Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/YJiwU_T4XCG2iVr5xNpzRGZYdqE.roa
File: YJiwU_T4XCG2iVr5xNpzRGZYdqE.roa (raw, json)
Hash identifier: Kf+vi+1FxlVPxChvhgzPruzIB7GTpiFVeIiKQF88tjk=
Subject key identifier: 60:98:B0:53:F4:F8:5C:21:B6:89:5A:F9:C4:DA:73:44:66:58:76:A1
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018CAFDFA35C7C15F0B92482B8CA026ECD0E
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/YJiwU_T4XCG2iVr5xNpzRGZYdqE.roa
Signing time: Thu 28 Dec 2023 10:01:58 +0000
ROA not before: Thu 28 Dec 2023 10:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47891
IP address blocks: 185.90.96.0/22 maxlen: 24
91.206.156.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
2a05:df00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:af:df:a3:5c:7c:15:f0:b9:24:82:b8:ca:02:6e:cd:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Dec 28 10:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6098b053f4f85c21b6895af9c4da7344665876a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8a:42:e2:f7:da:b7:9c:ce:20:84:fa:98:0d:
50:ad:ff:1a:24:f1:e2:6e:4e:2f:1e:f6:fe:ca:7f:
0b:f7:82:c6:14:94:9d:f6:0d:7e:6b:67:c6:9f:14:
f8:e9:24:66:1f:c4:33:46:3b:9e:55:74:e5:1d:1c:
d8:89:b5:51:3e:f7:6f:3c:7e:be:9b:ae:fe:47:87:
97:60:da:48:b0:dd:20:6e:d8:49:35:22:fd:45:f4:
9d:ad:54:71:4c:f9:a1:a1:13:20:df:4b:33:28:0b:
20:15:61:29:a4:72:4e:d8:36:ed:3f:eb:d9:a3:84:
16:8c:0c:a7:fb:e6:2a:e4:d0:ab:e9:48:ac:62:e2:
f9:6e:33:ac:c1:3e:cd:67:04:b3:a5:a4:42:26:98:
3a:10:85:b4:7f:c7:93:c2:c4:40:0a:33:78:b0:f3:
d3:cc:6e:a0:0b:96:7c:5d:19:00:d6:ce:18:6f:e6:
66:1d:7b:ab:19:5a:9c:f0:23:03:d6:2f:01:f0:a2:
29:8c:01:e9:bb:3e:27:96:f0:d7:27:33:3a:04:5b:
6a:e1:5a:26:c4:28:93:de:4e:88:2f:54:37:0c:48:
7f:f1:7a:56:a1:be:89:4b:06:ec:ae:ea:fe:56:f6:
81:46:03:48:7a:ab:53:68:9e:42:38:e7:43:95:c4:
bb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:98:B0:53:F4:F8:5C:21:B6:89:5A:F9:C4:DA:73:44:66:58:76:A1
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/YJiwU_T4XCG2iVr5xNpzRGZYdqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.156.0/23
91.229.230.0/23
185.90.96.0/22
IPv6:
2a05:df00::/29
Signature Algorithm: sha256WithRSAEncryption
82:d4:45:d3:59:cd:39:dd:3a:8c:ce:3d:bb:53:1c:e8:98:bb:
ac:b7:8d:8c:c9:ae:29:1c:64:ff:73:7b:8a:a2:24:77:18:88:
9c:3a:0a:7a:df:0a:ba:10:b8:5e:05:52:b8:04:ed:1e:48:2b:
69:ea:de:b9:ac:77:8d:6c:ab:28:a5:70:07:a8:40:96:83:37:
d4:68:a8:6e:96:0e:6f:91:be:68:f0:d0:f1:e1:b5:2f:4f:59:
54:f6:c7:18:64:0f:de:0a:3b:d0:48:7d:2d:6f:15:5f:52:c6:
45:30:b7:fa:ca:94:23:36:34:4f:87:0e:a5:d9:e1:64:b6:bd:
dc:a1:74:50:ff:13:18:2f:3d:dd:2c:93:20:c6:3c:05:6a:1d:
77:06:c6:23:a5:38:7e:fa:da:a9:95:87:47:fc:da:79:64:f9:
8e:43:71:63:48:0c:d3:50:19:fe:4d:8c:c9:75:8a:c3:40:d9:
23:ea:c3:77:09:5f:72:89:58:70:4c:a3:4b:1d:7e:eb:1e:aa:
bf:93:58:25:4e:10:b5:b8:6e:81:1a:e9:7a:e8:2d:a9:3b:cf:
16:f3:ff:f7:05:6e:02:6d:7a:fc:3d:2a:a3:c9:e1:dc:31:60:
85:a1:24:62:bc:1f:08:00:e6:10:44:30:33:34:ea:29:0b:2a:
18:6f:dc:41
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyv36NcfBXwuSSCuMoCbs0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjMxMjI4MTAwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk4YjA1M2Y0Zjg1YzIxYjY4OTVhZjljNGRhNzM0NDY2NTg3NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4pC4vfat5zOIIT6mA1Qrf8aJPHi
bk4vHvb+yn8L94LGFJSd9g1+a2fGnxT46SRmH8QzRjueVXTlHRzYibVRPvdvPH6+
m67+R4eXYNpIsN0gbthJNSL9RfSdrVRxTPmhoRMg30szKAsgFWEppHJO2DbtP+vZ
o4QWjAyn++Yq5NCr6UisYuL5bjOswT7NZwSzpaRCJpg6EIW0f8eTwsRACjN4sPPT
zG6gC5Z8XRkA1s4Yb+ZmHXurGVqc8CMD1i8B8KIpjAHpuz4nlvDXJzM6BFtq4Vom
xCiT3k6IL1Q3DEh/8XpWob6JSwbsrur+VvaBRgNIeqtTaJ5COOdDlcS7UwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGCYsFP0+Fwhtola+cTac0RmWHahMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvWUppd1VfVDRYQ0cyaVZyNXhOcHpSR1pZZHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW86cAwQB
W+XmAwQCuVpgMA0EAgACMAcDBQMqBd8AMA0GCSqGSIb3DQEBCwUAA4IBAQCC1EXT
Wc053TqMzj27UxzomLust42Mya4pHGT/c3uKoiR3GIicOgp63wq6ELheBVK4BO0e
SCtp6t65rHeNbKsopXAHqECWgzfUaKhulg5vkb5o8NDx4bUvT1lU9scYZA/eCjvQ
SH0tbxVfUsZFMLf6ypQjNjRPhw6l2eFktr3coXRQ/xMYLz3dLJMgxjwFah13BsYj
pTh++tqplYdH/Np5ZPmOQ3FjSAzTUBn+TYzJdYrDQNkj6sN3CV9yiVhwTKNLHX7r
Hqq/k1glThC1uG6BGul66C2pO88W8//3BW4CbXr8PSqjyeHcMWCFoSRivB8IAOYQ
RDAzNOopCyoYb9xB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:46 2024 by rpki-client on console-fra.rpki-client.org