Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yqYjZmIeQaH9nx7u_jBAPlcyouc.roa
File: yqYjZmIeQaH9nx7u_jBAPlcyouc.roa (raw, json)
Hash identifier: r1KhCDH6sdUbDdViBEdkWOS3eB6SZ/qjFAl+pHRJqDQ=
Subject key identifier: CA:A6:23:66:62:1E:41:A1:FD:9F:1E:EE:FE:30:40:3E:57:32:A2:E7
Certificate issuer: /CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Certificate serial: 01870C85C8D05B2E0D5A0789728B40808576
Authority key identifier: CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yqYjZmIeQaH9nx7u_jBAPlcyouc.roa
Signing time: Thu 23 Mar 2023 03:31:46 +0000
ROA not before: Thu 23 Mar 2023 03:31:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29060
IP address blocks: 217.17.144.0/20 maxlen: 24
81.162.128.0/18 maxlen: 18
81.91.112.0/20 maxlen: 24
37.246.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0c:85:c8:d0:5b:2e:0d:5a:07:89:72:8b:40:80:85:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafaf6fa25b8d2acb1b44dcdd55437aba2226e9e
Validity
Not Before: Mar 23 03:31:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=caa62366621e41a1fd9f1eeefe30403e5732a2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:0a:23:25:bc:1e:fe:cf:03:30:32:ab:95:
be:e5:33:b6:8e:7f:0a:b9:a5:2a:3a:89:5e:df:e0:
3c:13:5e:1b:39:ef:4c:fa:3f:31:00:d5:33:fa:8f:
a2:a7:f5:ce:ff:d4:d7:07:e1:24:a7:9e:b0:44:16:
cd:96:4a:37:a7:be:99:47:e7:a0:c9:3a:cf:5d:13:
c7:e7:b4:88:24:d4:5d:77:8c:15:a2:4d:53:4b:4f:
71:e3:1e:43:9f:52:b9:fd:95:aa:ca:f7:95:a0:f3:
2c:a8:86:6b:9c:9c:96:a1:56:53:3b:8f:7c:08:2e:
bf:ca:01:ca:02:9e:e2:82:7f:92:b2:60:ca:f0:9a:
62:d2:a3:e0:09:76:31:c8:26:9c:22:37:34:84:9f:
eb:06:36:3e:5d:59:54:85:32:c7:f2:85:61:fe:65:
3b:89:fc:6d:30:04:5b:9d:a5:03:c9:5e:06:6d:b6:
03:9a:7d:80:aa:ae:1c:77:3f:b4:63:c2:c0:00:72:
c5:64:f5:47:22:fd:ce:c3:46:f6:ad:26:b2:21:59:
65:c0:22:33:db:89:92:28:8b:ba:2e:fb:6b:18:10:
2a:d1:6e:26:c1:9a:8d:d2:af:05:b3:c3:d4:09:c5:
22:d5:0b:0f:eb:01:63:d5:85:ba:9a:a1:e9:92:35:
54:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A6:23:66:62:1E:41:A1:FD:9F:1E:EE:FE:30:40:3E:57:32:A2:E7
X509v3 Authority Key Identifier:
keyid:CA:FA:F6:FA:25:B8:D2:AC:B1:B4:4D:CD:D5:54:37:AB:A2:22:6E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvr2-iW40qyxtE3N1VQ3q6Iibp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yqYjZmIeQaH9nx7u_jBAPlcyouc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9c6507-9d7f-42c7-9d12-0e35001778a5/1/yvr2-iW40qyxtE3N1VQ3q6Iibp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.246.0.0/16
81.91.112.0/20
81.162.128.0/18
217.17.144.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:83:2c:bb:8e:db:09:a9:2e:a9:54:6c:ee:0c:1c:82:60:39:
4c:21:da:bd:2a:3c:b7:d4:6f:b2:2d:97:cc:6a:e0:0a:bd:79:
13:af:ec:33:a8:df:91:8f:0a:7b:83:ac:24:f1:b6:ff:b0:2b:
b2:8b:01:95:15:8b:4a:ee:42:3a:28:08:18:0d:b5:bd:e8:6f:
d7:86:bb:99:bd:a3:e4:f2:9e:83:d3:ee:14:5b:fa:d6:92:fc:
93:cb:d4:08:40:2b:8e:3c:91:19:2b:f9:5e:f2:54:e5:39:95:
82:ba:8e:c3:27:63:72:5c:41:a5:03:57:54:41:67:b6:8b:33:
9e:b1:be:62:36:c4:7d:77:f7:98:ec:e3:af:12:37:4c:4b:b7:
8e:66:31:fc:00:4a:af:54:07:db:a0:21:1d:67:4e:03:40:1e:
64:18:cb:4f:5f:17:b5:2f:5b:8b:71:37:c6:83:2a:df:cc:da:
1e:91:38:c3:bf:2f:28:c6:ee:37:ca:da:59:db:80:f1:8f:b5:
29:5a:93:9d:1b:97:9f:38:ac:fe:59:42:3c:15:a4:ee:3a:7b:
ac:83:f6:b1:d9:87:c6:6a:45:98:14:b3:e8:a5:f8:7b:01:eb:
01:e6:66:ae:9d:99:48:d1:db:47:73:22:13:c3:12:e6:91:50:
cf:39:b9:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcMhcjQWy4NWgeJcotAgIV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmFmNmZhMjViOGQyYWNiMWI0NGRjZGQ1NTQzN2FiYTIy
MjZlOWUwHhcNMjMwMzIzMDMzMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWE2MjM2NjYyMWU0MWExZmQ5ZjFlZWVmZTMwNDAzZTU3MzJhMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml4KIyW8Hv7PAzAyq5W+5TO2jn8K
uaUqOole3+A8E14bOe9M+j8xANUz+o+ip/XO/9TXB+Ekp56wRBbNlko3p76ZR+eg
yTrPXRPH57SIJNRdd4wVok1TS09x4x5Dn1K5/ZWqyveVoPMsqIZrnJyWoVZTO498
CC6/ygHKAp7ign+SsmDK8Jpi0qPgCXYxyCacIjc0hJ/rBjY+XVlUhTLH8oVh/mU7
ifxtMARbnaUDyV4GbbYDmn2Aqq4cdz+0Y8LAAHLFZPVHIv3Ow0b2rSayIVllwCIz
24mSKIu6LvtrGBAq0W4mwZqN0q8Fs8PUCcUi1QsP6wFj1YW6mqHpkjVUqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqmI2ZiHkGh/Z8e7v4wQD5XMqLnMB8GA1UdIwQY
MBaAFMr69voluNKssbRNzdVUN6uiIm6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTIt
MGUzNTAwMTc3OGE1LzEveXFZalptSWVRYUg5bng3dV9qQkFQbGN5b3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85YzY1MDctOWQ3Zi00MmM3LTlkMTItMGUzNTAwMTc3OGE1
LzEveXZyMi1pVzQwcXl4dEUzTjFWUTNxNklpYnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwMAJfYDBARR
W3ADBAZRooADBATZEZAwDQYJKoZIhvcNAQELBQADggEBAGyDLLuO2wmpLqlUbO4M
HIJgOUwh2r0qPLfUb7Itl8xq4Aq9eROv7DOo35GPCnuDrCTxtv+wK7KLAZUVi0ru
QjooCBgNtb3ob9eGu5m9o+TynoPT7hRb+taS/JPL1AhAK448kRkr+V7yVOU5lYK6
jsMnY3JcQaUDV1RBZ7aLM56xvmI2xH1395js468SN0xLt45mMfwASq9UB9ugIR1n
TgNAHmQYy09fF7UvW4txN8aDKt/M2h6ROMO/LyjG7jfK2lnbgPGPtSlak50bl584
rP5ZQjwVpO46e6yD9rHZh8ZqRZgUs+il+HsB6wHmZq6dmUjR20dzIhPDEuaRUM85
uSo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:22 2024 by rpki-client on console-ams.rpki-client.org