Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/YJn-O-BeeOilPMqzRuFjeckOYtw.roa
File: YJn-O-BeeOilPMqzRuFjeckOYtw.roa (raw, json)
Hash identifier: tfidI7xWOIT99AccmIaTkDFffXjCMzioVkjFPEY7UkQ=
Subject key identifier: 60:99:FE:3B:E0:5E:78:E8:A5:3C:CA:B3:46:E1:63:79:C9:0E:62:DC
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01857039ABBAC7179426CBCA8C9FDADED699
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/YJn-O-BeeOilPMqzRuFjeckOYtw.roa
Signing time: Mon 02 Jan 2023 02:05:05 +0000
ROA not before: Mon 02 Jan 2023 02:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 213.21.228.0/24 maxlen: 24
213.21.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ab:ba:c7:17:94:26:cb:ca:8c:9f:da:de:d6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 2 02:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6099fe3be05e78e8a53ccab346e16379c90e62dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:83:c8:df:f3:50:85:ba:c5:58:40:f4:3f:08:
3f:25:16:62:8a:ee:5c:31:9a:dd:3d:e6:88:c0:52:
91:59:7b:9f:9e:6d:cb:8f:0a:b2:6e:22:a0:e8:25:
cb:d6:b1:a4:1a:83:01:0f:6f:f7:d1:ff:85:df:3a:
87:89:23:4d:7e:40:e6:40:a3:ea:0c:48:28:9b:76:
5f:de:4b:bb:a4:aa:32:72:f6:56:e5:af:69:93:f0:
f4:90:af:06:9e:f9:a4:04:0b:05:6a:e5:30:2a:ab:
ea:7f:fa:2b:54:1c:cd:e5:0e:64:3e:64:f8:ba:04:
fe:c7:b1:04:5c:c8:f9:d0:d9:31:cb:9b:16:7a:9d:
d2:61:8b:86:41:f5:94:f8:35:9e:84:37:c9:36:ca:
7f:f1:10:d4:d5:00:ef:68:41:66:0b:2b:43:3d:e7:
04:95:95:02:cf:d0:79:f6:da:ad:18:08:cc:5e:c0:
49:63:ad:2a:53:f6:0b:ff:33:6a:c4:a1:b4:10:48:
49:f2:f2:76:18:47:05:ed:c7:f3:aa:6d:ef:03:7b:
eb:f8:9f:a9:bd:15:89:4a:d0:1e:75:9e:41:37:99:
5f:24:ef:d7:32:8e:dc:ba:ef:de:6e:fe:52:bb:40:
37:46:8b:b4:76:b6:45:29:42:96:2e:5a:6c:65:41:
54:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:99:FE:3B:E0:5E:78:E8:A5:3C:CA:B3:46:E1:63:79:C9:0E:62:DC
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/YJn-O-BeeOilPMqzRuFjeckOYtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.21.228.0/24
213.21.242.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d9:d4:fb:b5:84:e5:21:03:b2:9d:8a:3f:77:96:f6:15:e0:
45:c5:f5:c8:4a:5f:e6:03:16:7d:24:21:8f:57:c0:ae:17:c3:
22:20:1e:b9:24:41:d4:d0:20:36:45:f9:ba:8a:5e:0e:50:90:
c3:9c:61:ea:a7:3f:08:0d:8a:0b:f0:ea:c7:11:f6:7f:79:79:
26:ca:69:82:e5:06:24:f0:10:bc:46:1d:3b:db:8d:c1:d1:4a:
7c:4e:9d:be:cd:14:92:fb:fe:6c:b5:53:73:a3:e8:43:bb:f2:
b0:18:2c:2c:dd:a0:30:b3:42:4f:0c:3f:f7:11:5c:8f:9e:64:
2c:01:c9:ea:1e:76:d5:a7:b6:15:c3:c8:1f:37:fd:fb:db:fd:
a3:1c:48:fb:d2:6c:df:7b:19:14:e7:6a:e8:56:24:f1:6a:be:
91:25:10:fb:01:3b:fa:c4:3d:8f:05:71:46:11:0b:7d:7b:ec:
29:67:fa:98:19:c3:b9:4d:e3:f0:ca:7e:ac:4d:c3:70:0d:9c:
ea:02:85:a6:bb:db:ce:4d:5d:3e:8a:7d:52:5c:2e:af:d7:56:
be:5e:e0:2e:ba:0a:8c:60:f3:ff:c3:f5:14:00:90:fc:6d:df:
42:c4:bf:24:9a:a5:42:bd:c8:7b:df:27:22:4f:dd:2c:71:58:
15:1c:55:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwOau6xxeUJsvKjJ/a3taZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwMTAyMDIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk5ZmUzYmUwNWU3OGU4YTUzY2NhYjM0NmUxNjM3OWM5MGU2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoPI3/NQhbrFWED0Pwg/JRZiiu5c
MZrdPeaIwFKRWXufnm3LjwqybiKg6CXL1rGkGoMBD2/30f+F3zqHiSNNfkDmQKPq
DEgom3Zf3ku7pKoycvZW5a9pk/D0kK8GnvmkBAsFauUwKqvqf/orVBzN5Q5kPmT4
ugT+x7EEXMj50Nkxy5sWep3SYYuGQfWU+DWehDfJNsp/8RDU1QDvaEFmCytDPecE
lZUCz9B59tqtGAjMXsBJY60qU/YL/zNqxKG0EEhJ8vJ2GEcF7cfzqm3vA3vr+J+p
vRWJStAedZ5BN5lfJO/XMo7cuu/ebv5Su0A3Rou0drZFKUKWLlpsZUFU7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCZ/jvgXnjopTzKs0bhY3nJDmLcMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvWUpuLU8tQmVlT2lsUE1xelJ1RmplY2tPWXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1RXkAwQA
1RXyMA0GCSqGSIb3DQEBCwUAA4IBAQAd2dT7tYTlIQOynYo/d5b2FeBFxfXISl/m
AxZ9JCGPV8CuF8MiIB65JEHU0CA2Rfm6il4OUJDDnGHqpz8IDYoL8OrHEfZ/eXkm
ymmC5QYk8BC8Rh07243B0Up8Tp2+zRSS+/5stVNzo+hDu/KwGCws3aAws0JPDD/3
EVyPnmQsAcnqHnbVp7YVw8gfN/372/2jHEj70mzfexkU52roViTxar6RJRD7ATv6
xD2PBXFGEQt9e+wpZ/qYGcO5TePwyn6sTcNwDZzqAoWmu9vOTV0+in1SXC6v11a+
XuAuugqMYPP/w/UUAJD8bd9CxL8kmqVCvch73yciT90scVgVHFUU
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:40 2024 by rpki-client on console-ams.rpki-client.org