Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YKdufpX3WUBTwt5BNVvrUWCUZeE.roa
File: YKdufpX3WUBTwt5BNVvrUWCUZeE.roa (raw, json)
Hash identifier: FFMmE6GI+fr+2Ah5sFP5UEdwVP6PlPPEkcyObC8OuW0=
Subject key identifier: 60:A7:6E:7E:95:F7:59:40:53:C2:DE:41:35:5B:EB:51:60:94:65:E1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0191E79FB3F826D1CC46652042C7144C8836
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YKdufpX3WUBTwt5BNVvrUWCUZeE.roa
Signing time: Thu 12 Sep 2024 19:04:48 +0000
ROA not before: Thu 12 Sep 2024 19:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 91.92.35.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Sep 2024 07:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e7:9f:b3:f8:26:d1:cc:46:65:20:42:c7:14:4c:88:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 12 19:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60a76e7e95f7594053c2de41355beb51609465e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7d:76:ec:39:89:d4:c3:26:11:30:de:fe:11:
28:5f:95:75:f9:57:0b:3d:64:fc:3e:b4:81:a3:10:
73:60:11:5c:0f:47:ae:c2:08:a5:7b:99:a8:6d:39:
2a:43:08:cc:b0:53:06:c4:59:62:a0:fb:bb:d1:7c:
65:bc:9d:ea:39:4a:bd:e5:25:ae:58:d9:77:78:81:
91:59:19:76:39:3c:de:0a:c1:15:13:66:c0:2f:b1:
7c:c8:68:be:a3:64:38:0e:e1:02:12:b8:8a:2b:9d:
19:4c:33:57:fa:a7:fb:f9:71:b2:5a:8d:bc:dc:f2:
ee:50:45:d0:aa:13:23:25:81:56:96:f0:73:b8:61:
79:bb:b3:b1:ef:22:06:b0:92:4b:08:a7:0c:1f:d3:
3b:d0:66:f9:44:53:96:f6:28:5c:1f:eb:1e:17:01:
6f:c8:2b:2b:8b:2b:f3:3e:d2:5c:96:a9:0f:5c:68:
ba:af:77:e5:7f:af:0e:cb:11:29:c5:9b:73:28:b7:
35:29:2d:06:c9:5e:5f:1c:f6:36:f8:16:3b:fb:57:
cf:bc:2e:79:70:00:fb:a9:d2:8e:bf:4f:66:a3:b0:
c3:d5:c1:d8:e5:49:72:a9:5b:56:15:e2:94:67:66:
b2:cf:9b:95:27:6c:1b:29:d6:ac:c1:82:1d:e3:0c:
54:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A7:6E:7E:95:F7:59:40:53:C2:DE:41:35:5B:EB:51:60:94:65:E1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YKdufpX3WUBTwt5BNVvrUWCUZeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.35.0/24
93.152.207.0/24
Signature Algorithm: sha256WithRSAEncryption
56:18:6f:17:77:8c:9d:15:12:8d:3a:a4:c6:37:9c:9d:d5:e3:
01:26:7f:ed:0f:94:67:d3:53:40:8d:bd:c6:3b:cf:2a:49:a8:
55:39:3f:43:69:3e:9f:a8:fe:21:67:ae:6b:38:50:d8:1a:04:
b5:57:fc:86:4e:e2:80:8b:3b:0c:fe:1f:89:18:24:52:50:dd:
92:6e:e0:3c:4a:54:30:8b:b6:40:d8:14:81:45:8a:2e:97:ca:
b9:c6:b0:01:ca:b1:91:a7:cc:83:ef:6e:29:68:19:6e:20:98:
7d:94:f5:a5:1d:a0:f2:06:2f:05:41:0c:b7:5f:80:47:d8:d6:
e0:76:77:86:d0:46:96:ac:c8:d9:e4:53:60:01:30:6f:df:b7:
cb:c1:eb:cf:ae:ad:2e:68:1c:99:46:e6:05:ce:10:94:7f:a1:
72:7d:2e:b1:c3:0c:29:e3:c7:e7:b3:fc:4f:bd:45:9e:16:f3:
9a:70:97:6c:97:8f:df:de:cf:17:94:f1:3e:80:d7:8e:40:da:
aa:6d:2e:10:12:b6:88:37:be:b0:11:90:cd:ce:fa:1b:d2:25:
16:97:b0:bd:87:30:1c:db:53:c9:bc:03:f5:0c:fe:af:2f:46:
b7:de:85:70:d2:4f:ba:9d:f5:fd:40:83:1b:61:b5:a2:20:4c:
3f:6b:b9:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHnn7P4JtHMRmUgQscUTIg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTEyMTkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE3NmU3ZTk1Zjc1OTQwNTNjMmRlNDEzNTViZWI1MTYwOTQ2NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlH127DmJ1MMmETDe/hEoX5V1+VcL
PWT8PrSBoxBzYBFcD0euwgile5mobTkqQwjMsFMGxFlioPu70XxlvJ3qOUq95SWu
WNl3eIGRWRl2OTzeCsEVE2bAL7F8yGi+o2Q4DuECEriKK50ZTDNX+qf7+XGyWo28
3PLuUEXQqhMjJYFWlvBzuGF5u7Ox7yIGsJJLCKcMH9M70Gb5RFOW9ihcH+seFwFv
yCsriyvzPtJclqkPXGi6r3flf68OyxEpxZtzKLc1KS0GyV5fHPY2+BY7+1fPvC55
cAD7qdKOv09mo7DD1cHY5UlyqVtWFeKUZ2ayz5uVJ2wbKdaswYId4wxUewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGCnbn6V91lAU8LeQTVb61FglGXhMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWUtkdWZwWDNXVUJUd3Q1Qk5WdnJVV0NVWmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW1wjAwQA
XZjPMA0GCSqGSIb3DQEBCwUAA4IBAQBWGG8Xd4ydFRKNOqTGN5yd1eMBJn/tD5Rn
01NAjb3GO88qSahVOT9DaT6fqP4hZ65rOFDYGgS1V/yGTuKAizsM/h+JGCRSUN2S
buA8SlQwi7ZA2BSBRYoul8q5xrAByrGRp8yD724paBluIJh9lPWlHaDyBi8FQQy3
X4BH2NbgdneG0EaWrMjZ5FNgATBv37fLwevPrq0uaByZRuYFzhCUf6FyfS6xwwwp
48fns/xPvUWeFvOacJdsl4/f3s8XlPE+gNeOQNqqbS4QEraIN76wEZDNzvob0iUW
l7C9hzAc21PJvAP1DP6vL0a33oVw0k+6nfX9QIMbYbWiIEw/a7lB
-----END CERTIFICATE-----
Generated at Sun Sep 15 09:19:46 2024 by rpki-client on console-ams.rpki-client.org