Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YaC0-cY_xotK4SaeaHGwcJy0FTc.roa
File: YaC0-cY_xotK4SaeaHGwcJy0FTc.roa (raw, json)
Hash identifier: 39acvFLKZyi+9VZifbAc1Po+mbyE/1fCYRQoltrmplA=
Subject key identifier: 61:A0:B4:F9:C6:3F:C6:8B:4A:E1:26:9E:68:71:B0:70:9C:B4:15:37
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BFB82497DDA04FBB715EC4109BE00219E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YaC0-cY_xotK4SaeaHGwcJy0FTc.roa
Signing time: Thu 23 Nov 2023 09:28:21 +0000
ROA not before: Thu 23 Nov 2023 09:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:82:49:7d:da:04:fb:b7:15:ec:41:09:be:00:21:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 23 09:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61a0b4f9c63fc68b4ae1269e6871b0709cb41537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b5:44:21:7f:36:8c:53:5c:be:cb:c1:04:95:
d4:ba:46:ae:f8:e6:66:84:c6:ee:3f:d7:a4:4a:ee:
8f:34:0c:42:d4:63:73:a3:9e:3b:7e:3c:17:65:57:
f5:7e:36:74:38:28:60:76:3f:91:2c:7f:3c:c7:bb:
5e:d2:67:3b:67:73:1d:4d:33:b0:f2:3e:f6:c2:aa:
3e:19:68:43:a7:bb:da:fc:63:b3:37:a6:13:e0:e2:
33:74:93:74:f4:14:dc:da:25:e9:64:03:5c:40:cc:
f1:07:1c:45:55:43:1f:b6:79:99:75:2a:0f:ae:09:
8b:90:b5:11:c3:87:9a:1a:77:e5:03:07:39:34:62:
47:3e:9e:a1:c6:f2:db:9f:6b:64:2b:a8:45:d6:73:
ad:6d:68:0e:b2:1e:02:94:58:45:4d:be:b2:f7:8b:
65:61:b5:2a:68:08:2f:75:d4:41:e6:42:19:99:ed:
34:f3:66:6d:a3:7a:4d:93:d0:98:4d:9d:e9:66:b9:
83:b6:45:74:8f:a3:cf:8f:2c:2a:83:ec:13:33:21:
c9:14:65:c1:fd:b5:0d:73:3e:32:a4:83:ca:f6:1d:
3e:7f:fd:aa:bb:3f:c6:0d:c3:da:7a:ab:6a:c9:0e:
d0:7b:f3:d3:00:df:58:dc:a6:bf:f2:4e:b3:96:bc:
9f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A0:B4:F9:C6:3F:C6:8B:4A:E1:26:9E:68:71:B0:70:9C:B4:15:37
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YaC0-cY_xotK4SaeaHGwcJy0FTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
Signature Algorithm: sha256WithRSAEncryption
13:c5:5f:1a:ac:29:46:66:b5:26:b6:03:58:10:b0:1f:56:50:
e3:57:5f:95:03:ff:90:fc:e2:6d:d2:0e:6c:b9:34:63:bc:7f:
e4:ac:43:9e:47:5b:41:7a:8a:11:42:39:32:f5:7d:52:b4:71:
b8:a3:65:d0:11:77:24:7d:09:17:c0:ca:5d:87:3c:fd:be:ab:
d7:11:39:e5:67:c4:81:31:96:95:07:68:c2:90:b4:43:f2:aa:
f1:bd:52:b1:0b:84:f7:ee:45:9b:d7:bc:59:b7:93:7f:0c:e6:
11:5a:de:e7:44:d4:18:ac:9a:23:7e:16:0b:70:18:bc:d8:5b:
0c:01:a9:bb:40:a8:ec:e8:c4:33:77:9a:b8:62:fe:c0:f6:5c:
27:a6:ac:28:9a:28:af:1d:78:0c:52:3d:1f:e3:03:5c:4d:d2:
c5:b1:23:ea:44:21:ff:2f:44:4a:93:9e:fd:52:fe:f7:04:79:
77:2c:61:ba:a0:2a:c8:e9:d7:ce:44:92:56:57:ad:5b:21:68:
a4:85:e8:d1:9e:15:c0:66:1a:85:a5:1f:53:e3:28:1c:e8:33:
7c:61:37:b7:dd:25:13:d1:de:1c:b9:a5:97:85:c3:98:12:83:
b7:e9:9d:26:ac:be:e1:0f:3d:81:df:7a:21:15:f2:d2:3e:2c:
8b:06:3d:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv7gkl92gT7txXsQQm+ACGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIzMDkyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWEwYjRmOWM2M2ZjNjhiNGFlMTI2OWU2ODcxYjA3MDljYjQxNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLVEIX82jFNcvsvBBJXUukau+OZm
hMbuP9ekSu6PNAxC1GNzo547fjwXZVf1fjZ0OChgdj+RLH88x7te0mc7Z3MdTTOw
8j72wqo+GWhDp7va/GOzN6YT4OIzdJN09BTc2iXpZANcQMzxBxxFVUMftnmZdSoP
rgmLkLURw4eaGnflAwc5NGJHPp6hxvLbn2tkK6hF1nOtbWgOsh4ClFhFTb6y94tl
YbUqaAgvddRB5kIZme0082Zto3pNk9CYTZ3pZrmDtkV0j6PPjywqg+wTMyHJFGXB
/bUNcz4ypIPK9h0+f/2quz/GDcPaeqtqyQ7Qe/PTAN9Y3Ka/8k6zlryfvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGgtPnGP8aLSuEmnmhxsHCctBU3MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWWFDMC1jWV94b3RLNFNhZWFIR3djSnkwRlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSLgMA0G
CSqGSIb3DQEBCwUAA4IBAQATxV8arClGZrUmtgNYELAfVlDjV1+VA/+Q/OJt0g5s
uTRjvH/krEOeR1tBeooRQjky9X1StHG4o2XQEXckfQkXwMpdhzz9vqvXETnlZ8SB
MZaVB2jCkLRD8qrxvVKxC4T37kWb17xZt5N/DOYRWt7nRNQYrJojfhYLcBi82FsM
Aam7QKjs6MQzd5q4Yv7A9lwnpqwomiivHXgMUj0f4wNcTdLFsSPqRCH/L0RKk579
Uv73BHl3LGG6oCrI6dfORJJWV61bIWikhejRnhXAZhqFpR9T4ygc6DN8YTe33SUT
0d4cuaWXhcOYEoO36Z0mrL7hDz2B33ohFfLSPiyLBj1k
-----END CERTIFICATE-----
Generated at Thu Nov 23 23:34:17 2023 by rpki-client on console-fra.rpki-client.org