Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/yqPxvF54irr-4BqmS0Jy_61ABtQ.roa
File: yqPxvF54irr-4BqmS0Jy_61ABtQ.roa (raw, json)
Hash identifier: tgqGdnVMi1EwdpmvBPJInXwG2yBbJqIaWPoKlRX7vbA=
Subject key identifier: CA:A3:F1:BC:5E:78:8A:BA:FE:E0:1A:A6:4B:42:72:FF:AD:40:06:D4
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018829A44F56A2E85AAE92ED6E86AE0FE215
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/yqPxvF54irr-4BqmS0Jy_61ABtQ.roa
Signing time: Wed 17 May 2023 12:16:53 +0000
ROA not before: Wed 17 May 2023 12:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 91.149.215.0/24 maxlen: 24
91.149.228.0/24 maxlen: 24
91.149.252.0/24 maxlen: 24
91.149.248.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Sep 2023 12:44:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:a4:4f:56:a2:e8:5a:ae:92:ed:6e:86:ae:0f:e2:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: May 17 12:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caa3f1bc5e788abafee01aa64b4272ffad4006d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:fe:06:3f:f1:29:77:f6:ec:e1:4a:43:2e:
ca:56:b2:93:fa:97:48:90:33:ab:24:19:13:a9:ab:
51:14:9d:16:ae:40:90:9b:37:9e:67:5b:5b:b7:48:
98:ab:83:92:a1:68:03:b4:bd:ca:03:af:4f:97:61:
e6:fd:f4:82:cc:67:d8:66:aa:06:46:d4:0c:e3:c7:
fb:ed:a1:11:0f:27:dd:f4:ae:ad:a1:ac:ea:3a:b3:
9a:fa:d3:6e:f1:73:59:4b:05:cc:36:51:78:78:67:
4b:fb:42:d5:ed:d5:62:69:8a:5f:12:1f:e1:23:f7:
61:82:02:20:e8:37:26:ab:3c:22:69:be:da:e2:43:
82:79:8e:b3:d5:1f:b4:1e:11:21:2b:56:2b:c2:31:
ed:b9:2e:48:bd:c6:e7:cf:6c:96:a4:d7:5f:0b:50:
17:70:bf:5a:f7:89:74:f9:80:e6:5e:64:91:ab:67:
a4:d0:2f:60:37:d7:57:c1:ac:f6:ff:d6:2e:ea:c6:
c9:55:0d:ae:44:33:9c:81:a3:92:97:d7:8e:af:56:
cd:f7:ef:bf:a6:dc:53:4c:8a:35:19:8a:a5:db:9a:
73:fc:ee:1f:9d:9f:d3:22:40:3e:c9:4a:97:13:2c:
50:40:1a:b3:88:48:8a:56:12:bc:18:89:43:0e:1c:
4b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A3:F1:BC:5E:78:8A:BA:FE:E0:1A:A6:4B:42:72:FF:AD:40:06:D4
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/yqPxvF54irr-4BqmS0Jy_61ABtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.215.0/24
91.149.228.0/24
91.149.248.0-91.149.252.255
Signature Algorithm: sha256WithRSAEncryption
d6:66:cf:a3:05:c1:52:71:d5:1c:3a:67:c0:cb:3c:4b:e1:a6:
a6:d6:fb:4a:dc:04:18:b5:86:ea:10:0f:8a:65:f2:8f:45:55:
86:79:da:81:e4:8e:56:2d:df:49:ea:22:d9:2b:25:6a:9e:e6:
d1:18:4a:14:80:24:02:32:3d:19:52:49:73:cb:82:8b:ca:04:
a6:a5:f9:d4:ab:5a:b5:02:50:6e:e4:38:60:2f:3d:1d:1f:3f:
2c:09:de:70:06:54:47:23:95:10:d2:7e:53:65:50:5f:98:58:
c0:eb:ac:53:31:2c:e4:ef:b3:65:18:e2:3d:cc:ae:bb:9f:2f:
ec:b6:72:1c:c6:1c:f4:29:b9:58:2a:c0:38:4e:5f:f9:16:24:
b5:65:9c:5f:68:ae:7c:0a:0f:8a:20:f7:f3:2c:37:d1:d8:0a:
3e:0d:5d:a1:b0:8a:8b:e5:91:5f:2c:29:d1:89:48:7f:5c:eb:
01:c0:4d:1b:bd:a1:27:58:5c:1a:f4:27:10:be:68:c3:b9:4e:
31:83:2a:42:42:c2:6c:40:82:30:78:71:a0:be:3a:89:d5:44:
72:6c:de:17:92:47:14:12:61:92:48:e7:99:df:d3:15:93:b5:
1b:5f:83:67:62:7f:c1:82:b6:68:6a:23:ab:69:56:46:a4:8e:
6e:c6:b9:57
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYgppE9WouharpLtboauD+IVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjMwNTE3MTIxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEzZjFiYzVlNzg4YWJhZmVlMDFhYTY0YjQyNzJmZmFkNDAwNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD/+Bj/xKXf27OFKQy7KVrKT+pdI
kDOrJBkTqatRFJ0WrkCQmzeeZ1tbt0iYq4OSoWgDtL3KA69Pl2Hm/fSCzGfYZqoG
RtQM48f77aERDyfd9K6toazqOrOa+tNu8XNZSwXMNlF4eGdL+0LV7dViaYpfEh/h
I/dhggIg6Dcmqzwiab7a4kOCeY6z1R+0HhEhK1YrwjHtuS5Ivcbnz2yWpNdfC1AX
cL9a94l0+YDmXmSRq2ek0C9gN9dXwaz2/9Yu6sbJVQ2uRDOcgaOSl9eOr1bN9++/
ptxTTIo1GYql25pz/O4fnZ/TIkA+yUqXEyxQQBqziEiKVhK8GIlDDhxLTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMqj8bxeeIq6/uAapktCcv+tQAbUMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEveXFQeHZGNTRpcnItNEJxbVMwSnlfNjFBQnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW5XXAwQA
W5XkMAwDBANblfgDBABblfwwDQYJKoZIhvcNAQELBQADggEBANZmz6MFwVJx1Rw6
Z8DLPEvhpqbW+0rcBBi1huoQD4pl8o9FVYZ52oHkjlYt30nqItkrJWqe5tEYShSA
JAIyPRlSSXPLgovKBKal+dSrWrUCUG7kOGAvPR0fPywJ3nAGVEcjlRDSflNlUF+Y
WMDrrFMxLOTvs2UY4j3MrrufL+y2chzGHPQpuVgqwDhOX/kWJLVlnF9ornwKD4og
9/MsN9HYCj4NXaGwiovlkV8sKdGJSH9c6wHATRu9oSdYXBr0JxC+aMO5TjGDKkJC
wmxAgjB4caC+OonVRHJs3heSRxQSYZJI55nf0xWTtRtfg2dif8GCtmhqI6tpVkak
jm7GuVc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org