Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/yaCImZQ2RZumeN1zcBj4jDrLKA4.roa
File: yaCImZQ2RZumeN1zcBj4jDrLKA4.roa (raw, json)
Hash identifier: KiJmX39esuPKElGpK13hRgDmmcXJ3m7gES3LK17ij2I=
Subject key identifier: C9:A0:88:99:94:36:45:9B:A6:78:DD:73:70:18:F8:8C:3A:CB:28:0E
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01856EC23940DFD05BB69AA8306489677B42
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/yaCImZQ2RZumeN1zcBj4jDrLKA4.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213252
IP address blocks: 89.252.141.0/24 maxlen: 24
89.252.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:39:40:df:d0:5b:b6:9a:a8:30:64:89:67:7b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9a088999436459ba678dd737018f88c3acb280e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e8:d2:38:cf:bc:cf:ea:7c:23:dd:c9:e5:64:
ea:a1:7b:ab:1b:d3:70:2a:83:af:f8:08:fc:23:bf:
e8:59:c3:8b:81:c9:e0:97:29:c4:1b:e2:8b:11:9d:
db:ce:8e:dc:2b:6e:36:0e:33:26:b1:d1:43:9b:23:
88:04:2a:39:11:bb:9e:db:bf:38:3d:c9:48:88:23:
5f:39:52:45:94:73:de:66:4d:94:53:ed:5f:db:e3:
47:a4:e3:20:f3:59:b9:e2:b6:c7:0c:71:ba:17:ce:
20:5d:6f:c2:5a:5f:9c:67:3c:a6:f2:54:66:84:05:
d3:d5:25:bb:51:35:18:4a:1f:b9:c7:96:f0:ff:f7:
36:c6:f3:91:fd:b5:57:70:35:a4:25:4f:9a:5c:01:
92:c4:1a:4e:4c:3e:26:28:a5:73:06:4f:9a:99:58:
da:af:d7:48:4a:47:81:3b:73:4b:05:fa:66:f4:00:
78:c0:89:d1:53:bd:a4:bf:21:60:19:34:64:66:cd:
5a:e2:25:6c:41:c5:53:18:63:a3:ca:d8:97:91:43:
c7:cc:10:dd:92:ee:8e:52:68:22:98:5d:ee:70:5b:
cf:e6:87:e7:08:fc:0c:21:6f:dc:7c:5a:8e:bf:6c:
8d:1c:4e:26:ec:1f:e0:2e:3d:ac:6a:78:29:8c:0d:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A0:88:99:94:36:45:9B:A6:78:DD:73:70:18:F8:8C:3A:CB:28:0E
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/yaCImZQ2RZumeN1zcBj4jDrLKA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.141.0/24
89.252.153.0/24
Signature Algorithm: sha256WithRSAEncryption
21:65:6d:ff:47:3f:0e:37:eb:96:2a:0a:e4:6b:47:51:4e:5c:
cf:c6:0a:e5:40:a0:61:e5:d8:7f:89:95:00:f1:6a:5e:6e:f7:
9d:d3:43:ca:57:64:90:8c:de:be:1f:55:4b:7f:7b:be:2f:42:
95:a3:c9:3d:ef:37:47:8a:49:40:af:8c:06:5c:dc:c4:21:8a:
72:a3:b0:f5:cf:6a:5a:0e:b3:6d:02:4a:ea:5e:55:2d:2c:76:
6e:02:b8:7b:f4:3f:00:76:14:b3:72:2b:3a:2e:39:8a:64:a3:
09:fc:67:3a:e7:e2:69:6e:45:79:2e:7c:6b:a0:1f:09:ae:5b:
85:dc:0c:e4:02:51:6a:7e:72:68:ad:59:9f:ee:4a:4d:07:8f:
d0:49:53:62:6b:03:1b:93:5f:12:86:be:bf:46:5c:33:0d:ee:
90:f0:ba:bb:90:8f:72:97:a7:f2:f0:c4:b7:70:fe:65:34:38:
d7:a1:c0:e9:4e:10:ca:6e:d7:01:70:7b:b1:78:98:4d:b4:4f:
09:94:c0:cf:9a:a1:7f:9e:ee:c7:ca:77:6d:7c:fa:c0:94:c4:
7f:5b:ac:e4:2c:b0:61:d1:84:b4:0a:b4:ff:35:c0:9a:c3:85:
63:a3:aa:b0:43:92:30:78:eb:c1:4d:e1:cf:c7:a8:db:f2:f0:
c2:03:da:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwjlA39BbtpqoMGSJZ3tCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWEwODg5OTk0MzY0NTliYTY3OGRkNzM3MDE4Zjg4YzNhY2IyODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOjSOM+8z+p8I93J5WTqoXurG9Nw
KoOv+Aj8I7/oWcOLgcnglynEG+KLEZ3bzo7cK242DjMmsdFDmyOIBCo5Ebue2784
PclIiCNfOVJFlHPeZk2UU+1f2+NHpOMg81m54rbHDHG6F84gXW/CWl+cZzym8lRm
hAXT1SW7UTUYSh+5x5bw//c2xvOR/bVXcDWkJU+aXAGSxBpOTD4mKKVzBk+amVja
r9dISkeBO3NLBfpm9AB4wInRU72kvyFgGTRkZs1a4iVsQcVTGGOjytiXkUPHzBDd
ku6OUmgimF3ucFvP5ofnCPwMIW/cfFqOv2yNHE4m7B/gLj2sangpjA2ShQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmgiJmUNkWbpnjdc3AY+Iw6yygOMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEveWFDSW1aUTJSWnVtZU4xemNCajRqRHJMS0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfyNAwQA
WfyZMA0GCSqGSIb3DQEBCwUAA4IBAQAhZW3/Rz8ON+uWKgrka0dRTlzPxgrlQKBh
5dh/iZUA8Wpebved00PKV2SQjN6+H1VLf3u+L0KVo8k97zdHiklAr4wGXNzEIYpy
o7D1z2paDrNtAkrqXlUtLHZuArh79D8AdhSzcis6LjmKZKMJ/Gc65+JpbkV5Lnxr
oB8JrluF3AzkAlFqfnJorVmf7kpNB4/QSVNiawMbk18Shr6/RlwzDe6Q8Lq7kI9y
l6fy8MS3cP5lNDjXocDpThDKbtcBcHuxeJhNtE8JlMDPmqF/nu7HyndtfPrAlMR/
W6zkLLBh0YS0CrT/NcCaw4Vjo6qwQ5IweOvBTeHPx6jb8vDCA9qY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org