Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/688007-2b24-44b9-80f4-a62850feebb5/1/ybIAOdfWP80TO1L-hXcpF2opxwQ.roa
File: ybIAOdfWP80TO1L-hXcpF2opxwQ.roa (raw, json)
Hash identifier: SlkrO6Pgn1EYsP+2/H30Dd7ObXseD1GC+TS1PBYPvnE=
Subject key identifier: C9:B2:00:39:D7:D6:3F:CD:13:3B:52:FE:85:77:29:17:6A:29:C7:04
Certificate issuer: /CN=989badfd2a17fca3b935a368e2e03ad56d6e3b62
Certificate serial: 018C120847FB18483A27AAC3788D1A13D4DB
Authority key identifier: 98:9B:AD:FD:2A:17:FC:A3:B9:35:A3:68:E2:E0:3A:D5:6D:6E:3B:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJut_SoX_KO5NaNo4uA61W1uO2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/688007-2b24-44b9-80f4-a62850feebb5/1/ybIAOdfWP80TO1L-hXcpF2opxwQ.roa
Signing time: Mon 27 Nov 2023 18:26:21 +0000
ROA not before: Mon 27 Nov 2023 18:26:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48518
IP address blocks: 176.74.32.0/21 maxlen: 24
45.129.108.0/22 maxlen: 24
194.177.8.0/22 maxlen: 24
2a00:eb80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:08:47:fb:18:48:3a:27:aa:c3:78:8d:1a:13:d4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=989badfd2a17fca3b935a368e2e03ad56d6e3b62
Validity
Not Before: Nov 27 18:26:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9b20039d7d63fcd133b52fe857729176a29c704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b5:08:35:a6:3a:0a:75:8d:c3:27:12:9b:41:
8d:eb:04:ac:89:94:84:d5:f3:db:76:ef:c3:31:0d:
6e:f4:65:bc:e6:1a:41:d8:64:f7:50:90:92:76:f7:
f8:61:74:06:5e:82:1a:b0:53:6c:55:ce:f1:be:49:
5b:37:eb:2a:67:3e:39:52:8d:60:0e:c9:2b:6c:83:
ea:dd:7c:0f:b5:8a:6b:11:15:84:31:82:de:71:3e:
3a:f9:7b:e7:70:44:91:3c:86:7f:66:97:d9:c0:da:
11:4d:96:d5:d1:df:04:eb:1a:14:45:cc:04:15:0f:
0c:02:53:6a:d4:28:50:1b:a4:04:c9:93:43:4b:2d:
88:26:b5:41:22:02:fe:43:98:47:59:b0:ed:7f:9c:
6b:9d:3a:ac:3f:16:80:b2:e3:3a:33:ea:35:33:f2:
59:62:b3:df:11:f8:85:4f:21:19:3f:c4:5d:f7:7e:
5c:e1:bc:8d:74:1c:07:45:54:60:99:77:65:b0:e8:
38:56:f1:d2:cb:50:84:f3:2b:09:2b:01:6f:6b:96:
d8:07:57:8d:2c:09:e5:24:0b:1e:a6:50:6d:f8:25:
21:ab:47:5f:b5:71:de:d4:1e:cb:35:51:1c:5a:89:
58:61:ef:ba:5b:2f:b0:4b:23:de:07:9e:0f:5e:33:
bc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B2:00:39:D7:D6:3F:CD:13:3B:52:FE:85:77:29:17:6A:29:C7:04
X509v3 Authority Key Identifier:
keyid:98:9B:AD:FD:2A:17:FC:A3:B9:35:A3:68:E2:E0:3A:D5:6D:6E:3B:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJut_SoX_KO5NaNo4uA61W1uO2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/688007-2b24-44b9-80f4-a62850feebb5/1/ybIAOdfWP80TO1L-hXcpF2opxwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/688007-2b24-44b9-80f4-a62850feebb5/1/mJut_SoX_KO5NaNo4uA61W1uO2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.108.0/22
176.74.32.0/21
194.177.8.0/22
IPv6:
2a00:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
6c:7e:f5:85:bd:6f:6d:f8:66:31:f2:46:12:62:ea:0a:f3:cb:
53:1c:81:66:b3:06:eb:af:03:7a:18:b0:6d:98:8d:77:73:61:
7c:b3:7c:00:69:cc:97:bf:0c:40:ea:99:73:11:42:99:0f:91:
14:b4:e0:14:bf:b9:45:19:7a:fb:e2:34:48:a7:1a:01:9e:5a:
83:42:73:66:fc:60:2a:ea:33:4c:e8:46:8b:04:07:f9:c7:9e:
f1:bc:88:2a:49:d1:d6:0b:e7:f1:68:1d:26:49:df:86:53:46:
ed:dd:3a:61:fb:31:17:7a:ec:3c:fe:d9:97:b0:d0:91:e7:d0:
a2:9f:53:3f:fc:eb:50:9d:ee:14:15:2a:b7:4d:c4:12:9d:88:
2d:ce:59:0d:d7:61:51:c2:aa:e1:da:d8:43:b4:4a:7f:c1:5b:
c5:6f:a3:92:b9:ed:ac:a1:cc:bb:7f:ba:29:be:90:da:32:b4:
f4:76:43:5c:0b:11:98:70:93:0c:3c:0b:fd:dc:e0:a8:ce:a8:
4c:4a:09:c3:a5:70:86:10:51:29:d8:80:cf:32:55:33:3c:40:
9c:32:0b:c6:4b:c1:0c:5e:53:d6:a7:b9:47:8e:05:a3:32:cc:
c5:e3:ef:1d:95:eb:a5:b0:4e:a4:36:d3:09:12:34:cc:a1:49:
b2:21:1c:d7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYwSCEf7GEg6J6rDeI0aE9TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OWJhZGZkMmExN2ZjYTNiOTM1YTM2OGUyZTAzYWQ1NmQ2
ZTNiNjIwHhcNMjMxMTI3MTgyNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWIyMDAzOWQ3ZDYzZmNkMTMzYjUyZmU4NTc3MjkxNzZhMjljNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLUINaY6CnWNwycSm0GN6wSsiZSE
1fPbdu/DMQ1u9GW85hpB2GT3UJCSdvf4YXQGXoIasFNsVc7xvklbN+sqZz45Uo1g
DskrbIPq3XwPtYprERWEMYLecT46+XvncESRPIZ/ZpfZwNoRTZbV0d8E6xoURcwE
FQ8MAlNq1ChQG6QEyZNDSy2IJrVBIgL+Q5hHWbDtf5xrnTqsPxaAsuM6M+o1M/JZ
YrPfEfiFTyEZP8Rd935c4byNdBwHRVRgmXdlsOg4VvHSy1CE8ysJKwFva5bYB1eN
LAnlJAseplBt+CUhq0dftXHe1B7LNVEcWolYYe+6Wy+wSyPeB54PXjO8WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMmyADnX1j/NEztS/oV3KRdqKccEMB8GA1UdIwQY
MBaAFJibrf0qF/yjuTWjaOLgOtVtbjtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUp1dF9Tb1hfS081TmFObzR1QTYxVzF1TzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ODgwMDctMmIyNC00NGI5LTgwZjQt
YTYyODUwZmVlYmI1LzEveWJJQU9kZldQODBUTzFMLWhYY3BGMm9weHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ODgwMDctMmIyNC00NGI5LTgwZjQtYTYyODUwZmVlYmI1
LzEvbUp1dF9Tb1hfS081TmFObzR1QTYxVzF1TzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYFsAwQD
sEogAwQCwrEIMA0EAgACMAcDBQAqAOuAMA0GCSqGSIb3DQEBCwUAA4IBAQBsfvWF
vW9t+GYx8kYSYuoK88tTHIFmswbrrwN6GLBtmI13c2F8s3wAacyXvwxA6plzEUKZ
D5EUtOAUv7lFGXr74jRIpxoBnlqDQnNm/GAq6jNM6EaLBAf5x57xvIgqSdHWC+fx
aB0mSd+GU0bt3Tph+zEXeuw8/tmXsNCR59Cin1M//OtQne4UFSq3TcQSnYgtzlkN
12FRwqrh2thDtEp/wVvFb6OSue2socy7f7opvpDaMrT0dkNcCxGYcJMMPAv93OCo
zqhMSgnDpXCGEFEp2IDPMlUzPECcMgvGS8EMXlPWp7lHjgWjMszF4+8dleulsE6k
NtMJEjTMoUmyIRzX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:44 2024 by rpki-client on console-fra.rpki-client.org