Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9yXvCgbsbLWxKEom1qGZIjhL8m8.roa
File: 9yXvCgbsbLWxKEom1qGZIjhL8m8.roa (raw, json)
Hash identifier: suD5YSHZ3MTY50s/GcX+4FR28RK92PySGbECHyixIc0=
Subject key identifier: F7:25:EF:0A:06:EC:6C:B5:B1:28:4A:26:D6:A1:99:22:38:4B:F2:6F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187B2BD94F4FE3C1C3BDB6A2D9403149DCB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9yXvCgbsbLWxKEom1qGZIjhL8m8.roa
Signing time: Mon 24 Apr 2023 10:09:41 +0000
ROA not before: Mon 24 Apr 2023 10:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 29 Apr 2023 17:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:bd:94:f4:fe:3c:1c:3b:db:6a:2d:94:03:14:9d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 24 10:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f725ef0a06ec6cb5b1284a26d6a19922384bf26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:4c:ca:48:99:3a:a6:29:0b:68:97:8e:16:
1c:dc:54:e1:59:23:b4:fa:52:e9:ed:28:13:58:17:
bd:3b:e6:cc:ae:9f:b1:40:40:ab:da:cd:cb:11:70:
f5:e0:4c:9c:30:84:1c:b0:1d:81:f7:17:cd:2c:72:
69:f9:63:bc:84:b4:a9:8a:c8:4c:cb:d2:ee:e9:57:
fd:40:ba:0f:9b:be:2f:d8:a2:7d:49:12:ca:87:98:
44:2e:45:f8:a7:52:18:b1:0c:6b:34:e6:4c:40:4a:
80:29:3c:c1:2b:08:9f:e4:32:14:1d:80:b1:61:bf:
e1:66:16:c8:fd:1e:0d:bf:b7:42:13:15:32:43:72:
a6:35:d9:87:2f:90:1d:2b:da:72:83:7e:27:02:c1:
ed:42:9a:a8:3b:cd:74:d8:0f:1a:37:af:7b:fd:98:
90:1b:00:c3:0f:50:c1:4e:b9:4a:63:3a:4e:8b:32:
a6:ec:b4:eb:d8:eb:82:3b:84:bd:32:78:81:89:76:
16:0a:fe:cc:9b:22:6d:39:8e:77:aa:71:27:63:ac:
45:cc:77:25:ff:ef:5a:70:30:03:a6:5b:35:06:c5:
c4:9b:27:86:df:8d:c6:8d:06:25:15:1b:ee:e5:d2:
43:56:03:9d:38:d3:83:4f:b4:7a:d5:fb:81:63:ab:
f4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:25:EF:0A:06:EC:6C:B5:B1:28:4A:26:D6:A1:99:22:38:4B:F2:6F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9yXvCgbsbLWxKEom1qGZIjhL8m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.225.0.0/23
Signature Algorithm: sha256WithRSAEncryption
68:1a:36:ad:9a:2c:a8:a7:d0:a9:33:57:6b:80:67:61:d0:77:
17:87:b5:9a:f9:dd:a0:3b:24:b3:ac:c3:2c:41:8e:8e:b5:92:
f8:49:88:da:cf:5f:89:00:04:8c:b9:ca:f4:49:6f:71:e6:82:
7e:d4:ae:dd:3b:e9:c0:e9:72:7f:9a:ea:30:3a:40:67:8f:a5:
48:d3:50:1b:1c:6b:d5:a5:1e:24:6b:a6:21:85:c8:f1:fd:f7:
d5:25:df:8d:18:b6:3f:d0:2b:ff:98:68:35:c9:95:8f:4e:d2:
70:85:23:48:cd:90:32:29:b6:1e:c8:3b:b5:08:6c:05:d6:43:
a5:4d:86:2a:70:c4:54:a3:98:21:61:a8:ca:ac:75:2f:52:20:
af:83:5a:4b:f1:70:ad:59:a2:48:c8:93:3a:b6:43:9c:2b:3f:
f9:cc:29:74:ca:4e:11:da:1a:e1:ca:98:e8:c7:13:fe:be:06:
d0:bb:8a:02:4e:cf:79:07:12:e4:cc:81:0e:08:5a:90:73:bd:
e6:90:85:9e:06:10:12:4c:0c:e2:e8:73:50:c2:45:31:84:be:
c6:dc:aa:87:98:e6:4a:78:f1:94:96:a8:71:96:02:39:09:39:
d3:65:c8:15:c9:e4:05:f3:9f:c8:ae:cc:24:dc:f9:0d:a2:03:
52:ca:6c:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeyvZT0/jwcO9tqLZQDFJ3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDI0MTAwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI1ZWYwYTA2ZWM2Y2I1YjEyODRhMjZkNmExOTkyMjM4NGJmMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/xMykiZOqYpC2iXjhYc3FThWSO0
+lLp7SgTWBe9O+bMrp+xQECr2s3LEXD14EycMIQcsB2B9xfNLHJp+WO8hLSpishM
y9Lu6Vf9QLoPm74v2KJ9SRLKh5hELkX4p1IYsQxrNOZMQEqAKTzBKwif5DIUHYCx
Yb/hZhbI/R4Nv7dCExUyQ3KmNdmHL5AdK9pyg34nAsHtQpqoO8102A8aN697/ZiQ
GwDDD1DBTrlKYzpOizKm7LTr2OuCO4S9MniBiXYWCv7MmyJtOY53qnEnY6xFzHcl
/+9acDADpls1BsXEmyeG343GjQYlFRvu5dJDVgOdONODT7R61fuBY6v0cwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPcl7woG7Gy1sShKJtahmSI4S/JvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvOXlYdkNnYnNiTFd4S0VvbTFxR1pJamhMOG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQgVAwQA
LZPgAwQBueEAMA0GCSqGSIb3DQEBCwUAA4IBAQBoGjatmiyop9CpM1drgGdh0HcX
h7Wa+d2gOySzrMMsQY6OtZL4SYjaz1+JAASMucr0SW9x5oJ+1K7dO+nA6XJ/muow
OkBnj6VI01AbHGvVpR4ka6Yhhcjx/ffVJd+NGLY/0Cv/mGg1yZWPTtJwhSNIzZAy
KbYeyDu1CGwF1kOlTYYqcMRUo5ghYajKrHUvUiCvg1pL8XCtWaJIyJM6tkOcKz/5
zCl0yk4R2hrhypjoxxP+vgbQu4oCTs95BxLkzIEOCFqQc73mkIWeBhASTAzi6HNQ
wkUxhL7G3KqHmOZKePGUlqhxlgI5CTnTZcgVyeQF85/Irswk3PkNogNSymxa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org