Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Yf9NWyFusYd5ibH-1nWf83aU8RE.roa
File: Yf9NWyFusYd5ibH-1nWf83aU8RE.roa (raw, json)
Hash identifier: wPo4bbOIdPbUPIGJolUTUqU+KizdeKfNmgS2iEE6/S8=
Subject key identifier: 61:FF:4D:5B:21:6E:B1:87:79:89:B1:FE:D6:75:9F:F3:76:94:F1:11
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0187FD4FAA900E4CF8BD0108918FAD7E8374
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Yf9NWyFusYd5ibH-1nWf83aU8RE.roa
Signing time: Mon 08 May 2023 21:41:09 +0000
ROA not before: Mon 08 May 2023 21:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
2a0c:3ac0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fd:4f:aa:90:0e:4c:f8:bd:01:08:91:8f:ad:7e:83:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 8 21:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61ff4d5b216eb1877989b1fed6759ff37694f111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e5:82:92:c3:1b:65:7c:00:c4:00:c9:6f:e4:
3e:3e:d8:92:1f:ab:31:1d:86:e7:0b:1f:0d:71:da:
c1:70:4d:68:c7:1a:c2:00:e3:87:3a:d3:87:dd:c1:
78:de:7d:74:a2:df:7c:b2:e8:75:85:2f:67:2d:02:
0a:c1:9f:24:a4:83:0c:c2:74:4b:29:7e:61:4e:21:
ea:14:fe:5a:f4:75:b2:ed:1b:5a:1c:36:26:f2:c7:
01:dd:5e:d2:08:46:49:f3:cf:db:20:0b:25:45:e9:
0a:0d:a2:fb:fc:c5:07:29:57:18:1d:11:b9:a0:61:
d1:01:6d:b0:13:eb:04:ca:53:3a:0b:f0:96:e7:bd:
dd:b5:4b:e8:24:14:37:cf:be:86:65:a6:7d:54:60:
a2:6f:37:73:09:2e:6d:b9:ec:a0:65:cb:9c:21:ad:
8e:ce:5f:cd:b0:19:0c:24:a2:d7:c3:ef:fa:39:86:
8b:f0:d4:27:c5:f0:40:49:04:8b:1b:03:eb:41:10:
cb:ba:a9:1f:7a:cd:f7:9c:1e:9d:42:1e:68:a7:a5:
17:52:64:0f:10:21:8c:ea:c0:51:e1:77:6a:d1:3b:
f1:ae:bc:dc:d7:cc:52:80:fb:01:82:30:58:d6:88:
42:a0:51:93:3b:db:fe:7b:6e:c8:8b:8c:70:47:de:
6d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FF:4D:5B:21:6E:B1:87:79:89:B1:FE:D6:75:9F:F3:76:94:F1:11
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Yf9NWyFusYd5ibH-1nWf83aU8RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.141.0/24
104.232.36.0/24
IPv6:
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
51:80:8b:79:d0:b4:86:5a:35:98:69:fd:50:11:43:13:d5:48:
58:57:a7:72:0c:96:a3:1e:0d:44:fa:7f:ce:ff:6a:40:e1:37:
b5:1e:62:d0:3b:be:3c:26:b3:73:cf:8f:6b:e3:68:c5:00:f1:
50:2a:82:4b:d5:ea:5a:13:64:2e:c1:4c:08:e2:ad:5d:8e:a4:
c2:33:0b:9f:84:78:70:3f:32:61:4d:d2:d8:8b:7a:77:31:9d:
c0:86:7f:4d:e3:0b:42:06:d4:8a:a0:2e:b5:0b:ae:ee:00:f2:
74:de:f2:0d:ce:78:1a:b6:88:fb:8d:7c:1a:c2:e8:ce:2c:c9:
08:af:11:5e:ee:c0:1e:51:32:58:fd:c9:a4:c3:02:6f:87:9c:
9d:e1:de:93:84:5b:07:ce:34:04:73:44:96:b8:cd:4f:16:19:
bd:f2:82:bd:13:d9:36:62:71:49:b6:c3:4e:d4:c8:09:5a:c8:
51:e6:59:10:fc:50:3c:1a:82:43:8b:7d:b4:d4:f5:e0:bd:81:
1b:32:69:94:4c:ca:9a:4e:08:89:9c:3f:f7:77:b8:7d:99:a1:
e7:c1:9f:6f:70:9e:c7:d6:b3:5f:50:28:58:3f:97:52:62:eb:
15:40:d4:f6:e6:70:02:9d:6a:e9:bb:ac:e8:39:ec:f7:7c:86:
d2:2c:05:b4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYf9T6qQDkz4vQEIkY+tfoN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNTA4MjE0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZmNGQ1YjIxNmViMTg3Nzk4OWIxZmVkNjc1OWZmMzc2OTRmMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseWCksMbZXwAxADJb+Q+PtiSH6sx
HYbnCx8NcdrBcE1oxxrCAOOHOtOH3cF43n10ot98suh1hS9nLQIKwZ8kpIMMwnRL
KX5hTiHqFP5a9HWy7RtaHDYm8scB3V7SCEZJ88/bIAslRekKDaL7/MUHKVcYHRG5
oGHRAW2wE+sEylM6C/CW573dtUvoJBQ3z76GZaZ9VGCibzdzCS5tueygZcucIa2O
zl/NsBkMJKLXw+/6OYaL8NQnxfBASQSLGwPrQRDLuqkfes33nB6dQh5op6UXUmQP
ECGM6sBR4Xdq0Tvxrrzc18xSgPsBgjBY1ohCoFGTO9v+e27Ii4xwR95t6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGH/TVshbrGHeYmx/tZ1n/N2lPERMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWWY5Tld5RnVzWWQ1aWJILTFuV2Y4M2FVOFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALUONAwQA
aOgkMA8EAgACMAkDBwAqDDrAAAAwDQYJKoZIhvcNAQELBQADggEBAFGAi3nQtIZa
NZhp/VARQxPVSFhXp3IMlqMeDUT6f87/akDhN7UeYtA7vjwms3PPj2vjaMUA8VAq
gkvV6loTZC7BTAjirV2OpMIzC5+EeHA/MmFN0tiLencxncCGf03jC0IG1IqgLrUL
ru4A8nTe8g3OeBq2iPuNfBrC6M4syQivEV7uwB5RMlj9yaTDAm+HnJ3h3pOEWwfO
NARzRJa4zU8WGb3ygr0T2TZicUm2w07UyAlayFHmWRD8UDwagkOLfbTU9eC9gRsy
aZRMyppOCImcP/d3uH2ZoefBn29wnsfWs19QKFg/l1Ji6xVA1PbmcAKdaum7rOg5
7Pd8htIsBbQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org