Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/YbpqAGnNpUH_MSs8i_D7GcOU6xo.roa
File: YbpqAGnNpUH_MSs8i_D7GcOU6xo.roa (raw, json)
Hash identifier: EyRPf+w9t3Pwk73CtmZVGbK7nYJbd7i+IUQ3VpKp6CM=
Subject key identifier: 61:BA:6A:00:69:CD:A5:41:FF:31:2B:3C:8B:F0:FB:19:C3:94:EB:1A
Certificate issuer: /CN=73ef4bbafdc73e53c099d4d52e9c9effa8379b4f
Certificate serial: 018570D51D35B273C42101DBD9E5E7584DBF
Authority key identifier: 73:EF:4B:BA:FD:C7:3E:53:C0:99:D4:D5:2E:9C:9E:FF:A8:37:9B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-9Luv3HPlPAmdTVLpye_6g3m08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/YbpqAGnNpUH_MSs8i_D7GcOU6xo.roa
Signing time: Mon 02 Jan 2023 04:54:52 +0000
ROA not before: Mon 02 Jan 2023 04:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 45.67.69.0/24 maxlen: 24
45.67.71.0/24 maxlen: 24
45.67.68.0/24 maxlen: 24
45.67.70.0/24 maxlen: 24
2a09:71c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:1d:35:b2:73:c4:21:01:db:d9:e5:e7:58:4d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73ef4bbafdc73e53c099d4d52e9c9effa8379b4f
Validity
Not Before: Jan 2 04:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61ba6a0069cda541ff312b3c8bf0fb19c394eb1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a3:e9:6c:73:04:3f:32:2f:9c:c6:b0:b3:2c:
8b:9d:d3:f2:df:87:0e:9b:93:d6:30:b4:29:7b:93:
c0:2f:f6:c2:8d:bb:ce:5a:3e:16:68:31:c9:74:12:
e0:64:43:1c:59:65:d6:cf:a6:9e:f8:b5:d4:18:b5:
89:d8:cf:31:4b:56:c9:86:da:33:fb:67:d1:7c:fe:
64:e4:37:db:93:5b:75:8e:e5:fa:9d:dd:81:0b:c5:
c5:85:46:47:2c:9e:71:74:9c:e3:d4:f9:0b:ff:fd:
b8:fe:5d:35:bf:12:06:cd:20:23:71:01:ef:bc:a4:
9b:40:52:aa:a5:e3:af:a1:3d:c3:25:4b:75:8c:28:
33:34:2e:2a:3f:eb:c6:e3:97:a7:21:9a:81:bb:b0:
66:82:f5:1c:07:a6:71:5b:e1:d2:00:10:19:b4:1b:
f7:27:86:15:cb:f3:28:48:78:f8:9f:4f:0a:8b:94:
7d:f5:2d:54:92:93:9d:9c:04:59:3b:d4:40:d1:44:
ae:70:d2:7c:55:3f:17:70:69:63:62:64:dd:34:b6:
96:62:5f:f1:8d:98:09:01:70:f9:a9:d7:20:97:20:
06:6f:22:6f:0e:24:ed:0a:15:cf:23:bd:dc:07:03:
fc:36:72:c1:49:4a:07:03:79:70:6c:1c:98:4c:32:
82:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:6A:00:69:CD:A5:41:FF:31:2B:3C:8B:F0:FB:19:C3:94:EB:1A
X509v3 Authority Key Identifier:
keyid:73:EF:4B:BA:FD:C7:3E:53:C0:99:D4:D5:2E:9C:9E:FF:A8:37:9B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-9Luv3HPlPAmdTVLpye_6g3m08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/YbpqAGnNpUH_MSs8i_D7GcOU6xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/362a4d-9ae6-4012-b5b8-2cc753e53955/1/c-9Luv3HPlPAmdTVLpye_6g3m08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.68.0/22
IPv6:
2a09:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
38:67:ba:14:8b:d9:5b:07:20:91:dc:53:1c:9f:ae:08:54:b7:
56:3f:e2:c1:8f:47:58:72:8b:07:ae:93:e6:50:65:6c:b0:cb:
e2:82:65:97:e6:43:1f:22:6b:d3:57:30:a3:53:44:1a:93:74:
e8:94:43:0e:df:2d:ec:b6:10:0c:da:dc:3b:18:c6:eb:24:4e:
42:7a:f7:b6:36:49:62:1b:4c:2e:af:2c:c3:08:a2:08:48:3f:
25:06:92:50:9f:aa:c9:20:df:83:14:62:a2:1f:81:e2:1e:14:
22:44:b1:1e:65:ff:0a:d4:bd:1b:08:73:e3:d4:1e:3b:bf:5f:
65:46:05:56:92:d7:ce:3a:d0:19:bd:39:ac:72:82:12:67:00:
02:cf:e9:8a:85:67:a5:c7:16:0c:f9:88:82:4c:56:06:b5:3e:
88:a0:58:62:72:56:ae:de:31:b2:40:9b:ec:ec:48:5e:72:d1:
fe:09:87:1a:1a:1d:d3:71:01:21:6b:57:77:95:55:07:09:c3:
6d:b4:d1:75:ab:fc:b1:b7:82:2d:2a:06:4f:07:10:ff:1d:d3:
05:27:3f:b8:9c:53:8e:5d:bb:3e:b0:86:44:1e:da:99:13:61:
1b:09:8c:e3:03:11:b6:c0:c6:e4:a4:b7:73:6e:33:53:9e:1b:
bf:d9:68:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw1R01snPEIQHb2eXnWE2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZWY0YmJhZmRjNzNlNTNjMDk5ZDRkNTJlOWM5ZWZmYTgz
NzliNGYwHhcNMjMwMTAyMDQ1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJhNmEwMDY5Y2RhNTQxZmYzMTJiM2M4YmYwZmIxOWMzOTRlYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKPpbHMEPzIvnMawsyyLndPy34cO
m5PWMLQpe5PAL/bCjbvOWj4WaDHJdBLgZEMcWWXWz6ae+LXUGLWJ2M8xS1bJhtoz
+2fRfP5k5Dfbk1t1juX6nd2BC8XFhUZHLJ5xdJzj1PkL//24/l01vxIGzSAjcQHv
vKSbQFKqpeOvoT3DJUt1jCgzNC4qP+vG45enIZqBu7BmgvUcB6ZxW+HSABAZtBv3
J4YVy/MoSHj4n08Ki5R99S1UkpOdnARZO9RA0USucNJ8VT8XcGljYmTdNLaWYl/x
jZgJAXD5qdcglyAGbyJvDiTtChXPI73cBwP8NnLBSUoHA3lwbByYTDKCRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGG6agBpzaVB/zErPIvw+xnDlOsaMB8GA1UdIwQY
MBaAFHPvS7r9xz5TwJnU1S6cnv+oN5tPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy05THV2M0hQbFBBbWRUVkxweWVfNmczbTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zNjJhNGQtOWFlNi00MDEyLWI1Yjgt
MmNjNzUzZTUzOTU1LzEvWWJwcUFHbk5wVUhfTVNzOGlfRDdHY09VNnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zNjJhNGQtOWFlNi00MDEyLWI1YjgtMmNjNzUzZTUzOTU1
LzEvYy05THV2M0hQbFBBbWRUVkxweWVfNmczbTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNEMA0E
AgACMAcDBQMqCXHAMA0GCSqGSIb3DQEBCwUAA4IBAQA4Z7oUi9lbByCR3FMcn64I
VLdWP+LBj0dYcosHrpPmUGVssMvigmWX5kMfImvTVzCjU0Qak3TolEMO3y3sthAM
2tw7GMbrJE5Ceve2NkliG0wuryzDCKIISD8lBpJQn6rJIN+DFGKiH4HiHhQiRLEe
Zf8K1L0bCHPj1B47v19lRgVWktfOOtAZvTmscoISZwACz+mKhWelxxYM+YiCTFYG
tT6IoFhiclau3jGyQJvs7EhectH+CYcaGh3TcQEha1d3lVUHCcNttNF1q/yxt4It
KgZPBxD/HdMFJz+4nFOOXbs+sIZEHtqZE2EbCYzjAxG2wMbkpLdzbjNTnhu/2WgI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:51 2024 by rpki-client on console-ams.rpki-client.org