Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YbUP1IBdnmw-ANG_0rQPKagBXEs.roa
File: YbUP1IBdnmw-ANG_0rQPKagBXEs.roa (raw, json)
Hash identifier: UkALMAH8XavjScpAGNhdwF9Q6lyUhfSq7sLM7e2zF58=
Subject key identifier: 61:B5:0F:D4:80:5D:9E:6C:3E:00:D1:BF:D2:B4:0F:29:A8:01:5C:4B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01890334C65A6EB0EF08D144D41B5B4C0FDA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YbUP1IBdnmw-ANG_0rQPKagBXEs.roa
Signing time: Wed 28 Jun 2023 18:12:17 +0000
ROA not before: Wed 28 Jun 2023 18:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 93.115.254.0/24 maxlen: 24
178.239.204.0/24 maxlen: 24
93.114.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 07:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:03:34:c6:5a:6e:b0:ef:08:d1:44:d4:1b:5b:4c:0f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 28 18:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61b50fd4805d9e6c3e00d1bfd2b40f29a8015c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:04:46:0b:c2:87:1d:3e:4a:29:2e:47:62:55:
b4:ff:50:67:7e:de:a2:ac:ed:52:e1:e4:f1:71:e9:
f9:3b:d2:42:a4:97:0e:22:95:47:6e:7c:4f:02:97:
b6:60:e6:cd:11:cd:4a:fe:50:4d:d3:7f:2c:aa:10:
33:6d:a6:5c:65:14:b6:59:b9:68:e6:34:71:6a:24:
8e:60:11:6b:93:10:6e:77:95:b3:fe:1a:f2:29:a7:
32:04:1c:c7:24:96:72:2c:49:11:c0:80:11:ed:a5:
3f:10:aa:7f:0f:a5:38:31:69:ad:a9:77:0f:1b:cc:
c9:0d:a0:4d:cf:63:01:13:04:05:2a:85:75:63:cc:
15:3b:d5:c4:47:cb:f4:4d:f1:49:65:49:40:e2:c4:
96:f7:d6:15:a2:c1:1a:dc:48:f9:b2:56:94:9b:7d:
d1:68:97:57:2b:d8:ef:14:5a:e4:38:c9:c6:ee:10:
26:86:05:95:a9:93:63:48:7d:71:07:64:db:63:8d:
d6:a0:99:35:5a:0e:12:1c:33:87:e1:c4:ad:a4:13:
55:b3:3b:4d:57:ad:4b:53:cd:ff:6c:2a:a2:68:8a:
5d:7f:40:05:09:85:8d:6b:d1:06:b9:62:01:8b:ca:
35:a5:17:db:2c:8e:53:fe:c9:ec:05:cc:8c:83:3b:
01:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B5:0F:D4:80:5D:9E:6C:3E:00:D1:BF:D2:B4:0F:29:A8:01:5C:4B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YbUP1IBdnmw-ANG_0rQPKagBXEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.193.0/24
93.115.254.0/24
178.239.204.0/24
Signature Algorithm: sha256WithRSAEncryption
71:2b:f5:f7:77:bd:78:7a:da:ec:db:c9:1c:8f:dd:a9:95:72:
4c:61:63:fb:0d:9a:d8:38:5d:3a:04:6a:71:c3:89:fc:33:19:
a2:43:e1:29:c0:0a:20:24:ea:4c:19:ed:c4:b3:8b:75:95:a4:
d5:76:ee:52:e8:f3:89:c1:7d:18:57:b9:15:b3:b6:f1:bb:34:
70:62:bc:76:83:ac:f2:44:1e:63:58:92:a6:56:5b:95:79:2f:
1c:0e:e9:42:c1:c7:d8:b3:8c:83:d7:b6:94:74:c6:8a:bf:c6:
fa:1d:5a:e0:0a:f6:92:e6:37:94:79:ba:ec:a8:23:0b:7a:2c:
1c:5a:98:09:23:6c:e4:8f:e2:33:9e:b0:99:36:25:e9:b5:4f:
8c:5f:8f:ea:2b:b1:14:eb:70:26:e7:fc:2f:1e:02:4a:1d:4e:
fa:a3:f8:f0:fe:54:bd:2f:4f:79:98:9c:5a:2b:6d:98:d4:3f:
13:c1:e7:d8:71:52:96:9d:a6:f6:d1:53:88:9b:c4:09:af:51:
aa:0a:2c:ee:af:72:64:80:8f:01:9c:54:0f:47:22:e2:03:6d:
cc:ae:2f:2e:db:a6:d9:51:a1:14:9c:0c:06:09:43:a0:73:2b:
71:ff:a0:e5:1a:21:a2:47:06:1e:01:95:0e:14:2c:5b:39:c0:
81:9d:c4:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkDNMZabrDvCNFE1BtbTA/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjI4MTgxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI1MGZkNDgwNWQ5ZTZjM2UwMGQxYmZkMmI0MGYyOWE4MDE1YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygRGC8KHHT5KKS5HYlW0/1Bnft6i
rO1S4eTxcen5O9JCpJcOIpVHbnxPApe2YObNEc1K/lBN038sqhAzbaZcZRS2Wblo
5jRxaiSOYBFrkxBud5Wz/hryKacyBBzHJJZyLEkRwIAR7aU/EKp/D6U4MWmtqXcP
G8zJDaBNz2MBEwQFKoV1Y8wVO9XER8v0TfFJZUlA4sSW99YVosEa3Ej5slaUm33R
aJdXK9jvFFrkOMnG7hAmhgWVqZNjSH1xB2TbY43WoJk1Wg4SHDOH4cStpBNVsztN
V61LU83/bCqiaIpdf0AFCYWNa9EGuWIBi8o1pRfbLI5T/snsBcyMgzsBIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGG1D9SAXZ5sPgDRv9K0DymoAVxLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWWJVUDFJQmRubXctQU5HXzByUVBLYWdCWEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXLBAwQA
XXP+AwQAsu/MMA0GCSqGSIb3DQEBCwUAA4IBAQBxK/X3d714etrs28kcj92plXJM
YWP7DZrYOF06BGpxw4n8MxmiQ+EpwAogJOpMGe3Es4t1laTVdu5S6POJwX0YV7kV
s7bxuzRwYrx2g6zyRB5jWJKmVluVeS8cDulCwcfYs4yD17aUdMaKv8b6HVrgCvaS
5jeUebrsqCMLeiwcWpgJI2zkj+IznrCZNiXptU+MX4/qK7EU63Am5/wvHgJKHU76
o/jw/lS9L095mJxaK22Y1D8TwefYcVKWnab20VOIm8QJr1GqCizur3JkgI8BnFQP
RyLiA23Mri8u26bZUaEUnAwGCUOgcytx/6DlGiGiRwYeAZUOFCxbOcCBncTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org