Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/Yyk70xkUAfq6MPG_YMCwFM1Aa6o.roa
File: Yyk70xkUAfq6MPG_YMCwFM1Aa6o.roa (raw, json)
Hash identifier: nerk//KtjtTcpZESJNYh9EEAdjrot2dDs05IEnGI140=
Subject key identifier: 63:29:3B:D3:19:14:01:FA:BA:30:F1:BF:60:C0:B0:14:CD:40:6B:AA
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 0185719E6F607C84727E806E14971F632383
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/Yyk70xkUAfq6MPG_YMCwFM1Aa6o.roa
Signing time: Mon 02 Jan 2023 08:34:46 +0000
ROA not before: Mon 02 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36384
IP address blocks: 89.207.224.0/24 maxlen: 24
89.207.229.0/24 maxlen: 24
2a00:79e1::/32 maxlen: 32
2a00:79e1:f00::/40 maxlen: 40
2a00:79e1:800::/42 maxlen: 42
2a00:79e1:f000::/38 maxlen: 38
2a00:79e1:abc::/46 maxlen: 46
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:6f:60:7c:84:72:7e:80:6e:14:97:1f:63:23:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 2 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63293bd3191401faba30f1bf60c0b014cd406baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:54:92:84:18:9e:7a:bf:bc:b0:14:df:49:c5:
a5:c9:4c:fd:7c:4e:f9:78:8f:ba:61:f0:e9:3c:1b:
6a:02:c3:a4:85:34:0b:b3:b8:f0:10:b3:98:b4:9c:
a3:0c:8b:ad:e2:9d:52:ca:33:d5:7d:df:86:53:21:
0b:e9:02:98:f4:fe:4f:32:e8:d2:a8:cc:90:3d:41:
aa:04:6a:57:ff:f9:c1:46:8a:fa:eb:30:5a:f7:8e:
91:74:01:4d:6f:87:b5:24:a8:3c:35:cc:05:70:0a:
31:f5:11:c2:0b:e9:f2:29:6f:ac:1a:5f:29:dc:8e:
1a:60:c5:fd:e3:4a:57:66:40:85:a7:ba:e1:51:0f:
44:b0:b0:8b:40:1f:9f:00:7d:15:de:ff:c7:1f:dd:
7d:ee:72:e5:09:09:f2:e4:ca:a8:1d:ca:b2:81:31:
1b:20:96:93:cf:d7:1d:60:38:15:25:40:31:cd:77:
72:69:69:32:76:fc:44:53:b8:b6:2f:f8:bc:84:cf:
22:68:61:ed:2e:ee:71:da:c8:0b:55:85:ac:0a:ab:
a6:b5:b8:ce:a1:a8:b9:0e:0f:49:d7:db:9f:d2:fd:
64:93:70:ba:e3:42:d3:d5:41:2e:29:6e:d8:63:05:
61:1b:f3:97:c5:6b:41:19:8a:60:4a:8e:3a:34:d3:
7a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:29:3B:D3:19:14:01:FA:BA:30:F1:BF:60:C0:B0:14:CD:40:6B:AA
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/Yyk70xkUAfq6MPG_YMCwFM1Aa6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.224.0/24
89.207.229.0/24
IPv6:
2a00:79e1::/32
Signature Algorithm: sha256WithRSAEncryption
66:4d:8e:73:33:a1:b6:5c:54:34:58:bd:48:f8:63:cb:f1:54:
14:7d:b2:04:a8:74:0c:fe:a3:f6:5e:a1:b0:12:fe:12:7c:30:
0b:c4:9d:97:1f:33:18:03:f9:84:d1:17:6e:bc:e5:a6:72:8c:
66:f7:a4:54:9d:70:67:85:c7:e5:df:25:69:9c:33:41:c3:e5:
fc:c8:f0:ef:57:ac:43:af:4e:c6:77:3a:46:dc:57:f3:3f:db:
7c:ef:92:1b:97:86:d6:15:0c:4f:89:26:ea:3e:9e:93:1c:94:
6a:69:66:92:39:dc:9e:fc:28:42:58:7c:cf:fb:a4:60:0c:3c:
d8:58:9a:63:6c:9e:cf:1c:67:f2:a1:96:9d:85:03:2e:71:dc:
2d:a0:a1:f3:91:5c:cc:6f:38:ca:58:18:fd:fa:a3:63:44:25:
c3:47:2e:25:be:2e:16:6e:62:4d:b7:a8:a1:09:7d:2c:e5:89:
e3:81:2f:7c:92:7b:34:fd:dd:e1:d4:fc:5a:a8:e9:9d:3d:bc:
6f:f7:d2:5e:ef:5c:5c:32:bb:2b:73:d9:af:db:c1:30:bb:7f:
fc:91:62:61:d7:f0:a8:f8:14:b1:b5:14:86:4c:32:88:f4:ff:
49:a9:76:24:0a:fc:b0:81:5d:86:dc:14:c9:75:9c:a1:40:2f:
ab:f2:9c:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxnm9gfIRyfoBuFJcfYyODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzQ3ZmJlMjZjOWNkZDc2MjhhZGZlZGI1N2I3OGJlOGRl
NzVlMjkwHhcNMjMwMTAyMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI5M2JkMzE5MTQwMWZhYmEzMGYxYmY2MGMwYjAxNGNkNDA2YmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1SShBieer+8sBTfScWlyUz9fE75
eI+6YfDpPBtqAsOkhTQLs7jwELOYtJyjDIut4p1SyjPVfd+GUyEL6QKY9P5PMujS
qMyQPUGqBGpX//nBRor66zBa946RdAFNb4e1JKg8NcwFcAox9RHCC+nyKW+sGl8p
3I4aYMX940pXZkCFp7rhUQ9EsLCLQB+fAH0V3v/HH9197nLlCQny5MqoHcqygTEb
IJaTz9cdYDgVJUAxzXdyaWkydvxEU7i2L/i8hM8iaGHtLu5x2sgLVYWsCqumtbjO
oai5Dg9J19uf0v1kk3C640LT1UEuKW7YYwVhG/OXxWtBGYpgSo46NNN6GwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGMpO9MZFAH6ujDxv2DAsBTNQGuqMB8GA1UdIwQY
MBaAFMB0f74myc3XYorf7bV7eL6N514pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDIt
MzY4NjA4Mzg1ODgzLzEvWXlrNzB4a1VBZnE2TVBHX1lNQ3dGTTFBYTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDItMzY4NjA4Mzg1ODgz
LzEvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWc/gAwQA
Wc/lMA0EAgACMAcDBQAqAHnhMA0GCSqGSIb3DQEBCwUAA4IBAQBmTY5zM6G2XFQ0
WL1I+GPL8VQUfbIEqHQM/qP2XqGwEv4SfDALxJ2XHzMYA/mE0RduvOWmcoxm96RU
nXBnhcfl3yVpnDNBw+X8yPDvV6xDr07GdzpG3FfzP9t875Ibl4bWFQxPiSbqPp6T
HJRqaWaSOdye/ChCWHzP+6RgDDzYWJpjbJ7PHGfyoZadhQMucdwtoKHzkVzMbzjK
WBj9+qNjRCXDRy4lvi4WbmJNt6ihCX0s5YnjgS98kns0/d3h1PxaqOmdPbxv99Je
71xcMrsrc9mv28Ewu3/8kWJh1/Co+BSxtRSGTDKI9P9JqXYkCvywgV2G3BTJdZyh
QC+r8pzV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:12 2024 by rpki-client on console-ams.rpki-client.org