Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/CYU79aGQAoW-PVRibwDkTsns-JE.roa
File: CYU79aGQAoW-PVRibwDkTsns-JE.roa (raw, json)
Hash identifier: JX+yO/oge8cwTCwqEftNPRRvG4iriI+/RlL3/8v/PwQ=
Subject key identifier: 09:85:3B:F5:A1:90:02:85:BE:3D:54:62:6F:00:E4:4E:C9:EC:F8:91
Certificate issuer: /CN=e79dc5435a2dc97e365ff49570c04d513f6fced2
Certificate serial: 01857094E5F385F72F4E1D8D1A94C92A4419
Authority key identifier: E7:9D:C5:43:5A:2D:C9:7E:36:5F:F4:95:70:C0:4D:51:3F:6F:CE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/553FQ1otyX42X_SVcMBNUT9vztI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/CYU79aGQAoW-PVRibwDkTsns-JE.roa
Signing time: Mon 02 Jan 2023 03:44:44 +0000
ROA not before: Mon 02 Jan 2023 03:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208355
IP address blocks: 152.89.72.0/22 maxlen: 22
2a06:8200::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:e5:f3:85:f7:2f:4e:1d:8d:1a:94:c9:2a:44:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e79dc5435a2dc97e365ff49570c04d513f6fced2
Validity
Not Before: Jan 2 03:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09853bf5a1900285be3d54626f00e44ec9ecf891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:38:1f:2f:1c:21:20:f3:69:51:07:bd:a7:12:
41:33:a0:54:37:ec:2a:93:ba:be:e6:a8:57:8b:38:
4a:a6:21:39:d6:8c:20:f9:94:96:aa:7c:50:91:e1:
c2:2f:28:79:72:36:f7:e2:cf:cb:80:96:17:db:17:
ce:49:0b:dd:ff:65:62:c6:3c:4c:bd:2b:7f:62:d4:
27:93:ed:30:dd:1d:f0:0e:58:dc:b2:d1:72:24:86:
b9:c8:2b:29:ca:8d:ab:86:2b:93:e0:04:45:bd:63:
8c:b1:5c:28:1d:2d:c6:09:b0:fc:ed:a8:0e:74:37:
9b:9c:db:09:ec:f0:5a:8a:d8:ca:0e:c7:05:be:8a:
d5:4e:a6:74:63:a6:97:70:4a:de:a8:f0:f0:f9:96:
93:84:27:a4:db:9a:21:13:c3:cf:c3:0a:85:21:cb:
33:82:e1:b7:46:40:36:f9:c1:bc:62:62:d0:0b:de:
6a:13:31:01:0d:53:e5:28:28:5a:d8:e6:ba:53:1c:
d7:96:6c:7a:17:65:09:02:2a:3d:f8:2d:1b:c7:0f:
dc:75:43:c6:19:09:17:69:b4:a4:f2:ae:9a:86:b0:
1e:87:fa:c4:a6:f6:a5:7e:65:f4:14:38:0e:da:97:
f0:4a:2d:0c:7b:64:d9:5e:33:39:fb:1b:b0:fb:88:
e3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:85:3B:F5:A1:90:02:85:BE:3D:54:62:6F:00:E4:4E:C9:EC:F8:91
X509v3 Authority Key Identifier:
keyid:E7:9D:C5:43:5A:2D:C9:7E:36:5F:F4:95:70:C0:4D:51:3F:6F:CE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/553FQ1otyX42X_SVcMBNUT9vztI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/CYU79aGQAoW-PVRibwDkTsns-JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/553FQ1otyX42X_SVcMBNUT9vztI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.72.0/22
IPv6:
2a06:8200::/32
Signature Algorithm: sha256WithRSAEncryption
4e:31:bc:77:86:12:95:90:2b:b5:0f:af:46:14:4d:8e:aa:bf:
23:af:79:f5:86:61:68:81:32:ea:6b:9b:56:28:53:d7:ee:42:
96:65:91:4c:79:ec:98:8b:3c:68:29:38:5f:0e:65:a2:f2:63:
fb:5b:24:d3:c3:99:e7:94:f2:3e:2d:12:14:b9:34:d1:33:97:
f9:38:37:d7:fb:8c:68:40:34:67:34:9a:20:3a:55:30:3f:58:
93:09:f3:cc:50:68:10:5c:ce:30:6d:22:00:fe:b9:d1:75:00:
68:65:24:fa:4b:0f:86:77:61:eb:18:a6:f4:f0:d0:c7:bd:d1:
46:56:c4:d0:b0:ef:e0:cc:c0:9f:78:fb:33:67:6d:27:9a:2a:
54:5b:82:d4:7c:77:4a:9c:13:e3:b8:2f:1e:e7:b1:dc:fc:a3:
79:00:1d:13:5e:e2:c7:42:59:4f:f9:ca:db:00:6d:10:b4:4c:
58:83:7c:65:a0:9d:07:75:96:22:d5:3b:71:e4:f8:35:11:08:
86:db:91:ac:06:31:18:eb:eb:8e:00:ba:e6:df:d3:48:e7:83:
0e:9d:2e:4f:72:c9:78:1e:17:0a:ea:2e:66:59:30:79:24:02:
53:f6:aa:38:f9:47:ff:f5:34:25:2d:5a:e0:55:b1:80:e1:fd:
d9:6d:6f:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwlOXzhfcvTh2NGpTJKkQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OWRjNTQzNWEyZGM5N2UzNjVmZjQ5NTcwYzA0ZDUxM2Y2
ZmNlZDIwHhcNMjMwMTAyMDM0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg1M2JmNWExOTAwMjg1YmUzZDU0NjI2ZjAwZTQ0ZWM5ZWNmODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijgfLxwhIPNpUQe9pxJBM6BUN+wq
k7q+5qhXizhKpiE51owg+ZSWqnxQkeHCLyh5cjb34s/LgJYX2xfOSQvd/2VixjxM
vSt/YtQnk+0w3R3wDljcstFyJIa5yCspyo2rhiuT4ARFvWOMsVwoHS3GCbD87agO
dDebnNsJ7PBaitjKDscFvorVTqZ0Y6aXcEreqPDw+ZaThCek25ohE8PPwwqFIcsz
guG3RkA2+cG8YmLQC95qEzEBDVPlKCha2Oa6UxzXlmx6F2UJAio9+C0bxw/cdUPG
GQkXabSk8q6ahrAeh/rEpvalfmX0FDgO2pfwSi0Me2TZXjM5+xuw+4jjFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAmFO/WhkAKFvj1UYm8A5E7J7PiRMB8GA1UdIwQY
MBaAFOedxUNaLcl+Nl/0lXDATVE/b87SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTUzRlExb3R5WDQyWF9TVmNNQk5VVDl2enRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jZTk1YmUtYTM3YS00YzIzLWI5Y2It
NzA2NTU0Zjg4MDQ2LzEvQ1lVNzlhR1FBb1ctUFZSaWJ3RGtUc25zLUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jZTk1YmUtYTM3YS00YzIzLWI5Y2ItNzA2NTU0Zjg4MDQ2
LzEvNTUzRlExb3R5WDQyWF9TVmNNQk5VVDl2enRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFlIMA0E
AgACMAcDBQAqBoIAMA0GCSqGSIb3DQEBCwUAA4IBAQBOMbx3hhKVkCu1D69GFE2O
qr8jr3n1hmFogTLqa5tWKFPX7kKWZZFMeeyYizxoKThfDmWi8mP7WyTTw5nnlPI+
LRIUuTTRM5f5ODfX+4xoQDRnNJogOlUwP1iTCfPMUGgQXM4wbSIA/rnRdQBoZST6
Sw+Gd2HrGKb08NDHvdFGVsTQsO/gzMCfePszZ20nmipUW4LUfHdKnBPjuC8e57Hc
/KN5AB0TXuLHQllP+crbAG0QtExYg3xloJ0HdZYi1Ttx5Pg1EQiG25GsBjEY6+uO
ALrm39NI54MOnS5Pcsl4HhcK6i5mWTB5JAJT9qo4+Uf/9TQlLVrgVbGA4f3ZbW+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:41 2024 by rpki-client on console-fra.rpki-client.org