Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YfCnacjwrwhPsFfpelVrwbH0tV0.roa
File: YfCnacjwrwhPsFfpelVrwbH0tV0.roa (raw, json)
Hash identifier: BrMdQHOD6iWiS5dh5rMxgp8JQA0/5oaMO9yC5AS2GNc=
Subject key identifier: 61:F0:A7:69:C8:F0:AF:08:4F:B0:57:E9:7A:55:6B:C1:B1:F4:B5:5D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53E7BFA262D5E1036355B54D67A82E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YfCnacjwrwhPsFfpelVrwbH0tV0.roa
Signing time: Sun 01 Jan 2023 07:55:16 +0000
ROA not before: Sun 01 Jan 2023 07:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30707
IP address blocks: 45.141.246.0/24 maxlen: 24
5.253.136.0/24 maxlen: 24
2a06:7247::/45 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:e7:bf:a2:62:d5:e1:03:63:55:b5:4d:67:a8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61f0a769c8f0af084fb057e97a556bc1b1f4b55d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:72:d0:5f:a4:e7:b5:8a:2c:80:96:6d:56:ec:
da:fe:b2:28:eb:40:37:00:ac:5f:f9:56:c8:5a:23:
ca:29:36:9f:d8:af:3c:54:39:aa:07:7f:75:26:c2:
18:c0:58:29:ee:ff:02:62:80:bf:da:96:c4:c0:d1:
eb:a8:ee:d3:c5:c1:91:91:98:fb:21:48:fa:e9:22:
75:a6:95:81:c9:7f:97:74:82:cb:48:97:97:da:08:
c1:8c:7f:97:4d:fc:e7:47:f3:eb:60:70:9b:67:60:
fe:28:c5:c5:8b:54:78:3c:80:0f:00:99:69:45:68:
66:23:77:40:5b:ea:44:e0:8c:f8:3a:18:0b:b7:49:
f5:2c:aa:32:87:45:7b:81:a1:ba:f1:8f:45:fd:e0:
88:94:a7:2c:25:7e:30:03:29:a3:2d:83:e1:51:81:
ee:05:1f:eb:6b:13:1b:18:d5:11:5f:bc:3f:07:48:
ef:ef:23:e6:fb:54:11:78:cf:cd:9a:32:fb:4f:21:
73:fd:18:08:a2:f2:16:a0:6a:58:61:6d:e4:1e:bb:
6a:e2:d9:6b:68:3f:d2:ae:53:8b:53:b1:bd:bc:9e:
cf:24:17:ca:76:6d:31:60:de:03:d9:4e:ce:09:3d:
d0:51:25:e0:bc:46:d0:2d:66:5d:ef:90:b0:5d:75:
61:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F0:A7:69:C8:F0:AF:08:4F:B0:57:E9:7A:55:6B:C1:B1:F4:B5:5D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/YfCnacjwrwhPsFfpelVrwbH0tV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.136.0/24
45.141.246.0/24
IPv6:
2a06:7247::/45
Signature Algorithm: sha256WithRSAEncryption
23:67:84:c0:9a:a9:04:e6:9f:52:8c:3d:50:e0:c6:33:a6:20:
7e:00:13:28:b9:0e:9e:9d:98:90:22:32:3d:84:38:91:ae:6a:
31:8d:3b:4b:1d:ab:ac:89:7d:c2:89:05:66:59:8d:e6:f0:aa:
6a:15:66:86:81:72:a9:0f:c9:32:3a:b7:e0:bb:d4:39:a8:4b:
fe:f9:b6:19:b3:94:54:68:2b:5c:e7:6b:03:2f:a1:6b:ed:ad:
ac:9f:90:71:8b:e0:be:9b:b4:c8:77:f0:93:5c:41:66:c1:df:
ff:54:66:c9:ae:e7:f7:88:eb:a3:8c:d0:c0:67:3c:cd:b7:44:
20:d9:c3:af:6d:c0:7a:28:5f:f4:02:a8:f0:0c:f5:24:89:e7:
72:eb:5a:8a:df:d2:f9:cd:60:1b:fb:49:ca:92:bb:5e:e2:22:
28:a2:9e:9d:d2:6d:57:90:9f:c8:9e:95:12:53:35:0e:62:56:
e1:42:34:67:18:61:4b:ef:06:14:72:c1:7e:1f:54:73:c5:f0:
12:96:c4:4e:0c:09:b5:6e:f6:45:49:a7:7b:0f:92:e3:4a:37:
b4:a5:30:d1:fa:7c:14:a1:e4:9c:b8:36:9b:a0:7b:a9:d0:4b:
36:de:cb:7a:03:ce:8b:cc:4a:1c:fa:00:fd:e3:c5:b8:ae:48:
26:ee:e5:35
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsU+e/omLV4QNjVbVNZ6guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWYwYTc2OWM4ZjBhZjA4NGZiMDU3ZTk3YTU1NmJjMWIxZjRiNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXLQX6TntYosgJZtVuza/rIo60A3
AKxf+VbIWiPKKTaf2K88VDmqB391JsIYwFgp7v8CYoC/2pbEwNHrqO7TxcGRkZj7
IUj66SJ1ppWByX+XdILLSJeX2gjBjH+XTfznR/PrYHCbZ2D+KMXFi1R4PIAPAJlp
RWhmI3dAW+pE4Iz4OhgLt0n1LKoyh0V7gaG68Y9F/eCIlKcsJX4wAymjLYPhUYHu
BR/raxMbGNURX7w/B0jv7yPm+1QReM/NmjL7TyFz/RgIovIWoGpYYW3kHrtq4tlr
aD/SrlOLU7G9vJ7PJBfKdm0xYN4D2U7OCT3QUSXgvEbQLWZd75CwXXVhvwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGHwp2nI8K8IT7BX6XpVa8Gx9LVdMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvWWZDbmFjandyd2hQc0ZmcGVsVnJ3YkgwdFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABf2IAwQA
LY32MA8EAgACMAkDBwMqBnJHAAAwDQYJKoZIhvcNAQELBQADggEBACNnhMCaqQTm
n1KMPVDgxjOmIH4AEyi5Dp6dmJAiMj2EOJGuajGNO0sdq6yJfcKJBWZZjebwqmoV
ZoaBcqkPyTI6t+C71DmoS/75thmzlFRoK1znawMvoWvtrayfkHGL4L6btMh38JNc
QWbB3/9UZsmu5/eI66OM0MBnPM23RCDZw69twHooX/QCqPAM9SSJ53LrWorf0vnN
YBv7ScqSu17iIiiinp3SbVeQn8ielRJTNQ5iVuFCNGcYYUvvBhRywX4fVHPF8BKW
xE4MCbVu9kVJp3sPkuNKN7SlMNH6fBSh5Jy4Npuge6nQSzbey3oDzovMShz6AP3j
xbiuSCbu5TU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org