Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa
File: YeSFLemLGFK5t0_e10w3wsHB2qQ.roa (raw, json)
Hash identifier: 2E4EBKjN8XEtfXFVS0y4IaQ6Sq6r97eEDDMHZhoKKxo=
Subject key identifier: 61:E4:85:2D:E9:8B:18:52:B9:B7:4F:DE:D7:4C:37:C2:C1:C1:DA:A4
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 018746EEB1F3F2FD1EDFB608ACAB5A5E7CF4
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa
Signing time: Mon 03 Apr 2023 11:44:20 +0000
ROA not before: Mon 03 Apr 2023 11:44:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28787
IP address blocks: 37.32.75.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:ee:b1:f3:f2:fd:1e:df:b6:08:ac:ab:5a:5e:7c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Apr 3 11:44:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61e4852de98b1852b9b74fded74c37c2c1c1daa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:eb:b9:cf:a1:d4:2d:87:d6:d2:95:ae:48:
5a:fd:9e:bd:a9:ce:89:d3:2a:cc:aa:0b:b9:ee:78:
5c:b9:5b:00:9f:a7:fc:0c:53:0d:cf:22:16:06:71:
f7:ce:5e:78:de:60:02:a2:20:76:47:52:c3:86:d4:
c8:88:4d:e1:c3:25:19:cd:16:8a:d7:9c:a8:8b:8a:
f6:9f:22:84:05:03:f5:a7:f7:28:0f:a6:7b:34:64:
ba:14:a9:af:8a:e8:7d:2e:f3:60:fa:98:4b:1e:92:
66:79:f1:a8:d7:0b:16:e2:ed:87:8c:db:a5:ac:34:
c1:c7:41:f4:93:6b:55:a8:94:78:ec:ef:0e:90:b3:
30:fd:1c:09:a9:b7:f9:d8:3b:c7:05:d6:6a:57:a6:
4d:a2:2e:65:f2:ce:0b:d5:3a:cf:5c:85:92:d7:58:
47:d1:e9:1c:66:30:21:9e:28:bb:d2:93:bd:2e:fa:
eb:74:c8:a1:fe:41:e0:07:1c:62:d9:c7:eb:c3:f0:
4c:59:8e:91:28:fc:ce:b5:df:26:01:7a:db:9d:c6:
04:8d:fd:e0:74:f3:51:03:4d:f0:a8:9d:e7:5f:bd:
02:69:bb:26:c5:14:ae:b6:65:d7:f1:4f:33:7c:61:
df:ff:fb:19:05:2f:a3:20:c1:2d:82:e5:ba:08:14:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E4:85:2D:E9:8B:18:52:B9:B7:4F:DE:D7:4C:37:C2:C1:C1:DA:A4
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/YeSFLemLGFK5t0_e10w3wsHB2qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.75.0/24
Signature Algorithm: sha256WithRSAEncryption
66:36:97:e0:21:26:2b:7e:d8:09:12:30:1f:53:ea:9d:05:53:
69:be:b4:86:51:d1:a5:b1:5a:e0:4c:9c:ff:10:69:7c:d5:a5:
c6:ba:55:37:20:5a:aa:3d:7f:7a:4a:5b:56:da:a8:80:1d:9e:
5f:0d:af:32:d1:0d:fc:33:cb:10:9c:c4:4e:27:a7:d6:38:45:
df:a1:12:7c:16:a3:01:02:65:9e:ea:bc:03:65:d8:39:d0:92:
41:48:af:4a:c8:5f:59:d0:bb:81:3f:d2:2c:e6:d3:ee:11:79:
c3:cd:a2:62:ad:dc:e9:c0:0b:a5:ed:64:b3:72:42:da:f2:87:
e7:96:9b:05:5e:c3:ae:3a:55:8e:59:be:13:7c:3f:95:0d:d1:
c7:6c:39:01:51:48:67:b2:30:69:a2:e6:1e:3e:39:f4:f7:d4:
ce:de:c3:f4:d3:56:ba:0c:73:e4:ab:c3:33:93:af:02:5f:2a:
24:18:67:a4:f1:77:d2:51:b2:04:68:67:95:f0:86:ca:9d:f3:
d3:c2:bb:52:16:d5:09:a3:5e:e8:45:09:d1:e5:99:bf:39:d6:
e2:14:20:82:1e:fd:e8:e5:c3:5c:72:86:be:68:35:fd:02:bd:
cc:e0:d8:fb:50:c7:fd:65:a7:48:4c:b4:bc:98:8a:0e:c3:d8:
29:20:7f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdG7rHz8v0e37YIrKtaXnz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjMwNDAzMTE0NDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU0ODUyZGU5OGIxODUyYjliNzRmZGVkNzRjMzdjMmMxYzFkYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQXruc+h1C2H1tKVrkha/Z69qc6J
0yrMqgu57nhcuVsAn6f8DFMNzyIWBnH3zl543mACoiB2R1LDhtTIiE3hwyUZzRaK
15yoi4r2nyKEBQP1p/coD6Z7NGS6FKmviuh9LvNg+phLHpJmefGo1wsW4u2HjNul
rDTBx0H0k2tVqJR47O8OkLMw/RwJqbf52DvHBdZqV6ZNoi5l8s4L1TrPXIWS11hH
0ekcZjAhnii70pO9LvrrdMih/kHgBxxi2cfrw/BMWY6RKPzOtd8mAXrbncYEjf3g
dPNRA03wqJ3nX70CabsmxRSutmXX8U8zfGHf//sZBS+jIMEtguW6CBRzLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHkhS3pixhSubdP3tdMN8LBwdqkMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvWWVTRkxlbUxHRks1dDBfZTEwdzN3c0hCMnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSBLMA0G
CSqGSIb3DQEBCwUAA4IBAQBmNpfgISYrftgJEjAfU+qdBVNpvrSGUdGlsVrgTJz/
EGl81aXGulU3IFqqPX96SltW2qiAHZ5fDa8y0Q38M8sQnMROJ6fWOEXfoRJ8FqMB
AmWe6rwDZdg50JJBSK9KyF9Z0LuBP9Is5tPuEXnDzaJirdzpwAul7WSzckLa8ofn
lpsFXsOuOlWOWb4TfD+VDdHHbDkBUUhnsjBpouYePjn099TO3sP001a6DHPkq8Mz
k68CXyokGGek8XfSUbIEaGeV8IbKnfPTwrtSFtUJo17oRQnR5Zm/OdbiFCCCHv3o
5cNccoa+aDX9Ar3M4Nj7UMf9ZadITLS8mIoOw9gpIH8d
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:43 2024 by rpki-client on console-ams.rpki-client.org