Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ry5K3-2b-IfnhCeIPvHLFqW6uSI.roa
File: ry5K3-2b-IfnhCeIPvHLFqW6uSI.roa (raw, json)
Hash identifier: OYylRUgSS+ATHoaru0HYBM+wm43ENFJa6XaY7C4F7OA=
Subject key identifier: AF:2E:4A:DF:ED:9B:F8:87:E7:84:27:88:3E:F1:CB:16:A5:BA:B9:22
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 0188A430F664EA5F48AAFC683ED72557E519
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ry5K3-2b-IfnhCeIPvHLFqW6uSI.roa
Signing time: Sat 10 Jun 2023 07:24:12 +0000
ROA not before: Sat 10 Jun 2023 07:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 192.35.206.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 08:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:30:f6:64:ea:5f:48:aa:fc:68:3e:d7:25:57:e5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jun 10 07:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af2e4adfed9bf887e78427883ef1cb16a5bab922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e6:08:27:9d:97:85:67:88:7a:15:f0:71:39:
ff:bb:91:95:21:2b:31:ca:03:40:57:64:d7:9e:b0:
2b:20:63:b8:5a:52:3c:9a:e0:82:5b:f9:dc:cc:7e:
7e:34:30:7c:d0:51:7b:0e:65:21:04:8a:db:2b:20:
7e:96:9e:96:9a:3c:36:81:f8:2f:0f:34:42:02:20:
db:88:e1:c1:17:99:10:af:40:be:8c:3f:82:a4:9a:
7b:d8:23:cb:ba:a1:16:76:fe:56:0f:de:0c:ea:2c:
e1:12:bd:10:ed:5b:04:39:15:f6:5c:a9:4b:76:c5:
ef:0a:e3:05:fa:d9:e3:50:86:14:45:bc:d8:e1:9c:
4f:7c:bb:9e:61:4d:55:e7:87:a3:be:b1:85:df:20:
0f:ff:ab:45:de:37:06:f3:84:71:ed:10:c5:43:3f:
b4:89:59:1c:4b:d9:00:2a:32:91:0f:e1:9c:a4:2f:
c2:69:c1:01:64:9f:cb:0b:68:30:7a:ec:99:96:6e:
f2:ff:39:9a:94:3c:da:50:9b:cb:e7:7a:ac:c3:5e:
eb:d9:ab:72:1f:c9:50:56:bb:f2:64:e3:10:ec:de:
24:64:07:35:9f:80:ef:c8:ab:a5:b2:ff:35:d7:91:
8e:e7:36:3a:de:d4:6c:d1:f4:fe:2e:a7:92:c2:85:
8d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2E:4A:DF:ED:9B:F8:87:E7:84:27:88:3E:F1:CB:16:A5:BA:B9:22
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/ry5K3-2b-IfnhCeIPvHLFqW6uSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
192.35.206.0/24
Signature Algorithm: sha256WithRSAEncryption
53:54:a5:75:2d:d8:84:af:a7:45:70:2e:e1:23:6a:0b:45:cc:
7e:e6:c9:50:63:69:7c:8f:30:1e:9d:ea:0c:4e:f7:29:72:e8:
c6:4a:79:bf:21:93:fa:83:47:b5:ee:2d:7d:7f:39:ab:ef:54:
5a:11:21:fc:46:15:95:86:0a:0e:ab:a5:32:87:a7:0e:82:59:
ad:fd:08:d6:f6:0e:c9:9e:1e:ae:b3:70:8d:31:71:9f:11:f5:
a5:f5:bf:fb:1b:90:00:3e:65:79:ec:b7:f9:70:b7:b8:cf:74:
86:69:50:f6:66:14:b1:42:c0:34:09:87:a5:39:5b:3f:c6:b3:
e2:6d:9f:01:70:c9:b0:ae:33:98:0b:b5:b4:37:7f:1f:ea:aa:
22:db:02:9b:4f:04:82:8c:aa:90:ca:93:de:bb:0b:07:0d:44:
7d:b8:47:59:5a:a1:43:58:4a:dc:93:6f:05:46:0b:f0:80:54:
d7:20:5e:73:f9:ba:0a:e4:d7:5e:10:6b:d1:2d:cc:99:5d:91:
99:c3:3e:0f:e9:dd:0e:1f:e1:91:e2:45:8b:27:b0:ff:b4:d2:
58:35:e5:2a:68:48:e9:3b:0a:63:b7:03:8c:78:5e:ab:24:62:
35:c6:23:20:b3:a0:ef:13:1d:2f:1a:66:f0:34:77:4f:db:9d:
50:1c:65:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYikMPZk6l9IqvxoPtclV+UZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwNjEwMDcyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjJlNGFkZmVkOWJmODg3ZTc4NDI3ODgzZWYxY2IxNmE1YmFiOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluYIJ52XhWeIehXwcTn/u5GVISsx
ygNAV2TXnrArIGO4WlI8muCCW/nczH5+NDB80FF7DmUhBIrbKyB+lp6Wmjw2gfgv
DzRCAiDbiOHBF5kQr0C+jD+CpJp72CPLuqEWdv5WD94M6izhEr0Q7VsEORX2XKlL
dsXvCuMF+tnjUIYURbzY4ZxPfLueYU1V54ejvrGF3yAP/6tF3jcG84Rx7RDFQz+0
iVkcS9kAKjKRD+GcpC/CacEBZJ/LC2gweuyZlm7y/zmalDzaUJvL53qsw17r2aty
H8lQVrvyZOMQ7N4kZAc1n4DvyKulsv8115GO5zY63tRs0fT+LqeSwoWNRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8uSt/tm/iH54QniD7xyxalurkiMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvcnk1SzMtMmItSWZuaENlSVB2SExGcVc2dVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHxkLAwQA
k72jAwQAwCPOMA0GCSqGSIb3DQEBCwUAA4IBAQBTVKV1LdiEr6dFcC7hI2oLRcx+
5slQY2l8jzAeneoMTvcpcujGSnm/IZP6g0e17i19fzmr71RaESH8RhWVhgoOq6Uy
h6cOglmt/QjW9g7Jnh6us3CNMXGfEfWl9b/7G5AAPmV57Lf5cLe4z3SGaVD2ZhSx
QsA0CYelOVs/xrPibZ8BcMmwrjOYC7W0N38f6qoi2wKbTwSCjKqQypPeuwsHDUR9
uEdZWqFDWErck28FRgvwgFTXIF5z+boK5NdeEGvRLcyZXZGZwz4P6d0OH+GR4kWL
J7D/tNJYNeUqaEjpOwpjtwOMeF6rJGI1xiMgs6DvEx0vGmbwNHdP251QHGV3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org