Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yJmgxzGA7qUPsq15EnXtJfRfVqE.roa
File: yJmgxzGA7qUPsq15EnXtJfRfVqE.roa (raw, json)
Hash identifier: +K3YVKu+Ch7FpAO95PNdI2dwlAnRRlXyuNYwRYgd2lk=
Subject key identifier: C8:99:A0:C7:31:80:EE:A5:0F:B2:AD:79:12:75:ED:25:F4:5F:56:A1
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01887C86D94943751E0A18F30908965C16D9
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yJmgxzGA7qUPsq15EnXtJfRfVqE.roa
Signing time: Fri 02 Jun 2023 14:33:12 +0000
ROA not before: Fri 02 Jun 2023 14:33:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13115
IP address blocks: 213.145.64.0/20 maxlen: 24
213.145.80.0/20 maxlen: 24
2001:41f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 03 Jun 2023 19:13:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:86:d9:49:43:75:1e:0a:18:f3:09:08:96:5c:16:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 2 14:33:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c899a0c73180eea50fb2ad791275ed25f45f56a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:24:80:cb:cd:07:6e:16:76:c7:6d:c6:b4:
e9:be:8c:38:2b:2e:0b:79:90:fa:7c:77:d0:52:c6:
13:0e:86:69:51:4c:36:12:d7:d8:5a:5b:67:dc:bf:
16:2e:d4:20:05:19:50:68:72:f6:ff:f3:5d:fb:0d:
25:78:ed:94:91:a4:5c:be:ad:34:9c:85:bd:8d:a2:
46:5e:a4:18:69:40:5f:79:e8:0d:88:65:de:c8:ae:
ac:fc:73:a5:e4:23:ee:3d:d0:66:dd:c5:4b:84:54:
45:6d:6f:f7:0e:31:dc:7e:df:df:02:89:50:c2:c1:
04:21:0e:e2:ea:7e:21:6b:fc:64:89:d4:8f:8a:04:
b8:8a:d8:07:c7:38:04:09:e2:01:1b:7b:6e:71:2e:
87:49:e7:41:a3:41:4e:31:0b:17:e2:4b:54:fe:d9:
ff:07:be:d6:95:9f:b2:c1:54:fb:f4:14:ae:fa:3d:
06:bf:f6:49:90:41:3f:65:52:ea:8d:45:ac:fb:90:
be:45:fa:4e:a6:a4:36:f2:3d:93:bf:5d:1b:1c:e3:
42:39:fc:ed:63:1c:d2:23:90:0a:e4:10:92:17:13:
4a:4f:26:b7:87:62:3f:e2:66:14:f2:1e:66:dc:3e:
9b:c5:5e:0a:53:d1:70:dd:13:66:39:bb:df:3a:30:
b2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:99:A0:C7:31:80:EE:A5:0F:B2:AD:79:12:75:ED:25:F4:5F:56:A1
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/yJmgxzGA7qUPsq15EnXtJfRfVqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.64.0/19
IPv6:
2001:41f8::/32
Signature Algorithm: sha256WithRSAEncryption
ae:71:95:e5:09:24:d7:d7:eb:4d:13:a6:0d:ae:e2:ef:e8:36:
ea:a1:e3:9e:39:bc:b5:54:87:f9:72:2b:80:1a:e8:9d:b9:f4:
29:84:86:aa:6d:80:e6:db:21:96:2f:d6:03:4e:f7:3b:62:d6:
ec:37:e3:2f:de:20:15:61:bd:83:de:95:89:c6:40:c6:f9:d1:
d0:2c:24:1f:e0:23:b1:a9:3b:af:5b:8c:c0:f4:aa:b2:87:30:
1d:29:15:9a:07:5b:e4:21:10:56:69:13:ab:4d:21:7a:cc:d7:
90:95:c4:e6:c1:a2:75:d9:de:72:61:1a:bf:02:19:21:6c:94:
b7:44:6e:29:47:26:fb:31:66:f7:f6:2a:f2:d2:36:3b:e6:e0:
bb:11:14:8d:8b:8a:15:6f:8e:68:8c:d5:4b:54:5d:fa:3a:51:
7a:3e:2f:81:bc:07:9e:16:03:06:63:2f:a9:5c:09:ec:0d:08:
bf:25:a2:97:ee:4b:b4:7c:f3:57:c1:a4:c5:a1:d2:0d:66:a6:
5d:72:12:ed:b2:39:2f:24:3b:94:0c:d5:0d:d5:43:7a:12:8d:
f6:3b:36:92:d3:14:26:80:9c:a9:19:5b:86:29:25:c6:0b:3e:
cd:49:cb:c3:e4:f6:01:64:b3:18:15:06:85:b4:8d:bd:28:7f:
16:53:00:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYh8htlJQ3UeChjzCQiWXBbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNjAyMTQzMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk5YTBjNzMxODBlZWE1MGZiMmFkNzkxMjc1ZWQyNWY0NWY1NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdUkgMvNB24WdsdtxrTpvow4Ky4L
eZD6fHfQUsYTDoZpUUw2EtfYWltn3L8WLtQgBRlQaHL2//Nd+w0leO2UkaRcvq00
nIW9jaJGXqQYaUBfeegNiGXeyK6s/HOl5CPuPdBm3cVLhFRFbW/3DjHcft/fAolQ
wsEEIQ7i6n4ha/xkidSPigS4itgHxzgECeIBG3tucS6HSedBo0FOMQsX4ktU/tn/
B77WlZ+ywVT79BSu+j0Gv/ZJkEE/ZVLqjUWs+5C+RfpOpqQ28j2Tv10bHONCOfzt
YxzSI5AK5BCSFxNKTya3h2I/4mYU8h5m3D6bxV4KU9Fw3RNmObvfOjCyewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMiZoMcxgO6lD7KteRJ17SX0X1ahMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEveUptZ3h6R0E3cVVQc3ExNUVuWHRKZlJmVnFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ZFAMA0E
AgACMAcDBQAgAUH4MA0GCSqGSIb3DQEBCwUAA4IBAQCucZXlCSTX1+tNE6YNruLv
6DbqoeOeOby1VIf5ciuAGuidufQphIaqbYDm2yGWL9YDTvc7YtbsN+Mv3iAVYb2D
3pWJxkDG+dHQLCQf4COxqTuvW4zA9KqyhzAdKRWaB1vkIRBWaROrTSF6zNeQlcTm
waJ12d5yYRq/AhkhbJS3RG4pRyb7MWb39iry0jY75uC7ERSNi4oVb45ojNVLVF36
OlF6Pi+BvAeeFgMGYy+pXAnsDQi/JaKX7ku0fPNXwaTFodINZqZdchLtsjkvJDuU
DNUN1UN6Eo32OzaS0xQmgJypGVuGKSXGCz7NScvD5PYBZLMYFQaFtI29KH8WUwD4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org