Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YzftJumBvuwh09SQyarXd0zpaa4.roa
File: YzftJumBvuwh09SQyarXd0zpaa4.roa (raw, json)
Hash identifier: FStCLqlL98EhlKupcTiwC6YIZZff+kpqBqMGUvCvEMk=
Subject key identifier: 63:37:ED:26:E9:81:BE:EC:21:D3:D4:90:C9:AA:D7:77:4C:E9:69:AE
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018A458CB86BFB06DA46AF06895FB24CECB4
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YzftJumBvuwh09SQyarXd0zpaa4.roa
Signing time: Wed 30 Aug 2023 08:26:04 +0000
ROA not before: Wed 30 Aug 2023 08:26:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34073
IP address blocks: 87.246.172.0/24 maxlen: 24
81.198.73.0/24 maxlen: 24
81.198.192.0/22 maxlen: 22
87.110.220.0/24 maxlen: 24
2a02:2330:b2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:8c:b8:6b:fb:06:da:46:af:06:89:5f:b2:4c:ec:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Aug 30 08:26:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6337ed26e981beec21d3d490c9aad7774ce969ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:32:a9:d0:6f:14:8b:34:11:0e:b9:07:08:fb:
a3:c3:ea:e0:66:9d:82:69:7c:2b:3f:6c:c4:cd:8f:
5c:fd:58:eb:b8:96:13:b1:db:81:7c:0b:07:2a:1a:
f1:19:48:ff:a9:de:28:f9:6a:3c:6e:0c:12:06:00:
a2:4a:06:f5:d0:38:b2:8b:b0:7e:69:10:da:d4:f5:
3c:89:58:0d:87:ff:1a:fa:b1:d7:57:4d:92:57:f9:
93:ce:56:bc:b1:19:18:bf:12:a5:95:f9:c4:a4:76:
dc:41:b5:82:08:4b:51:26:79:6d:b4:54:e1:5b:34:
c5:96:79:ba:0f:c8:89:1b:0a:98:5e:5e:3c:44:5d:
b5:20:02:5f:37:6b:1a:72:89:ac:9a:7a:5a:c1:7f:
fe:c2:32:f2:68:05:00:fb:4d:1e:a6:c6:7f:69:e4:
28:08:1c:89:2b:30:2c:43:62:81:3c:d6:67:a8:1a:
6a:e6:74:7b:94:5b:32:b0:1b:70:62:36:e9:86:8f:
33:d4:e7:2e:67:75:a1:a6:41:24:75:e0:08:48:f5:
d5:0a:31:93:d4:32:76:1a:0a:fb:7a:3e:d9:45:05:
7d:4d:60:24:a8:00:a7:22:28:06:9e:71:9b:4b:9f:
78:e1:e7:69:c2:64:ca:11:e4:9f:32:ee:1f:e6:47:
5c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:37:ED:26:E9:81:BE:EC:21:D3:D4:90:C9:AA:D7:77:4C:E9:69:AE
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/YzftJumBvuwh09SQyarXd0zpaa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.198.73.0/24
81.198.192.0/22
87.110.220.0/24
87.246.172.0/24
IPv6:
2a02:2330:b2::/48
Signature Algorithm: sha256WithRSAEncryption
59:86:cb:8b:a5:34:c3:7f:4a:f9:3d:fe:05:f4:f3:11:7d:9a:
41:2d:7f:92:5f:8a:94:ec:f5:bd:30:17:66:b6:86:f8:d4:3d:
e5:17:18:5e:cb:11:79:45:fe:83:91:55:c5:87:64:93:5d:4c:
43:8c:6c:1a:58:b8:4a:27:16:ae:1c:b2:ee:80:15:31:46:b0:
e5:1d:6b:1b:6e:94:81:b1:77:d9:3a:d8:3e:70:68:cf:3e:ba:
52:46:04:3f:71:be:2a:82:05:a6:da:02:3c:9f:50:b7:5d:42:
cb:45:62:e6:22:47:5f:b3:24:b2:85:12:d2:ee:58:24:65:c3:
06:bd:43:6f:24:7c:10:18:16:4f:7c:5b:e8:c2:e2:92:e4:a5:
f1:c9:66:2c:e1:1e:df:9d:c0:69:31:63:2e:95:7f:0d:e7:0c:
f1:ec:98:17:95:ec:3e:74:0b:88:39:40:b6:e3:bc:ce:f5:2f:
9b:35:37:6b:f7:6e:b8:88:78:be:16:94:39:e9:41:e8:66:e8:
8b:b7:da:69:90:c1:6a:86:65:1d:42:d0:d3:5f:c2:cb:de:0d:
43:a4:54:34:ae:e6:f1:63:cb:7a:4a:ec:b4:d4:83:a0:70:c0:
fd:dd:3a:7c:59:68:c7:5e:80:3b:70:c2:08:68:45:91:53:4d:
42:b2:43:ec
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYpFjLhr+wbaRq8GiV+yTOy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwODMwMDgyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM3ZWQyNmU5ODFiZWVjMjFkM2Q0OTBjOWFhZDc3NzRjZTk2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjKp0G8UizQRDrkHCPujw+rgZp2C
aXwrP2zEzY9c/VjruJYTsduBfAsHKhrxGUj/qd4o+Wo8bgwSBgCiSgb10Diyi7B+
aRDa1PU8iVgNh/8a+rHXV02SV/mTzla8sRkYvxKllfnEpHbcQbWCCEtRJnlttFTh
WzTFlnm6D8iJGwqYXl48RF21IAJfN2sacomsmnpawX/+wjLyaAUA+00epsZ/aeQo
CByJKzAsQ2KBPNZnqBpq5nR7lFsysBtwYjbpho8z1OcuZ3WhpkEkdeAISPXVCjGT
1DJ2Ggr7ej7ZRQV9TWAkqACnIigGnnGbS5944edpwmTKEeSfMu4f5kdcxwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGM37Sbpgb7sIdPUkMmq13dM6WmuMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvWXpmdEp1bUJ2dXdoMDlTUXlhclhkMHpwYWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAUcZJAwQC
UcbAAwQAV27cAwQAV/asMA8EAgACMAkDBwAqAiMwALIwDQYJKoZIhvcNAQELBQAD
ggEBAFmGy4ulNMN/Svk9/gX08xF9mkEtf5JfipTs9b0wF2a2hvjUPeUXGF7LEXlF
/oORVcWHZJNdTEOMbBpYuEonFq4csu6AFTFGsOUdaxtulIGxd9k62D5waM8+ulJG
BD9xviqCBabaAjyfULddQstFYuYiR1+zJLKFEtLuWCRlwwa9Q28kfBAYFk98W+jC
4pLkpfHJZizhHt+dwGkxYy6Vfw3nDPHsmBeV7D50C4g5QLbjvM71L5s1N2v3briI
eL4WlDnpQehm6Iu32mmQwWqGZR1C0NNfwsveDUOkVDSu5vFjy3pK7LTUg6BwwP3d
OnxZaMdegDtwwghoRZFTTUKyQ+w=
-----END CERTIFICATE-----
Generated at Wed Aug 30 09:21:01 2023 by rpki-client on console-ams.rpki-client.org