Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/ORRwychNm6w2hvxSLXyZjh2LZh0.roa
File: ORRwychNm6w2hvxSLXyZjh2LZh0.roa (raw, json)
Hash identifier: o9bO/GU3WoSOCdtsfQ94D9W+jGKvUOstzWbgcqTfhTE=
Subject key identifier: 39:14:70:C9:C8:4D:9B:AC:36:86:FC:52:2D:7C:99:8E:1D:8B:66:1D
Certificate issuer: /CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Certificate serial: 0185704BCABE86A011A484CE3C9DC86AF598
Authority key identifier: CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/ORRwychNm6w2hvxSLXyZjh2LZh0.roa
Signing time: Mon 02 Jan 2023 02:24:53 +0000
ROA not before: Mon 02 Jan 2023 02:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29060
IP address blocks: 217.17.144.0/20 maxlen: 24
81.91.112.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 03:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:ca:be:86:a0:11:a4:84:ce:3c:9d:c8:6a:f5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Validity
Not Before: Jan 2 02:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=391470c9c84d9bac3686fc522d7c998e1d8b661d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d1:75:26:95:e4:0b:19:cc:c6:f6:a2:22:8d:
85:86:c9:1f:d5:b6:83:5e:4a:4a:cb:f8:2b:28:b8:
69:78:a7:15:5a:f9:77:24:08:d3:a0:da:ab:48:e4:
4c:e2:60:84:56:57:cb:34:17:1b:2d:b4:c1:e7:39:
c2:c1:35:e6:9a:a9:dd:40:b7:21:6a:54:83:7c:2a:
cf:ad:04:dc:80:4f:5f:e6:ae:a7:f9:1f:87:13:b4:
d0:bd:75:78:a8:dd:ce:05:a4:d8:c4:7b:22:0d:13:
c2:b8:d0:52:43:b5:d1:d2:e9:bc:45:9d:05:4d:3e:
c9:74:36:4f:f5:be:67:be:32:ff:10:38:3d:ef:4d:
c1:da:4e:00:a6:ff:f1:93:e7:44:b0:08:07:55:f9:
f6:6f:71:73:4c:59:eb:16:7a:1a:ef:22:36:b9:2f:
de:e4:91:34:bb:20:89:66:29:ab:10:6a:f4:98:4b:
c0:71:4b:7a:85:1f:cb:a7:d6:63:08:c3:60:d5:4b:
d1:18:d9:63:01:5a:67:05:24:55:2a:22:21:c6:ba:
ae:42:49:2c:a7:aa:63:da:3c:29:f4:a0:a3:9e:55:
ce:31:92:79:af:b0:e3:4c:11:25:29:2a:98:55:6f:
4f:ef:93:f7:f3:28:ea:3c:4a:aa:cc:bf:08:08:92:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:14:70:C9:C8:4D:9B:AC:36:86:FC:52:2D:7C:99:8E:1D:8B:66:1D
X509v3 Authority Key Identifier:
keyid:CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/ORRwychNm6w2hvxSLXyZjh2LZh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yvr2-iW40qyxtE3N1VQ3q6Iibp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.112.0/20
217.17.144.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:4b:1e:de:3b:65:93:14:f4:5f:9d:f9:4b:28:3c:b6:c7:9a:
e0:37:e2:0d:df:33:9c:b5:79:8c:d1:69:a4:15:11:e0:e1:14:
85:08:b7:58:80:25:f4:a7:b5:02:e7:0d:ca:fb:56:79:dd:48:
3e:2a:19:bc:55:a8:26:f9:b6:ab:de:36:b3:b5:aa:fc:fc:1a:
f4:6a:7d:00:be:f3:55:73:2b:4c:be:9f:54:69:43:a3:04:73:
5e:a1:28:70:74:b2:80:29:4e:0a:25:e2:cb:90:b4:33:cf:45:
44:be:af:a5:46:6a:01:7a:e8:b1:8b:24:c1:99:c0:c0:5f:d3:
b0:49:a7:82:e9:84:df:d3:ca:57:c7:65:75:1d:06:fb:e5:1e:
e7:32:79:82:27:eb:9a:9a:5e:cc:41:9a:43:00:a5:be:e8:5c:
31:a6:58:72:7c:b2:94:96:2f:ca:69:c4:18:ad:77:e8:6b:e1:
3e:41:80:78:a1:18:05:b7:21:98:51:36:39:fc:27:87:6c:68:
28:ab:3b:c6:b1:b0:45:28:de:89:84:b8:1b:8e:67:be:a5:64:
0e:4c:49:8a:87:5e:44:54:f9:bc:4d:b4:e4:32:71:fb:5b:b3:
db:19:7f:cd:03:c7:81:37:48:c6:54:e3:4a:10:ee:f6:46:e2:
97:79:25:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS8q+hqARpITOPJ3IavWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmFmNmZhMjViOGQyYWNiMWI0NGRjZGQ1NTQzN2FiYTIy
MjZlOWUwHhcNMjMwMTAyMDIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTE0NzBjOWM4NGQ5YmFjMzY4NmZjNTIyZDdjOTk4ZTFkOGI2NjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdF1JpXkCxnMxvaiIo2Fhskf1baD
XkpKy/grKLhpeKcVWvl3JAjToNqrSORM4mCEVlfLNBcbLbTB5znCwTXmmqndQLch
alSDfCrPrQTcgE9f5q6n+R+HE7TQvXV4qN3OBaTYxHsiDRPCuNBSQ7XR0um8RZ0F
TT7JdDZP9b5nvjL/EDg9703B2k4Apv/xk+dEsAgHVfn2b3FzTFnrFnoa7yI2uS/e
5JE0uyCJZimrEGr0mEvAcUt6hR/Lp9ZjCMNg1UvRGNljAVpnBSRVKiIhxrquQkks
p6pj2jwp9KCjnlXOMZJ5r7DjTBElKSqYVW9P75P38yjqPEqqzL8ICJKq1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDkUcMnITZusNob8Ui18mY4di2YdMB8GA1UdIwQY
MBaAFMr69voluNKssbRNzdVUN6uiIm6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTIt
MGUzNTAwMTc3OGE1LzEvT1JSd3ljaE5tNncyaHZ4U0xYeVpqaDJMWmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTItMGUzNTAwMTc3OGE1
LzEveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUVtwAwQE
2RGQMA0GCSqGSIb3DQEBCwUAA4IBAQAeSx7eO2WTFPRfnflLKDy2x5rgN+IN3zOc
tXmM0WmkFRHg4RSFCLdYgCX0p7UC5w3K+1Z53Ug+Khm8Vagm+bar3jaztar8/Br0
an0AvvNVcytMvp9UaUOjBHNeoShwdLKAKU4KJeLLkLQzz0VEvq+lRmoBeuixiyTB
mcDAX9OwSaeC6YTf08pXx2V1HQb75R7nMnmCJ+uaml7MQZpDAKW+6FwxplhyfLKU
li/KacQYrXfoa+E+QYB4oRgFtyGYUTY5/CeHbGgoqzvGsbBFKN6JhLgbjme+pWQO
TEmKh15EVPm8TbTkMnH7W7PbGX/NA8eBN0jGVONKEO72RuKXeSWt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:22 2024 by rpki-client on console-ams.rpki-client.org