:1F:45:0F:5A:DE:7C:D6
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/YjayRWKknnrfdqDOFh9FD1refNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.19.0/24
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
5a:ff:7f:9d:0e:86:9d:55:bc:f5:44:13:34:ce:52:8d:04:ad:
46:c1:e5:56:cf:9a:4b:21:1b:51:b9:7c:05:e5:c8:e5:f8:da:
9a:48:42:f4:6c:d8:c8:66:c4:79:c3:fb:71:55:0b:e6:ff:09:
6d:f1:56:f0:33:1f:fd:b5:3e:9a:89:db:c1:e6:a9:f3:11:42:
28:50:0e:b1:bb:68:6f:e2:95:32:3c:e1:48:38:b1:16:70:19:
4e:06:e8:57:b9:9e:58:4e:ec:6c:a9:cc:e0:50:bd:5e:cf:ac:
08:d1:b3:43:88:63:66:9c:a0:ba:c1:f4:db:9f:66:cd:30:2d:
2a:71:78:8f:3a:c2:14:ea:cb:39:6e:3b:1b:9e:da:c6:d5:07:
3f:4d:a2:dd:d1:6c:7b:bf:46:e9:e6:c2:bf:0a:e8:07:b8:f6:
83:41:d0:71:f2:c2:b5:e1:2c:37:4f:00:d5:f6:8b:6d:da:7a:
f0:71:25:91:81:4b:65:fe:dc:96:4e:08:f4:22:3e:fa:67:33:
0c:97:0d:12:c8:43:5a:5e:2e:d1:32:ae:a8:e2:ba:77:33:f4:
4e:95:24:15:b1:8e:98:52:40:21:74:02:94:7b:0f:0c:db:41:
28:9a:05:22:d4:08:6a:b4:63:c0:7c:75:ed:5b:8b:02:fc:7b:
82:b9:0d:df
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY97o4jdLTSxexNmc3A1eCFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjQwNTE1MDk0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjM2YjI0NTYyYTQ5ZTdhZGY3NmEwY2UxNjFmNDUwZjVhZGU3Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/lErmfsRy4C0JVARY03noMi7W5C
Fg8YXPPdVX14NkUfGPh5Q9W0CNM7oIfZcYQPj4/IOfVnAiqRvgAW8AtC/81kz1Wr
dXnIyFPz9krUJkYoMuuSRR7UUddXp9zemCNa2+zLWTM7ZnFDLOtT7o5qaZECJixh
Oj7+wuwSLKDOLSuI5siaQVdvrru65YLI05JyXU5f2nsTx14/YOELrnGLju7g5k1r
VjkLR23p1h6MYJQ8rEyzxkHXhxNfFzkp74QXb03Qvd9wUxQWZMxeWaPKWPGsTJiy
A4xXutrKQMRSU6XV8+OVXT9M6uADPjEBSmRvpWjVoTSqJHyKgukQmmhV6QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGI2skVipJ5633agzhYfRQ9a3nzWMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvWWpheVJXS2tubnJmZHFET0ZoOUZEMXJlZk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAW98TAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAWv9/nQ6GnVW8
9UQTNM5SjQStRsHlVs+aSyEbUbl8BeXI5fjamkhC9GzYyGbEecP7cVUL5v8JbfFW
8DMf/bU+monbweap8xFCKFAOsbtob+KVMjzhSDixFnAZTgboV7meWE7sbKnM4FC9
Xs+sCNGzQ4hjZpygusH0259mzTAtKnF4jzrCFOrLOW47G57axtUHP02i3dFse79G
6ebCvwroB7j2g0HQcfLCteEsN08A1faLbdp68HElkYFLZf7clk4I9CI++mczDJcN
EshDWl4u0TKuqOK6dzP0TpUkFbGOmFJAIXQClHsPDNtBKJoFItQIarRjwHx17VuL
Avx7grkN3w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:50 2025 by rpki-client