Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/yXm2RshYRC4_87M9e08NVt8WXus.roa
File: yXm2RshYRC4_87M9e08NVt8WXus.roa (raw, json)
Hash identifier: 65XaDVCuLoLP/Gb7u5h9ecF+AYZqUXUJzDERPK3D0xg=
Subject key identifier: C9:79:B6:46:C8:58:44:2E:3F:F3:B3:3D:7B:4F:0D:56:DF:16:5E:EB
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 01856F301FA1137CFD2C8D2317CD5F420A0A
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/yXm2RshYRC4_87M9e08NVt8WXus.roa
Signing time: Sun 01 Jan 2023 21:15:02 +0000
ROA not before: Sun 01 Jan 2023 21:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4755
IP address blocks: 89.108.129.0/24 maxlen: 24
89.108.128.0/24 maxlen: 24
89.108.154.0/24 maxlen: 24
89.108.176.0/24 maxlen: 24
89.108.176.0/22 maxlen: 22
212.101.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:1f:a1:13:7c:fd:2c:8d:23:17:cd:5f:42:0a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 21:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c979b646c858442e3ff3b33d7b4f0d56df165eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:b3:60:4f:3d:ac:4f:fe:1a:a1:2e:5c:44:
d4:86:0b:ce:46:a9:b4:33:27:29:a0:ac:37:96:88:
73:df:cd:e2:8c:24:85:66:5d:2b:ba:38:52:c4:54:
32:26:86:03:43:f3:8f:bc:24:27:22:94:cf:ff:a7:
06:87:1c:01:44:13:0a:34:37:40:e9:2b:f8:02:44:
43:d1:23:6f:dd:39:4b:38:97:c3:3a:e5:8e:8b:a3:
6b:8d:44:98:3d:23:58:e4:73:02:8a:da:cf:6c:37:
8c:24:be:bf:2f:9f:7d:e6:8a:26:05:b1:ed:35:5c:
4f:d5:de:38:8e:8d:9b:58:e5:1c:18:dd:3c:9c:75:
d2:43:ff:ca:a2:37:19:2f:f9:aa:50:d9:83:a9:de:
e5:a5:bc:83:b5:4c:39:f9:f0:76:6f:77:05:fa:da:
6f:1f:91:e7:44:08:34:e0:0a:4d:81:aa:22:82:ff:
d5:0a:0a:10:3b:77:76:a7:75:53:0e:31:5d:f5:a4:
a8:81:c9:15:3e:c2:5c:2c:bd:ab:71:08:48:84:ab:
7d:46:a2:36:ef:34:90:7e:2c:91:f9:5d:4a:7e:b3:
08:ad:81:97:d1:62:78:29:94:a2:e0:b3:81:8f:fd:
3e:75:9c:d8:19:e8:ba:d8:c6:9b:f5:4f:9b:f0:53:
c2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:79:B6:46:C8:58:44:2E:3F:F3:B3:3D:7B:4F:0D:56:DF:16:5E:EB
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/yXm2RshYRC4_87M9e08NVt8WXus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.128.0/23
89.108.154.0/24
89.108.176.0/22
212.101.249.0/24
Signature Algorithm: sha256WithRSAEncryption
49:6d:ed:04:3a:73:eb:bb:05:dd:f4:69:1e:fe:ec:a6:68:4b:
5d:f8:89:9e:c6:fd:ca:ff:4a:da:8a:2e:16:fa:3c:a4:a0:91:
c0:1c:84:d5:93:e4:3d:ce:ef:e5:1f:ca:8f:6c:47:9d:02:31:
e0:60:42:8b:19:e2:bc:45:eb:45:4d:39:f9:3b:ee:69:ae:dc:
e9:e5:f8:08:4a:c0:3a:7a:e6:a0:07:87:73:ce:0b:79:c3:f2:
e4:6e:ec:b2:5f:45:a8:bc:d5:22:11:66:ab:bb:26:cf:32:14:
b6:a5:14:ec:ce:73:29:87:cc:ae:9c:86:57:7a:93:05:32:63:
84:6c:99:76:db:86:21:13:f4:fa:a4:4e:00:fd:06:6a:2b:4d:
fb:3d:60:c3:23:74:03:90:57:f9:de:dc:eb:63:ab:db:ea:59:
ee:36:83:e6:60:e5:1b:39:21:34:0d:2d:2c:12:f9:77:60:be:
91:3d:fd:75:91:c9:da:bc:b4:08:35:58:49:a4:c7:ad:50:db:
e2:49:b7:e1:af:9e:dc:fa:92:56:fd:4b:56:74:23:84:28:59:
e8:38:40:28:13:fb:4d:c5:50:f6:a2:03:15:ec:86:5e:ec:8f:
48:7f:de:62:9d:60:43:39:73:2a:fd:bd:02:e4:3e:49:0c:63:
80:17:00:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvMB+hE3z9LI0jF81fQgoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjMwMTAxMjExNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc5YjY0NmM4NTg0NDJlM2ZmM2IzM2Q3YjRmMGQ1NmRmMTY1ZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2azYE89rE/+GqEuXETUhgvORqm0
MycpoKw3lohz383ijCSFZl0rujhSxFQyJoYDQ/OPvCQnIpTP/6cGhxwBRBMKNDdA
6Sv4AkRD0SNv3TlLOJfDOuWOi6NrjUSYPSNY5HMCitrPbDeMJL6/L5995oomBbHt
NVxP1d44jo2bWOUcGN08nHXSQ//KojcZL/mqUNmDqd7lpbyDtUw5+fB2b3cF+tpv
H5HnRAg04ApNgaoigv/VCgoQO3d2p3VTDjFd9aSogckVPsJcLL2rcQhIhKt9RqI2
7zSQfiyR+V1KfrMIrYGX0WJ4KZSi4LOBj/0+dZzYGei62Mab9U+b8FPCswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMl5tkbIWEQuP/OzPXtPDVbfFl7rMB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEveVhtMlJzaFlSQzRfODdNOWUwOE5WdDhXWHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWWyAAwQA
WWyaAwQCWWywAwQA1GX5MA0GCSqGSIb3DQEBCwUAA4IBAQBJbe0EOnPruwXd9Gke
/uymaEtd+Imexv3K/0raii4W+jykoJHAHITVk+Q9zu/lH8qPbEedAjHgYEKLGeK8
RetFTTn5O+5prtzp5fgISsA6euagB4dzzgt5w/LkbuyyX0WovNUiEWaruybPMhS2
pRTsznMph8yunIZXepMFMmOEbJl224YhE/T6pE4A/QZqK037PWDDI3QDkFf53tzr
Y6vb6lnuNoPmYOUbOSE0DS0sEvl3YL6RPf11kcnavLQINVhJpMetUNviSbfhr57c
+pJW/UtWdCOEKFnoOEAoE/tNxVD2ogMV7IZe7I9If95inWBDOXMq/b0C5D5JDGOA
FwAO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:44 2024 by rpki-client on console-ams.rpki-client.org