Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/YkoJF4nBDw5OYDi7gPwgUxu3QLA.roa
File: YkoJF4nBDw5OYDi7gPwgUxu3QLA.roa (raw, json)
Hash identifier: OouRPqWcGmmCUX5FLb1qpZ5Bl0iwkn09OxoDoWcyHdc=
Subject key identifier: 62:4A:09:17:89:C1:0F:0E:4E:60:38:BB:80:FC:20:53:1B:B7:40:B0
Certificate issuer: /CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Certificate serial: 01856F4290BD88876C887D413880541A23E3
Authority key identifier: 9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/YkoJF4nBDw5OYDi7gPwgUxu3QLA.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206141
IP address blocks: 87.237.160.0/22 maxlen: 22
2a06:13c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:90:bd:88:87:6c:88:7d:41:38:80:54:1a:23:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dcf5edc4e6aedc8df4245a62fa37fa22a620eaa
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=624a091789c10f0e4e6038bb80fc20531bb740b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5a:93:68:8e:a8:c2:b9:64:f7:4c:ed:2e:31:
c3:09:48:6d:63:68:f5:08:47:f3:e7:d4:be:0b:42:
09:c5:cd:c2:bd:3c:17:16:17:20:ed:57:50:4f:fa:
7a:32:2e:72:a7:c4:4f:2c:56:e5:3f:bf:cb:87:33:
c2:aa:4d:6f:3c:cc:05:7e:a3:7b:1f:61:48:50:d9:
23:7e:6c:f9:b1:b6:47:d4:42:ee:ad:de:c6:b4:32:
73:95:d3:47:6d:46:02:f4:5b:ac:8c:79:31:6c:b0:
b8:b1:fb:f2:7c:e4:43:e1:d0:91:4a:a1:f9:3d:3b:
f6:07:c2:79:96:c1:e8:d8:d4:c4:75:fa:39:16:27:
fa:2f:6c:2b:bd:86:d7:85:79:90:98:56:a4:26:c7:
68:8a:05:5d:6a:1d:75:cd:ec:70:a6:1a:ae:83:f5:
b4:b5:2d:e6:e3:e6:ad:ee:a4:a7:ec:c5:25:a3:c2:
2f:fc:a6:84:86:2a:78:c5:26:6d:b6:8d:dc:c8:a2:
63:9c:b8:bb:d8:57:ac:9b:ce:92:f6:56:d6:0f:44:
32:07:f2:0d:6a:3a:e3:26:bb:bd:fb:8d:31:75:29:
f4:09:fa:b3:f1:0d:4d:78:ff:67:84:0f:01:7c:a4:
80:cf:bf:71:28:44:d2:81:7e:f7:55:89:2c:e7:ad:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:09:17:89:C1:0F:0E:4E:60:38:BB:80:FC:20:53:1B:B7:40:B0
X509v3 Authority Key Identifier:
keyid:9D:CF:5E:DC:4E:6A:ED:C8:DF:42:45:A6:2F:A3:7F:A2:2A:62:0E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc9e3E5q7cjfQkWmL6N_oipiDqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/YkoJF4nBDw5OYDi7gPwgUxu3QLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1d1b45-86e9-46ee-991c-0eddeb48e3ae/1/nc9e3E5q7cjfQkWmL6N_oipiDqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.160.0/22
IPv6:
2a06:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:4e:e4:05:38:3c:e9:2f:4c:7e:d3:9c:2a:17:c5:07:64:54:
c8:9b:f3:52:32:a0:32:9a:03:4b:5c:84:6c:55:8b:66:15:18:
a9:b6:be:a0:4f:3d:c2:8c:38:05:08:e4:47:bb:b4:c5:1b:f4:
54:50:4b:14:86:7e:86:89:16:44:39:4e:4f:65:ed:89:ec:fb:
66:a1:ec:39:b0:bd:7a:f9:48:27:1e:e2:9b:eb:7a:94:95:18:
69:45:f1:5d:bc:dd:f1:18:99:5a:15:b6:e5:eb:bb:4a:44:b6:
1c:95:47:12:72:f2:38:d9:35:6d:8d:bc:08:ff:b9:70:58:53:
d3:21:1f:1c:8e:36:7d:94:ee:2d:54:f3:98:e5:e1:01:a6:77:
30:7b:66:2c:eb:da:b9:e3:d6:cb:9b:b9:f1:74:ce:e9:ac:92:
e4:58:34:67:d5:02:d8:0d:1d:09:37:ff:5c:57:5e:89:9c:5c:
73:70:5f:29:36:23:40:fa:ef:45:06:a2:8a:99:55:5b:3b:66:
d3:0f:1c:84:2b:5e:b4:b6:22:f4:b0:a9:c6:50:f1:7d:89:2a:
ea:c3:f0:c3:91:84:c7:48:d1:76:21:2d:d5:ff:a2:df:70:0d:
b4:f5:d6:67:03:87:87:bc:c4:22:14:53:72:7c:f7:67:cf:be:
c3:86:6e:d9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQpC9iIdsiH1BOIBUGiPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2Y1ZWRjNGU2YWVkYzhkZjQyNDVhNjJmYTM3ZmEyMmE2
MjBlYWEwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhMDkxNzg5YzEwZjBlNGU2MDM4YmI4MGZjMjA1MzFiYjc0MGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FqTaI6owrlk90ztLjHDCUhtY2j1
CEfz59S+C0IJxc3CvTwXFhcg7VdQT/p6Mi5yp8RPLFblP7/LhzPCqk1vPMwFfqN7
H2FIUNkjfmz5sbZH1ELurd7GtDJzldNHbUYC9FusjHkxbLC4sfvyfORD4dCRSqH5
PTv2B8J5lsHo2NTEdfo5Fif6L2wrvYbXhXmQmFakJsdoigVdah11zexwphqug/W0
tS3m4+at7qSn7MUlo8Iv/KaEhip4xSZtto3cyKJjnLi72Fesm86S9lbWD0QyB/IN
ajrjJru9+40xdSn0Cfqz8Q1NeP9nhA8BfKSAz79xKETSgX73VYks5611XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJKCReJwQ8OTmA4u4D8IFMbt0CwMB8GA1UdIwQY
MBaAFJ3PXtxOau3I30JFpi+jf6IqYg6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMt
MGVkZGViNDhlM2FlLzEvWWtvSkY0bkJEdzVPWURpN2dQd2dVeHUzUUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZDFiNDUtODZlOS00NmVlLTk5MWMtMGVkZGViNDhlM2Fl
LzEvbmM5ZTNFNXE3Y2pmUWtXbUw2Tl9vaXBpRHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCV+2gMA0E
AgACMAcDBQMqBhPAMA0GCSqGSIb3DQEBCwUAA4IBAQC0TuQFODzpL0x+05wqF8UH
ZFTIm/NSMqAymgNLXIRsVYtmFRiptr6gTz3CjDgFCORHu7TFG/RUUEsUhn6GiRZE
OU5PZe2J7Ptmoew5sL16+UgnHuKb63qUlRhpRfFdvN3xGJlaFbbl67tKRLYclUcS
cvI42TVtjbwI/7lwWFPTIR8cjjZ9lO4tVPOY5eEBpncwe2Ys69q549bLm7nxdM7p
rJLkWDRn1QLYDR0JN/9cV16JnFxzcF8pNiNA+u9FBqKKmVVbO2bTDxyEK160tiL0
sKnGUPF9iSrqw/DDkYTHSNF2IS3V/6LfcA209dZnA4eHvMQiFFNyfPdnz77Dhm7Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:47 2024 by rpki-client on console-ams.rpki-client.org