Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/yYNEZobKhtfmlS2iOgoFLMKQv3E.roa
File: yYNEZobKhtfmlS2iOgoFLMKQv3E.roa (raw, json)
Hash identifier: YspNO2OrDBddiM0xjn1wyqG+kX2gd7FVzgwNjq+GIIc=
Subject key identifier: C9:83:44:66:86:CA:86:D7:E6:95:2D:A2:3A:0A:05:2C:C2:90:BF:71
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 0191E1DBDF33E6009E7410D16D452095CBE4
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/yYNEZobKhtfmlS2iOgoFLMKQv3E.roa
Signing time: Wed 11 Sep 2024 16:12:48 +0000
ROA not before: Wed 11 Sep 2024 16:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 146.19.142.0/24 maxlen: 24
185.218.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 17:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:db:df:33:e6:00:9e:74:10:d1:6d:45:20:95:cb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Sep 11 16:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c983446686ca86d7e6952da23a0a052cc290bf71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:28:e3:46:27:5e:ce:84:43:de:be:30:32:e9:
8a:8b:07:14:5c:d5:e1:b0:25:7f:22:5e:0f:27:c8:
4a:88:6c:56:0e:87:b8:21:42:b4:00:77:8e:01:dc:
33:88:9b:98:d6:97:fd:9a:4a:e1:77:51:b4:b1:ea:
bc:25:f1:ac:53:00:65:be:7d:c4:d6:e6:92:2d:95:
10:69:1f:d9:8e:7b:ef:f2:ee:c8:a5:42:52:16:b6:
68:3c:0a:22:5e:42:0f:22:cd:0a:08:88:df:96:e3:
a8:9b:0f:27:d7:77:23:24:31:fe:9b:5c:e4:8c:90:
b3:91:94:90:d2:08:cc:d0:a4:42:b1:64:32:cf:32:
4e:41:ae:95:d1:bd:cc:ec:90:16:ac:cd:19:38:7f:
33:1f:64:cc:32:ef:ad:47:68:82:23:16:6b:68:b2:
92:0b:3c:60:9c:89:28:9c:26:62:80:2b:ce:82:1a:
d0:c7:47:c5:36:f1:fe:f9:9b:f9:a9:cd:7e:a5:c6:
74:b9:9f:41:31:cc:93:b7:e3:5e:57:56:b7:a4:73:
cb:99:61:a3:97:ae:d9:f3:f7:41:57:88:be:61:f9:
c4:ce:20:0d:ae:20:00:ef:67:16:c4:e9:fd:f8:33:
1f:b1:48:f7:37:73:8e:f9:ea:c2:7a:8f:1d:1b:fb:
6d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:83:44:66:86:CA:86:D7:E6:95:2D:A2:3A:0A:05:2C:C2:90:BF:71
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/yYNEZobKhtfmlS2iOgoFLMKQv3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.142.0/24
185.218.184.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2a:71:b1:93:80:d9:22:f6:1e:01:d8:df:84:76:10:b4:3c:
ab:87:98:02:55:c6:f8:42:69:1b:a9:1e:3c:92:d9:d5:29:a9:
b3:73:d0:65:80:e0:fe:0f:45:08:9f:8a:54:86:4a:3f:56:c2:
3a:41:09:39:cc:78:28:17:c8:23:79:1c:e1:aa:5c:aa:e7:e8:
c6:e5:f3:83:84:f2:ce:26:51:4f:97:7b:55:ed:58:f6:ad:ec:
87:41:73:69:90:78:c0:d6:d4:02:b3:1f:ea:78:a1:6f:e7:67:
49:5f:7a:a8:1d:63:42:37:d5:35:cd:58:ae:b4:c3:71:f6:cf:
b1:ef:3a:6c:a5:d4:7c:a9:8b:68:3b:44:f9:b5:a2:30:af:ef:
0a:f8:92:f9:a1:3b:c0:f6:5f:27:a3:1c:26:05:27:84:f7:f6:
0f:9e:df:0a:83:dc:2a:fa:78:d3:9a:fa:7f:6e:c0:d5:7e:80:
bf:90:01:3c:1f:b3:2c:b2:b5:ce:05:fa:ff:d5:58:6b:fc:f7:
69:98:91:5e:8a:78:e8:fd:e3:84:59:be:54:85:0e:6a:b5:5f:
49:10:fe:f1:2b:fb:53:b5:c8:c8:6f:6a:18:67:fa:09:21:4d:
96:3a:fa:ca:36:b8:64:d5:e1:d1:27:0b:3e:7e:e7:1a:b6:a9:
13:1a:7c:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHh298z5gCedBDRbUUglcvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQwOTExMTYxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgzNDQ2Njg2Y2E4NmQ3ZTY5NTJkYTIzYTBhMDUyY2MyOTBiZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyjjRidezoRD3r4wMumKiwcUXNXh
sCV/Il4PJ8hKiGxWDoe4IUK0AHeOAdwziJuY1pf9mkrhd1G0seq8JfGsUwBlvn3E
1uaSLZUQaR/Zjnvv8u7IpUJSFrZoPAoiXkIPIs0KCIjfluOomw8n13cjJDH+m1zk
jJCzkZSQ0gjM0KRCsWQyzzJOQa6V0b3M7JAWrM0ZOH8zH2TMMu+tR2iCIxZraLKS
CzxgnIkonCZigCvOghrQx0fFNvH++Zv5qc1+pcZ0uZ9BMcyTt+NeV1a3pHPLmWGj
l67Z8/dBV4i+YfnEziANriAA72cWxOn9+DMfsUj3N3OO+erCeo8dG/ttCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmDRGaGyobX5pUtojoKBSzCkL9xMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEveVlORVpvYktodGZtbFMyaU9nb0ZMTUtRdjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhOOAwQA
udq4MA0GCSqGSIb3DQEBCwUAA4IBAQAjKnGxk4DZIvYeAdjfhHYQtDyrh5gCVcb4
QmkbqR48ktnVKamzc9BlgOD+D0UIn4pUhko/VsI6QQk5zHgoF8gjeRzhqlyq5+jG
5fODhPLOJlFPl3tV7Vj2reyHQXNpkHjA1tQCsx/qeKFv52dJX3qoHWNCN9U1zViu
tMNx9s+x7zpspdR8qYtoO0T5taIwr+8K+JL5oTvA9l8noxwmBSeE9/YPnt8Kg9wq
+njTmvp/bsDVfoC/kAE8H7MssrXOBfr/1Vhr/PdpmJFeinjo/eOEWb5UhQ5qtV9J
EP7xK/tTtcjIb2oYZ/oJIU2WOvrKNrhk1eHRJws+fucatqkTGnzC
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:49 2024 by rpki-client on console-ams.rpki-client.org