Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/YyQH--WdrX8dIyK2Qbg3irY5oqc.roa
File: YyQH--WdrX8dIyK2Qbg3irY5oqc.roa (raw, json)
Hash identifier: Rl07+TDEQ2yXYiV0PBzy/AB+w0QpUOZD2PlRxr4CnXE=
Subject key identifier: 63:24:07:FB:E5:9D:AD:7F:1D:23:22:B6:41:B8:37:8A:B6:39:A2:A7
Certificate issuer: /CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Certificate serial: 018571D7AF90CE2E79080A25EACA73808D08
Authority key identifier: E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/YyQH--WdrX8dIyK2Qbg3irY5oqc.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39762
IP address blocks: 195.60.71.0/24 maxlen: 24
195.60.70.0/23 maxlen: 23
195.60.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:af:90:ce:2e:79:08:0a:25:ea:ca:73:80:8d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23c0c3e0106c965d460cd0c3cbc5e234f82a6b4
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=632407fbe59dad7f1d2322b641b8378ab639a2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:06:26:71:ac:69:f1:33:d0:be:87:c6:2a:1d:
1c:8b:0d:96:24:2f:4d:15:82:fe:fb:25:4a:d5:e9:
81:3f:01:88:75:8f:73:89:63:02:d2:80:72:a0:7d:
6d:d3:a1:62:8f:45:06:be:15:bb:af:63:5d:c1:4c:
8b:93:61:50:bc:44:10:5d:c8:06:e7:b0:17:d7:6c:
e7:51:fb:5e:db:e6:fc:90:26:e9:e9:fe:3d:91:92:
b2:b2:b5:c5:d3:6a:75:30:50:ea:72:f8:16:65:a5:
5e:d4:4d:8e:99:a5:43:db:fc:7d:75:a2:b8:d4:d5:
2c:b6:ed:d1:c2:a8:8a:15:72:25:b2:cc:51:57:13:
f6:b9:ad:ad:ab:c5:63:e1:6e:5d:41:12:74:c1:2e:
54:f4:d8:9f:01:4b:63:c5:af:39:96:23:0d:10:d5:
ed:50:51:0b:84:90:ee:43:25:74:e8:f8:ee:b7:1b:
e2:a8:48:a7:fd:3c:c6:9e:a0:ec:ae:60:fc:08:d9:
67:b4:9d:29:b8:01:b8:5a:8c:67:3c:e3:59:c9:2b:
dc:3c:b8:6f:0c:d1:47:91:92:5c:16:5e:51:c8:55:
01:2e:e4:72:ef:e2:0c:54:a5:f2:20:e7:d1:ba:8f:
11:12:48:5c:06:45:75:90:0e:4d:dc:3f:36:6a:30:
19:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:07:FB:E5:9D:AD:7F:1D:23:22:B6:41:B8:37:8A:B6:39:A2:A7
X509v3 Authority Key Identifier:
keyid:E2:3C:0C:3E:01:06:C9:65:D4:60:CD:0C:3C:BC:5E:23:4F:82:A6:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jwMPgEGyWXUYM0MPLxeI0-CprQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/YyQH--WdrX8dIyK2Qbg3irY5oqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/647f28-59cf-4d68-a50f-1764b03618fc/1/4jwMPgEGyWXUYM0MPLxeI0-CprQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.70.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:33:85:67:9c:0e:ff:19:52:fe:4a:83:14:62:a2:d1:1d:e1:
99:8e:27:05:fb:2a:37:ab:73:85:7e:01:61:67:31:77:0c:7b:
8b:78:f9:fe:35:b4:b8:12:df:02:07:30:b9:ca:01:82:77:25:
02:87:e7:11:47:42:e8:6b:40:bf:62:0e:12:fd:17:7a:77:1f:
11:a3:9d:a8:47:0c:46:81:0e:a0:37:95:c6:f5:49:1e:a0:0c:
c0:d7:17:e6:fd:55:46:b4:28:59:01:2e:99:3b:bb:35:7e:a7:
70:74:8f:7e:2f:86:c8:3b:6a:87:5f:ba:48:5a:fa:e5:f4:db:
b8:92:0f:12:5e:2c:8f:4b:ed:6f:bb:75:1a:f9:cd:d8:cb:97:
7f:3a:67:f8:fa:4f:a4:19:57:ae:d0:c5:57:0b:96:68:c5:ab:
9f:93:bc:54:ab:5c:6c:c7:ba:bd:f8:fa:98:d2:13:95:25:d6:
51:52:5a:1c:fc:b5:12:ae:aa:7d:6c:3f:ab:dd:60:72:d4:2d:
1c:15:26:0b:a6:8b:7f:65:11:4b:c7:a6:4b:50:6e:13:f3:ef:
0b:db:00:f9:f0:1b:9e:e4:d6:77:63:57:f3:27:cc:d6:31:4e:
82:b8:9e:c0:6e:78:46:08:f1:db:a4:45:db:e4:06:b0:8b:cf:
df:e3:75:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx16+Qzi55CAol6spzgI0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyM2MwYzNlMDEwNmM5NjVkNDYwY2QwYzNjYmM1ZTIzNGY4
MmE2YjQwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI0MDdmYmU1OWRhZDdmMWQyMzIyYjY0MWI4Mzc4YWI2MzlhMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwYmcaxp8TPQvofGKh0ciw2WJC9N
FYL++yVK1emBPwGIdY9ziWMC0oByoH1t06Fij0UGvhW7r2NdwUyLk2FQvEQQXcgG
57AX12znUfte2+b8kCbp6f49kZKysrXF02p1MFDqcvgWZaVe1E2OmaVD2/x9daK4
1NUstu3RwqiKFXIlssxRVxP2ua2tq8Vj4W5dQRJ0wS5U9NifAUtjxa85liMNENXt
UFELhJDuQyV06PjutxviqEin/TzGnqDsrmD8CNlntJ0puAG4WoxnPONZySvcPLhv
DNFHkZJcFl5RyFUBLuRy7+IMVKXyIOfRuo8REkhcBkV1kA5N3D82ajAZYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMkB/vlna1/HSMitkG4N4q2OaKnMB8GA1UdIwQY
MBaAFOI8DD4BBsll1GDNDDy8XiNPgqa0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGp3TVBnRUd5V1hVWU0wTVBMeGVJMC1DcHJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82NDdmMjgtNTljZi00ZDY4LWE1MGYt
MTc2NGIwMzYxOGZjLzEvWXlRSC0tV2RyWDhkSXlLMlFiZzNpclk1b3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82NDdmMjgtNTljZi00ZDY4LWE1MGYtMTc2NGIwMzYxOGZj
LzEvNGp3TVBnRUd5V1hVWU0wTVBMeGVJMC1DcHJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzxGMA0G
CSqGSIb3DQEBCwUAA4IBAQArM4VnnA7/GVL+SoMUYqLRHeGZjicF+yo3q3OFfgFh
ZzF3DHuLePn+NbS4Et8CBzC5ygGCdyUCh+cRR0Loa0C/Yg4S/Rd6dx8Ro52oRwxG
gQ6gN5XG9UkeoAzA1xfm/VVGtChZAS6ZO7s1fqdwdI9+L4bIO2qHX7pIWvrl9Nu4
kg8SXiyPS+1vu3Ua+c3Yy5d/Omf4+k+kGVeu0MVXC5Zoxaufk7xUq1xsx7q9+PqY
0hOVJdZRUloc/LUSrqp9bD+r3WBy1C0cFSYLpot/ZRFLx6ZLUG4T8+8L2wD58Bue
5NZ3Y1fzJ8zWMU6CuJ7AbnhGCPHbpEXb5Aawi8/f43Up
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org