Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/lyYiBLnYk_qO3PZGBmiaKztcMw0.roa
File: lyYiBLnYk_qO3PZGBmiaKztcMw0.roa (raw, json)
Hash identifier: YT0Zjc6HftCao4WGYnz1NsqD67BgK7nbxagFhl1tiuA=
Subject key identifier: 97:26:22:04:B9:D8:93:FA:8E:DC:F6:46:06:68:9A:2B:3B:5C:33:0D
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 018CC3C30965AF44B9233DABB73588F8D0F2
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/lyYiBLnYk_qO3PZGBmiaKztcMw0.roa
Signing time: Mon 01 Jan 2024 06:43:08 +0000
ROA not before: Mon 01 Jan 2024 06:43:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49936
IP address blocks: 86.107.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:c3:09:65:af:44:b9:23:3d:ab:b7:35:88:f8:d0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Jan 1 06:43:08 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97262204b9d893fa8edcf64606689a2b3b5c330d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c8:d3:39:8f:18:fa:9d:dd:7a:01:d4:b3:36:
b6:90:1d:3c:61:9b:9e:ba:6c:bb:7a:d5:de:25:64:
b7:d6:2f:6b:48:bd:a1:e4:2d:0b:b1:9e:82:6e:fd:
11:65:03:9a:79:be:50:ed:6d:d5:ba:c5:0a:5f:49:
10:70:df:8c:8e:cc:bc:26:56:4f:ee:dc:08:dc:37:
49:93:0c:4e:4f:87:79:3e:ed:01:a4:f8:14:52:7f:
e9:e2:54:9b:8b:24:6c:83:0e:04:29:be:f7:fd:90:
8b:96:bc:c0:a4:c7:27:82:89:7e:0a:db:fb:a8:cc:
67:1e:fc:14:3a:d9:af:40:20:e2:2b:a9:f1:8c:46:
b6:25:1b:a1:db:d2:1b:84:78:af:6d:41:c8:18:81:
df:15:1b:01:77:2e:7b:da:cf:0b:36:e7:f8:7e:e3:
44:87:b2:89:c2:d8:30:17:85:9c:d4:b5:b5:01:87:
57:0a:45:fc:b1:a8:5d:47:14:9e:2d:2f:0a:66:cd:
8a:4f:b6:50:9c:7b:5f:12:9a:b9:c8:d6:19:b0:6d:
4d:e7:84:45:b7:41:23:8c:bf:24:bc:0d:ac:2e:41:
fd:85:c4:0a:c8:e3:11:7f:a1:26:d2:e1:33:e7:ed:
3f:7b:86:47:c5:6f:88:2e:03:5a:52:54:5f:6e:18:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:22:04:B9:D8:93:FA:8E:DC:F6:46:06:68:9A:2B:3B:5C:33:0D
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/lyYiBLnYk_qO3PZGBmiaKztcMw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.6.0/23
Signature Algorithm: sha256WithRSAEncryption
87:0a:3c:da:48:ee:c6:ed:2e:47:9a:1f:05:0c:a1:88:8f:15:
3e:d8:52:5c:39:82:18:26:ae:f5:19:4d:71:c6:23:ec:63:be:
72:58:bf:44:d0:5d:1e:06:93:c9:a2:54:1a:7a:68:a6:fb:11:
41:30:2a:46:de:01:75:c1:f9:3b:e3:ba:b3:a7:dd:03:c5:13:
de:49:f3:92:fa:24:d6:6b:10:f1:99:8d:88:54:76:79:2b:8f:
ca:73:5b:12:41:6f:ea:8d:df:f4:a7:4c:c0:3d:fe:51:19:6b:
62:8e:66:57:c9:d3:5b:ea:9b:20:c3:af:12:1e:5c:7d:ea:1a:
4e:ba:99:1d:a6:27:f0:5a:c3:30:cc:e1:42:d3:c1:0c:e9:d0:
91:cc:91:fc:46:b2:b0:aa:43:95:eb:7b:02:7b:7a:70:7e:df:
f2:47:30:cf:7f:20:07:ee:2f:3d:f6:db:ba:ed:71:ff:9f:3d:
36:f7:9f:5b:36:bc:17:7f:50:74:b6:a3:f3:d8:c7:e4:9d:da:
33:03:c0:b8:83:9e:3b:78:69:be:93:9b:9e:9a:eb:44:2d:34:
1d:26:20:36:70:87:56:90:38:44:33:c0:4e:fc:c0:1e:2b:48:
52:cc:91:98:61:9f:f9:ee:d3:3e:db:c9:48:e3:39:f3:47:11:
b5:10:2e:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDwwllr0S5Iz2rtzWI+NDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMTAxMDY0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI2MjIwNGI5ZDg5M2ZhOGVkY2Y2NDYwNjY4OWEyYjNiNWMzMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMjTOY8Y+p3degHUsza2kB08YZue
umy7etXeJWS31i9rSL2h5C0LsZ6Cbv0RZQOaeb5Q7W3VusUKX0kQcN+Mjsy8JlZP
7twI3DdJkwxOT4d5Pu0BpPgUUn/p4lSbiyRsgw4EKb73/ZCLlrzApMcngol+Ctv7
qMxnHvwUOtmvQCDiK6nxjEa2JRuh29IbhHivbUHIGIHfFRsBdy572s8LNuf4fuNE
h7KJwtgwF4Wc1LW1AYdXCkX8sahdRxSeLS8KZs2KT7ZQnHtfEpq5yNYZsG1N54RF
t0EjjL8kvA2sLkH9hcQKyOMRf6Em0uEz5+0/e4ZHxW+ILgNaUlRfbhgpvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcmIgS52JP6jtz2RgZomis7XDMNMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvbHlZaUJMbllrX3FPM1BaR0JtaWFLenRjTXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVmsGMA0G
CSqGSIb3DQEBCwUAA4IBAQCHCjzaSO7G7S5Hmh8FDKGIjxU+2FJcOYIYJq71GU1x
xiPsY75yWL9E0F0eBpPJolQaemim+xFBMCpG3gF1wfk747qzp90DxRPeSfOS+iTW
axDxmY2IVHZ5K4/Kc1sSQW/qjd/0p0zAPf5RGWtijmZXydNb6psgw68SHlx96hpO
upkdpifwWsMwzOFC08EM6dCRzJH8RrKwqkOV63sCe3pwft/yRzDPfyAH7i899tu6
7XH/nz02959bNrwXf1B0tqPz2MfkndozA8C4g547eGm+k5uemutELTQdJiA2cIdW
kDhEM8BO/MAeK0hSzJGYYZ/57tM+28lI4znzRxG1EC4M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:27 2024 by rpki-client on console-ams.rpki-client.org