Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/YpH_Kbukt_K5IhyCtOOpXwEFaD0.roa
File: YpH_Kbukt_K5IhyCtOOpXwEFaD0.roa (raw, json)
Hash identifier: YxX0tdq+iaLRrbsqFrs/kYbAnTdMMcM/BIKbd0oqUik=
Subject key identifier: 62:91:FF:29:BB:A4:B7:F2:B9:22:1C:82:B4:E3:A9:5F:01:05:68:3D
Certificate issuer: /CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Certificate serial: 01856D81853493C5E790FE7627A627B3CE86
Authority key identifier: EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/YpH_Kbukt_K5IhyCtOOpXwEFaD0.roa
Signing time: Sun 01 Jan 2023 13:24:42 +0000
ROA not before: Sun 01 Jan 2023 13:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42598
IP address blocks: 194.55.4.0/24 maxlen: 24
194.55.6.0/24 maxlen: 24
194.55.5.0/24 maxlen: 24
2a0c:ca40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 19 Sep 2023 22:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:85:34:93:c5:e7:90:fe:76:27:a6:27:b3:ce:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Validity
Not Before: Jan 1 13:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6291ff29bba4b7f2b9221c82b4e3a95f0105683d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9d:63:c8:2d:63:00:54:d7:a0:23:c7:07:b5:
53:7c:00:0b:0c:d6:ac:ce:e0:29:8e:76:b8:ef:a3:
aa:00:93:70:ad:ba:68:d4:5a:2d:8c:a2:a4:86:b4:
59:53:0d:9b:0f:42:06:68:06:35:6a:dc:30:8c:62:
33:83:fd:5b:a8:1a:39:d3:fe:d4:01:c4:f5:97:7b:
1f:1b:ea:25:cc:ab:8e:41:44:8d:4f:67:09:25:12:
a6:0d:02:f1:15:be:24:3c:de:69:d8:bc:75:ec:94:
7e:9b:e3:e4:5e:80:ca:25:d8:5a:f0:11:2f:17:ec:
2e:0c:cb:de:4d:ea:ce:e6:34:e3:7c:ce:53:ba:a7:
fc:ba:fc:2e:11:e0:86:68:92:d3:57:3c:a9:e3:7d:
0a:e6:9b:bd:2d:d4:c4:0b:53:e7:2d:44:77:ab:fc:
4a:ce:f4:d7:b5:d1:a0:19:72:40:bf:94:22:f5:77:
2b:e1:b8:d8:a5:ea:d2:b1:cd:a5:c7:9f:98:38:9e:
15:5b:49:3b:df:33:b7:08:89:0b:d5:fa:e6:fe:a6:
d1:a2:b7:b5:2d:80:92:3a:17:56:3b:5e:41:2f:d4:
3e:c1:bb:96:68:24:f2:97:8a:52:de:8b:10:be:b5:
ea:a5:5b:50:fa:9c:2f:0d:42:e9:39:b9:c6:28:e4:
2f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:91:FF:29:BB:A4:B7:F2:B9:22:1C:82:B4:E3:A9:5F:01:05:68:3D
X509v3 Authority Key Identifier:
keyid:EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/YpH_Kbukt_K5IhyCtOOpXwEFaD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.4.0-194.55.6.255
IPv6:
2a0c:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
67:82:68:80:fd:e5:dc:62:d7:7c:62:d7:31:13:57:ca:96:d6:
52:c5:87:41:8e:c5:2d:4c:e0:17:00:28:ce:14:98:64:fe:84:
47:2c:3b:06:fa:21:37:2e:69:5a:31:df:0f:6f:a5:47:c1:83:
81:52:6a:0b:b0:c4:bf:dc:c0:7e:6a:70:7f:ed:4a:1e:52:58:
1c:48:6f:2a:ed:81:a7:ab:df:41:0f:f7:0a:f7:16:13:d1:8a:
c9:af:00:3e:aa:aa:42:53:00:6b:0a:a4:d9:fb:bb:68:22:10:
ae:d5:6d:13:75:80:7c:0a:ba:9f:2c:36:7d:aa:60:23:a2:a1:
d3:00:74:64:b9:c2:e7:a1:50:c9:fd:58:2b:ba:b5:89:b1:43:
24:1a:11:78:19:5b:2d:01:5e:4e:34:ba:76:c2:29:1d:8d:5b:
61:53:8a:b5:cf:eb:7a:72:3b:33:27:fc:4d:ec:d8:fe:92:8b:
d4:31:3f:db:2f:af:33:a4:a6:54:6e:c2:9d:3c:6b:89:dc:6d:
4d:23:4e:86:24:74:17:e4:5d:91:ef:43:8b:34:82:53:07:e6:
c5:ed:fc:2a:3c:9e:7a:5d:b1:0a:b8:f7:0b:af:03:f6:63:23:
16:4b:c5:62:f9:ea:fe:39:41:2b:14:ff:82:60:13:f9:6e:49:
0a:6d:2d:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtgYU0k8XnkP52J6Yns86GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViN2M4MjJkMWU5NDUxN2M4ODUxNWNjOWIzZmMyYmRlMTI5
YjQ1NGMwHhcNMjMwMTAxMTMyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkxZmYyOWJiYTRiN2YyYjkyMjFjODJiNGUzYTk1ZjAxMDU2ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv51jyC1jAFTXoCPHB7VTfAALDNas
zuApjna476OqAJNwrbpo1FotjKKkhrRZUw2bD0IGaAY1atwwjGIzg/1bqBo50/7U
AcT1l3sfG+olzKuOQUSNT2cJJRKmDQLxFb4kPN5p2Lx17JR+m+PkXoDKJdha8BEv
F+wuDMveTerO5jTjfM5Tuqf8uvwuEeCGaJLTVzyp430K5pu9LdTEC1PnLUR3q/xK
zvTXtdGgGXJAv5Qi9Xcr4bjYperSsc2lx5+YOJ4VW0k73zO3CIkL1frm/qbRore1
LYCSOhdWO15BL9Q+wbuWaCTyl4pS3osQvrXqpVtQ+pwvDULpObnGKOQvEQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGKR/ym7pLfyuSIcgrTjqV8BBWg9MB8GA1UdIwQY
MBaAFOt8gi0elFF8iFFcybP8K94Sm0VMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQt
MTA2NDUwNGUyYjk3LzEvWXBIX0tidWt0X0s1SWh5Q3RPT3BYd0VGYUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQtMTA2NDUwNGUyYjk3
LzEvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBALCNwQD
BADCNwYwDQQCAAIwBwMFAyoMykAwDQYJKoZIhvcNAQELBQADggEBAGeCaID95dxi
13xi1zETV8qW1lLFh0GOxS1M4BcAKM4UmGT+hEcsOwb6ITcuaVox3w9vpUfBg4FS
aguwxL/cwH5qcH/tSh5SWBxIbyrtgaer30EP9wr3FhPRismvAD6qqkJTAGsKpNn7
u2giEK7VbRN1gHwKup8sNn2qYCOiodMAdGS5wuehUMn9WCu6tYmxQyQaEXgZWy0B
Xk40unbCKR2NW2FTirXP63pyOzMn/E3s2P6Si9QxP9svrzOkplRuwp08a4ncbU0j
ToYkdBfkXZHvQ4s0glMH5sXt/Co8nnpdsQq49wuvA/ZjIxZLxWL56v45QSsU/4Jg
E/luSQptLa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:49 2024 by rpki-client on console-fra.rpki-client.org