Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yyJFPD9STXOOYSxrYSAtBAF2v-I.roa
File: yyJFPD9STXOOYSxrYSAtBAF2v-I.roa (raw, json)
Hash identifier: 6yo+ZE1FyAREJOqQ5VTactKiEZt6403wbWa+yy3AzYg=
Subject key identifier: CB:22:45:3C:3F:52:4D:73:8E:61:2C:6B:61:20:2D:04:01:76:BF:E2
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018CCA993BBE5FEDCE01F2222886B18C9727
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yyJFPD9STXOOYSxrYSAtBAF2v-I.roa
Signing time: Tue 02 Jan 2024 14:34:48 +0000
ROA not before: Tue 02 Jan 2024 14:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209079
IP address blocks: 87.107.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 10:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:3b:be:5f:ed:ce:01:f2:22:28:86:b1:8c:97:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 2 14:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb22453c3f524d738e612c6b61202d040176bfe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:27:30:c8:50:b1:c3:35:4c:7e:16:8f:1d:
89:91:96:3a:a7:6f:aa:3b:d9:48:24:10:1a:52:7e:
f9:f5:6f:1e:6c:25:9a:69:73:35:44:6b:17:11:fb:
a6:b3:2c:52:23:59:19:3c:5a:a8:5d:81:9e:62:f7:
5e:88:40:f5:e8:94:18:23:60:fc:3f:bb:bc:4a:2a:
67:9d:9c:68:ad:c2:d3:bf:27:71:3d:2a:5c:8e:42:
44:5c:81:39:a3:97:30:69:78:24:74:46:f4:af:c3:
0b:b0:af:f4:ec:80:d4:6e:a9:d0:a4:d4:2d:d4:7d:
14:65:8c:39:4b:7e:be:6b:c4:0d:ce:8e:10:d5:08:
c7:67:99:b0:f0:45:be:9a:b3:0b:b0:a7:46:37:03:
a9:13:5f:ee:9e:f5:d8:49:a1:c7:fa:75:3f:aa:d0:
0d:c1:60:c0:50:53:c3:a8:a1:f4:0a:65:c2:01:9e:
a7:60:10:16:4c:2c:71:56:b9:05:f2:1e:30:04:d4:
08:6f:7d:43:dc:07:27:d3:e4:b8:fb:14:fb:e4:41:
60:44:29:d5:66:b5:98:ea:65:24:b2:0f:34:ce:a8:
58:70:f0:cc:b6:a4:eb:6c:18:92:8b:7d:6f:c0:72:
1d:6c:c4:ed:fa:41:00:af:5d:c9:13:b8:45:53:69:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:22:45:3C:3F:52:4D:73:8E:61:2C:6B:61:20:2D:04:01:76:BF:E2
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/yyJFPD9STXOOYSxrYSAtBAF2v-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.20.0/22
Signature Algorithm: sha256WithRSAEncryption
94:2d:90:4f:59:58:16:f5:3b:aa:f4:f4:14:56:cf:92:af:43:
fe:42:10:59:3c:0e:18:45:23:86:65:52:64:c9:73:b7:0d:c1:
9b:b3:1b:29:15:ba:62:1f:e2:1e:74:49:6b:c7:03:4c:77:ad:
a7:4a:e6:18:cc:01:ad:86:3e:bc:51:21:d2:72:8d:cd:27:43:
2d:e2:61:78:fb:00:87:9d:1b:c8:ce:1c:dc:7c:b6:ab:90:65:
d3:f3:7e:ab:a1:93:d7:4c:45:dc:e5:e4:c1:57:f5:69:5c:29:
f4:2d:df:e8:37:66:f4:89:0e:d9:6d:c6:ae:77:a7:26:3d:cd:
a4:1e:fa:e2:cb:a9:8c:6f:34:2e:91:73:ef:d6:23:45:2e:8e:
1f:fc:f1:a3:7b:ff:3d:d0:71:b0:f0:8b:d9:47:05:9a:b8:8f:
54:8f:fb:c0:04:7f:fe:4c:79:6a:be:8e:3a:54:5b:f7:51:72:
d6:7c:b1:72:88:75:97:16:da:d0:29:42:72:ba:2f:a4:98:21:
31:11:7c:74:aa:cf:26:dd:bf:de:54:fa:f9:3e:ed:6c:b9:12:
7e:f7:7b:96:e4:f2:1c:e5:bb:a1:5a:61:1f:b0:97:8c:1c:0d:
7e:ce:ab:5a:62:98:d7:4d:3f:35:d8:d9:e5:c4:14:d9:14:a2:
46:3b:00:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmTu+X+3OAfIiKIaxjJcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMTAyMTQzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjIyNDUzYzNmNTI0ZDczOGU2MTJjNmI2MTIwMmQwNDAxNzZiZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGcnMMhQscM1TH4Wjx2JkZY6p2+q
O9lIJBAaUn759W8ebCWaaXM1RGsXEfumsyxSI1kZPFqoXYGeYvdeiED16JQYI2D8
P7u8SipnnZxorcLTvydxPSpcjkJEXIE5o5cwaXgkdEb0r8MLsK/07IDUbqnQpNQt
1H0UZYw5S36+a8QNzo4Q1QjHZ5mw8EW+mrMLsKdGNwOpE1/unvXYSaHH+nU/qtAN
wWDAUFPDqKH0CmXCAZ6nYBAWTCxxVrkF8h4wBNQIb31D3Acn0+S4+xT75EFgRCnV
ZrWY6mUksg80zqhYcPDMtqTrbBiSi31vwHIdbMTt+kEAr13JE7hFU2kvdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsiRTw/Uk1zjmEsa2EgLQQBdr/iMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEveXlKRlBEOVNUWE9PWVN4cllTQXRCQUYydi1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV2sUMA0G
CSqGSIb3DQEBCwUAA4IBAQCULZBPWVgW9Tuq9PQUVs+Sr0P+QhBZPA4YRSOGZVJk
yXO3DcGbsxspFbpiH+IedElrxwNMd62nSuYYzAGthj68USHSco3NJ0Mt4mF4+wCH
nRvIzhzcfLarkGXT836roZPXTEXc5eTBV/VpXCn0Ld/oN2b0iQ7Zbcaud6cmPc2k
Hvriy6mMbzQukXPv1iNFLo4f/PGje/890HGw8IvZRwWauI9Uj/vABH/+THlqvo46
VFv3UXLWfLFyiHWXFtrQKUJyui+kmCExEXx0qs8m3b/eVPr5Pu1suRJ+93uW5PIc
5buhWmEfsJeMHA1+zqtaYpjXTT812NnlxBTZFKJGOwCD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:07 2025 by rpki-client