Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa
File: YT96XP2SiyCh-FuJdqcB-f5ed2c.roa (raw, json)
Hash identifier: WcjOUMhN+EL6C+G7uP+tMA/3527k/UwcqIdZEaKyNGI=
Subject key identifier: 61:3F:7A:5C:FD:92:8B:20:A1:F8:5B:89:76:A7:01:F9:FE:5E:77:67
Certificate issuer: /CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
Certificate serial: 01856B00C5334A1302B1AD7E292614C09164
Authority key identifier: 2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa
Signing time: Sun 01 Jan 2023 01:44:50 +0000
ROA not before: Sun 01 Jan 2023 01:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204991
IP address blocks: 91.203.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:00:c5:33:4a:13:02:b1:ad:7e:29:26:14:c0:91:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f920d9912b3a728b94818188ef3e3e57f8d3f9c
Validity
Not Before: Jan 1 01:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=613f7a5cfd928b20a1f85b8976a701f9fe5e7767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:07:67:ee:e1:d7:9d:d4:23:15:93:cf:85:ad:
4f:ce:2c:1c:2c:18:74:40:c9:ef:9f:5a:ca:92:d3:
6a:9d:02:45:e3:e7:78:87:f1:87:06:43:4c:e7:ce:
50:59:d2:3d:2f:e0:4a:46:f7:56:67:8b:21:e3:b1:
ab:b5:79:98:2d:f3:18:99:2d:16:32:da:c3:bc:9c:
98:d5:b6:00:be:50:f6:f9:4e:b7:3c:7d:2f:f5:b9:
ae:ff:5d:39:ff:8b:32:bb:84:9a:9b:07:d9:a5:46:
85:9d:63:28:3a:1d:66:21:c2:32:c7:2d:0c:67:a0:
09:88:1a:8c:bf:87:e3:6e:ef:34:5f:08:7b:c6:9b:
40:06:16:d9:a8:dc:1a:eb:62:0d:12:6e:0b:d3:c9:
4f:cf:e3:22:9d:e3:70:51:c7:7b:64:25:de:26:e1:
8b:a1:d7:4b:d1:b1:80:32:8d:25:a8:bb:36:00:d7:
8b:b1:4d:0a:ec:b5:0d:83:69:bf:0c:02:8f:a7:6f:
9e:8b:6a:76:10:38:e5:d0:35:1a:2c:07:b1:21:0b:
33:3f:81:3d:a5:a7:3a:f9:3b:02:85:11:ea:26:07:
d4:f4:92:4b:cb:c7:1d:56:25:57:0c:67:30:f3:78:
c2:24:5a:36:53:0c:f0:54:29:96:f4:c2:66:51:93:
80:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3F:7A:5C:FD:92:8B:20:A1:F8:5B:89:76:A7:01:F9:FE:5E:77:67
X509v3 Authority Key Identifier:
keyid:2F:92:0D:99:12:B3:A7:28:B9:48:18:18:8E:F3:E3:E5:7F:8D:3F:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5INmRKzpyi5SBgYjvPj5X-NP5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/YT96XP2SiyCh-FuJdqcB-f5ed2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/626525-6ac4-4ad3-b8d2-9c3000245676/1/L5INmRKzpyi5SBgYjvPj5X-NP5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.226.0/24
Signature Algorithm: sha256WithRSAEncryption
14:18:fc:2d:2e:c6:31:15:99:9e:b2:a7:b2:51:1b:b3:16:3b:
1f:68:b3:0e:06:0c:08:86:f4:12:27:7d:ae:d2:52:00:f0:04:
9b:6b:dd:ea:7e:2e:58:6f:eb:2a:f0:bf:35:1b:20:50:aa:d4:
48:72:17:7b:aa:3c:7a:a3:a2:92:6f:e1:a1:ae:cf:23:fb:77:
65:04:39:db:b3:be:d5:52:56:0a:5d:cd:b4:8a:3e:1e:e6:b9:
25:4c:6e:76:ba:e5:5a:b4:79:aa:dc:52:ab:78:bd:2d:51:ff:
ea:ac:85:d1:9c:d0:26:61:6f:0e:f6:93:d2:d9:ed:70:53:9d:
08:30:8a:82:e4:82:47:b6:3a:52:f3:a4:77:77:c3:cc:75:09:
ae:f6:b0:bb:20:db:f8:f6:77:e7:26:52:c6:37:b5:12:da:4c:
33:8d:35:13:6b:82:dc:c0:07:6b:fc:29:3e:98:9a:c2:90:b8:
b8:2c:f7:04:f6:32:c0:c6:f6:cd:17:83:8d:b6:13:fb:59:ab:
02:31:88:50:dc:18:0b:34:d4:ce:36:94:b7:28:95:a7:a2:c6:
45:99:b1:57:0d:f9:be:da:1d:ac:fb:c1:3d:3b:a8:7d:82:fa:
62:29:74:3c:1e:73:3c:f2:cf:3b:c7:07:1a:7d:e1:6b:fd:7f:
06:aa:2e:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrAMUzShMCsa1+KSYUwJFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTIwZDk5MTJiM2E3MjhiOTQ4MTgxODhlZjNlM2U1N2Y4
ZDNmOWMwHhcNMjMwMTAxMDE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTNmN2E1Y2ZkOTI4YjIwYTFmODViODk3NmE3MDFmOWZlNWU3NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggdn7uHXndQjFZPPha1PziwcLBh0
QMnvn1rKktNqnQJF4+d4h/GHBkNM585QWdI9L+BKRvdWZ4sh47GrtXmYLfMYmS0W
MtrDvJyY1bYAvlD2+U63PH0v9bmu/105/4syu4SamwfZpUaFnWMoOh1mIcIyxy0M
Z6AJiBqMv4fjbu80Xwh7xptABhbZqNwa62INEm4L08lPz+MineNwUcd7ZCXeJuGL
oddL0bGAMo0lqLs2ANeLsU0K7LUNg2m/DAKPp2+ei2p2EDjl0DUaLAexIQszP4E9
pac6+TsChRHqJgfU9JJLy8cdViVXDGcw83jCJFo2UwzwVCmW9MJmUZOA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGE/elz9kosgofhbiXanAfn+XndnMB8GA1UdIwQY
MBaAFC+SDZkSs6couUgYGI7z4+V/jT+cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVJTm1SS3pweWk1U0JnWWp2UGo1WC1OUDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY1MjUtNmFjNC00YWQzLWI4ZDIt
OWMzMDAwMjQ1Njc2LzEvWVQ5NlhQMlNpeUNoLUZ1SmRxY0ItZjVlZDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY1MjUtNmFjNC00YWQzLWI4ZDItOWMzMDAwMjQ1Njc2
LzEvTDVJTm1SS3pweWk1U0JnWWp2UGo1WC1OUDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8viMA0G
CSqGSIb3DQEBCwUAA4IBAQAUGPwtLsYxFZmesqeyURuzFjsfaLMOBgwIhvQSJ32u
0lIA8ASba93qfi5Yb+sq8L81GyBQqtRIchd7qjx6o6KSb+Ghrs8j+3dlBDnbs77V
UlYKXc20ij4e5rklTG52uuVatHmq3FKreL0tUf/qrIXRnNAmYW8O9pPS2e1wU50I
MIqC5IJHtjpS86R3d8PMdQmu9rC7INv49nfnJlLGN7US2kwzjTUTa4LcwAdr/Ck+
mJrCkLi4LPcE9jLAxvbNF4ONthP7WasCMYhQ3BgLNNTONpS3KJWnosZFmbFXDfm+
2h2s+8E9O6h9gvpiKXQ8HnM88s87xwcafeFr/X8Gqi4g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org