Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yb3fpVCjkVI5xCBPkmNnXtIE1pI.roa
File: Yb3fpVCjkVI5xCBPkmNnXtIE1pI.roa (raw, json)
Hash identifier: CFShQgXTE8Lxh3bpviT+OfT7cSEOpmJAM3vXCBMD1ns=
Subject key identifier: 61:BD:DF:A5:50:A3:91:52:39:C4:20:4F:92:63:67:5E:D2:04:D6:92
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0192EC045BD640BF5858B1EA308ED0338CFE
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yb3fpVCjkVI5xCBPkmNnXtIE1pI.roa
Signing time: Sat 02 Nov 2024 08:36:01 +0000
ROA not before: Sat 02 Nov 2024 08:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 10:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:04:5b:d6:40:bf:58:58:b1:ea:30:8e:d0:33:8c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Nov 2 08:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61bddfa550a3915239c4204f9263675ed204d692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:07:4f:0d:8b:1d:b6:c4:04:1d:e2:39:32:32:
81:11:2b:6f:94:d5:81:57:a7:71:d4:1a:38:b9:50:
93:a8:6b:6d:d2:1c:69:75:2b:b2:fb:ad:22:1a:10:
31:c1:82:31:5f:a6:1e:41:22:2b:71:71:35:c8:d1:
ba:0b:d9:e1:25:16:87:e8:aa:1a:0d:f9:4c:af:97:
66:bd:00:89:cf:79:9c:b2:98:76:3c:57:36:ce:46:
78:18:2a:5e:4c:5f:37:71:e1:42:75:ba:94:7a:19:
6f:35:b4:e5:5e:9e:d1:54:9b:33:74:a9:37:9b:fa:
cc:f1:ad:48:54:3f:e0:ca:98:30:3a:c0:35:01:d0:
7a:a9:cf:fd:dd:a7:ba:63:6d:54:ef:c3:d9:7d:2b:
e7:ad:13:12:80:cc:58:10:ee:64:00:1e:44:2d:51:
99:d6:4f:c9:72:2a:d3:92:15:28:9d:ca:0b:a1:37:
b5:36:a2:7c:fe:40:18:9c:4f:8e:c5:25:a1:c7:ea:
10:65:7f:b7:4a:aa:cf:94:08:32:e0:8d:bf:7b:65:
b2:ce:02:95:74:cd:9f:21:e0:ea:b8:8f:e1:fc:4b:
7f:3a:52:45:b8:73:a8:b4:dd:86:7e:d8:9b:80:e0:
be:dc:c6:37:9e:a1:23:c0:a6:e3:d1:a8:f4:f7:46:
db:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BD:DF:A5:50:A3:91:52:39:C4:20:4F:92:63:67:5E:D2:04:D6:92
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yb3fpVCjkVI5xCBPkmNnXtIE1pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.252.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:f1:27:45:f3:a9:2c:c5:73:fc:42:9e:cc:ac:a7:af:50:9e:
82:74:fc:95:b5:8a:62:46:4d:d1:db:c6:3d:e7:54:fc:6e:07:
9c:b4:0f:8e:bf:b2:bc:1c:b3:a5:8d:0d:8f:a2:cb:a8:94:d2:
e4:57:62:24:08:b5:db:9f:01:e5:85:a1:bd:ec:7d:28:d7:80:
33:a6:4b:1b:33:bc:c1:52:13:aa:81:62:5a:08:4d:af:15:28:
90:34:23:62:d2:3a:9f:2e:c2:41:98:cb:78:8e:01:7d:13:4a:
80:67:0e:d3:02:42:96:c5:69:ba:a1:75:7b:e7:8a:35:6e:5b:
ef:14:c1:6f:46:72:ad:d3:bc:1e:91:4a:05:c3:e1:09:d9:3c:
0f:9e:80:59:51:d3:22:0e:81:10:e6:2a:bf:5b:4d:4e:93:65:
65:01:5d:0c:48:db:6a:92:35:20:a3:6c:b5:86:30:fa:75:24:
37:10:d6:8a:59:06:51:7c:31:78:fe:98:5a:46:1a:78:3f:e9:
86:71:d5:85:c9:c4:c4:08:68:05:8f:c0:a4:1d:12:11:1d:38:
50:d4:d1:77:b7:40:c9:d5:e1:77:8b:5b:d0:73:aa:17:b1:f1:
63:52:f1:7d:fd:ac:c6:81:e8:50:71:a3:fd:7e:1c:c3:a6:2e:
a9:05:59:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLsBFvWQL9YWLHqMI7QM4z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMTAyMDgzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJkZGZhNTUwYTM5MTUyMzljNDIwNGY5MjYzNjc1ZWQyMDRkNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAdPDYsdtsQEHeI5MjKBEStvlNWB
V6dx1Bo4uVCTqGtt0hxpdSuy+60iGhAxwYIxX6YeQSIrcXE1yNG6C9nhJRaH6Koa
DflMr5dmvQCJz3mcsph2PFc2zkZ4GCpeTF83ceFCdbqUehlvNbTlXp7RVJszdKk3
m/rM8a1IVD/gypgwOsA1AdB6qc/93ae6Y21U78PZfSvnrRMSgMxYEO5kAB5ELVGZ
1k/JcirTkhUoncoLoTe1NqJ8/kAYnE+OxSWhx+oQZX+3SqrPlAgy4I2/e2WyzgKV
dM2fIeDquI/h/Et/OlJFuHOotN2GftibgOC+3MY3nqEjwKbj0aj090bb3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGG936VQo5FSOcQgT5JjZ17SBNaSMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWWIzZnBWQ2prVkk1eENCUGttTm5YdElFMXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQj8MA0G
CSqGSIb3DQEBCwUAA4IBAQDI8SdF86ksxXP8Qp7MrKevUJ6CdPyVtYpiRk3R28Y9
51T8bgectA+Ov7K8HLOljQ2PosuolNLkV2IkCLXbnwHlhaG97H0o14AzpksbM7zB
UhOqgWJaCE2vFSiQNCNi0jqfLsJBmMt4jgF9E0qAZw7TAkKWxWm6oXV754o1blvv
FMFvRnKt07wekUoFw+EJ2TwPnoBZUdMiDoEQ5iq/W01Ok2VlAV0MSNtqkjUgo2y1
hjD6dSQ3ENaKWQZRfDF4/phaRhp4P+mGcdWFycTECGgFj8CkHRIRHThQ1NF3t0DJ
1eF3i1vQc6oXsfFjUvF9/azGgehQcaP9fhzDpi6pBVlc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:03 2025 by rpki-client