Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/y-7Mfqu7nwnScis7ESJygWSJRvQ.roa
File: y-7Mfqu7nwnScis7ESJygWSJRvQ.roa (raw, json)
Hash identifier: Y4XmstkKvuzx77MHIBBDWRv8Wr5Z79jeHWQftPIXMoU=
Subject key identifier: CB:EE:CC:7E:AB:BB:9F:09:D2:72:2B:3B:11:22:72:81:64:89:46:F4
Certificate issuer: /CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Certificate serial: 01857002794C2DC8F64DD8A403A6992AD459
Authority key identifier: 9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/y-7Mfqu7nwnScis7ESJygWSJRvQ.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62320
IP address blocks: 89.45.84.0/22 maxlen: 24
185.39.228.0/22 maxlen: 24
2a01:4aa0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:79:4c:2d:c8:f6:4d:d8:a4:03:a6:99:2a:d4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbeecc7eabbb9f09d2722b3b11227281648946f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:21:c5:13:56:e4:b9:12:fc:a9:9e:24:fe:02:
04:15:07:60:1d:02:38:16:64:9f:d2:8b:c3:8e:0d:
36:81:ec:ec:98:bb:00:7b:04:c6:02:0f:e0:b9:25:
d9:52:bf:75:b0:56:01:6a:bd:b8:af:6e:5b:4b:66:
e7:7b:e3:2a:ae:e3:fe:92:1d:a0:35:bb:13:e9:52:
d9:53:62:7e:7b:75:7b:06:ca:45:b3:d6:53:bb:01:
32:6b:fe:86:d0:7c:a6:14:b8:f5:20:65:77:d2:e9:
a5:e3:e6:2a:51:e4:7c:40:9d:dd:f1:41:73:4f:51:
6d:38:ad:01:5d:ff:22:6b:18:d5:b6:ab:3d:3f:b2:
dd:2b:f3:f7:aa:3a:77:09:6c:71:8d:9b:3a:12:98:
13:cf:33:3c:c7:f9:c3:c3:61:23:79:6a:13:a6:4a:
fc:bb:cd:cf:a1:f0:fd:50:e5:bf:5f:b1:f1:c9:38:
65:23:c9:d4:63:68:02:7b:5c:ef:b9:03:ea:b3:8e:
d8:96:dd:c6:ec:fc:bd:f8:ab:b5:e0:09:6b:5b:f3:
36:38:71:05:32:f0:2e:ad:f5:61:90:cf:34:7f:76:
29:b8:12:96:49:f2:c0:ee:94:fb:66:43:1f:0a:67:
99:c6:b3:7a:0f:4d:ae:4f:4c:d2:fa:87:33:c3:33:
9b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EE:CC:7E:AB:BB:9F:09:D2:72:2B:3B:11:22:72:81:64:89:46:F4
X509v3 Authority Key Identifier:
keyid:9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/y-7Mfqu7nwnScis7ESJygWSJRvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/mufWYa_KPTNwuOY0SU1SRrg9WF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.84.0/22
185.39.228.0/22
IPv6:
2a01:4aa0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:ec:73:e6:97:6d:3d:54:21:5c:98:22:18:3a:24:d8:4f:7d:
c1:e0:d6:fb:86:03:2b:5c:4e:2e:d0:04:5d:e0:ae:b5:3e:3a:
62:8b:1d:5c:94:07:68:d3:95:b1:0b:c9:57:18:73:8f:e9:4a:
61:d5:3f:60:07:11:50:3d:3f:5c:b0:ce:32:23:24:09:ce:aa:
d6:77:8c:8e:29:43:2d:b2:5f:aa:41:a3:64:f6:fc:56:b1:c1:
9f:6a:97:ec:4b:81:a1:4f:13:5b:a6:d9:42:15:6d:07:8a:0d:
60:48:88:1a:9e:b9:1b:7c:f2:70:52:6a:df:9a:41:c1:78:14:
a5:f4:fb:e6:57:47:7d:f0:ea:ab:6f:2d:cb:45:68:f7:25:fa:
4f:2e:60:12:58:8a:57:19:94:57:0b:a8:74:7e:7c:b1:22:10:
01:0a:14:de:5c:18:03:ab:17:62:27:6c:e5:d0:b7:40:f3:86:
40:78:c3:43:91:90:e3:be:e3:4c:e5:9f:c6:2f:5a:71:47:ee:
c5:35:e4:25:b3:d1:b2:39:ee:bf:35:a0:05:62:1c:20:bc:c6:
56:cf:bd:bd:86:9c:b7:f9:80:08:f9:29:ed:1a:34:5e:e1:72:
65:0d:44:a6:e5:95:0e:95:f0:99:7d:ef:d3:fc:1d:4e:d3:60:
79:f5:f7:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwAnlMLcj2TdikA6aZKtRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTdkNjYxYWZjYTNkMzM3MGI4ZTYzNDQ5NGQ1MjQ2Yjgz
ZDU4NWYwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVlY2M3ZWFiYmI5ZjA5ZDI3MjJiM2IxMTIyNzI4MTY0ODk0NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziHFE1bkuRL8qZ4k/gIEFQdgHQI4
FmSf0ovDjg02gezsmLsAewTGAg/guSXZUr91sFYBar24r25bS2bne+MqruP+kh2g
NbsT6VLZU2J+e3V7BspFs9ZTuwEya/6G0HymFLj1IGV30uml4+YqUeR8QJ3d8UFz
T1FtOK0BXf8iaxjVtqs9P7LdK/P3qjp3CWxxjZs6EpgTzzM8x/nDw2EjeWoTpkr8
u83PofD9UOW/X7HxyThlI8nUY2gCe1zvuQPqs47Ylt3G7Py9+Ku14AlrW/M2OHEF
MvAurfVhkM80f3YpuBKWSfLA7pT7ZkMfCmeZxrN6D02uT0zS+oczwzObzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMvuzH6ru58J0nIrOxEicoFkiUb0MB8GA1UdIwQY
MBaAFJrn1mGvyj0zcLjmNElNUka4PVhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMt
M2I2OGE0OWRjMDQyLzEveS03TWZxdTdud25TY2lzN0VTSnlnV1NKUnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMtM2I2OGE0OWRjMDQy
LzEvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWS1UAwQC
uSfkMA0EAgACMAcDBQAqAUqgMA0GCSqGSIb3DQEBCwUAA4IBAQAr7HPml209VCFc
mCIYOiTYT33B4Nb7hgMrXE4u0ARd4K61Pjpiix1clAdo05WxC8lXGHOP6Uph1T9g
BxFQPT9csM4yIyQJzqrWd4yOKUMtsl+qQaNk9vxWscGfapfsS4GhTxNbptlCFW0H
ig1gSIganrkbfPJwUmrfmkHBeBSl9PvmV0d98Oqrby3LRWj3JfpPLmASWIpXGZRX
C6h0fnyxIhABChTeXBgDqxdiJ2zl0LdA84ZAeMNDkZDjvuNM5Z/GL1pxR+7FNeQl
s9GyOe6/NaAFYhwgvMZWz729hpy3+YAI+SntGjRe4XJlDUSm5ZUOlfCZfe/T/B1O
02B59fcE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:14 2024 by rpki-client on console-ams.rpki-client.org