Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/fY9Bg-02-jruZ18WVspD-F5LBXY.roa
File: fY9Bg-02-jruZ18WVspD-F5LBXY.roa (raw, json)
Hash identifier: G4gJj0z6A0ZwOj1H/GM7Y5V1cYl396d2G/82lkCuNY0=
Subject key identifier: 7D:8F:41:83:ED:36:FA:3A:EE:67:5F:16:56:CA:43:F8:5E:4B:05:76
Certificate issuer: /CN=29184647248b55523999cbb7fe5b20a99fe73be3
Certificate serial: 018CC34917959F25DDFD88CA54235C484642
Authority key identifier: 29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/fY9Bg-02-jruZ18WVspD-F5LBXY.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20514
IP address blocks: 217.151.207.0/24 maxlen: 24
185.166.32.0/22 maxlen: 23
217.151.192.0/21 maxlen: 21
217.151.192.0/20 maxlen: 20
2a03:c300::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Jun 2024 15:28:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:17:95:9f:25:dd:fd:88:ca:54:23:5c:48:46:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29184647248b55523999cbb7fe5b20a99fe73be3
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8f4183ed36fa3aee675f1656ca43f85e4b0576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:71:cf:26:20:10:6f:90:cd:cc:5d:8a:1d:2b:
3a:d2:c5:64:7b:4a:19:24:bd:13:fe:7f:c8:30:a7:
4b:4d:85:ff:44:36:e3:43:53:28:53:88:3e:10:83:
ad:c8:32:95:51:b5:f4:3e:a9:9f:79:a1:f3:8d:4d:
65:34:e7:e3:f2:7a:ef:58:9e:93:8f:c5:ce:b8:ff:
51:e0:7b:52:35:1e:3f:44:a2:9d:85:25:04:52:eb:
84:d8:c4:4e:54:a3:74:d8:10:2c:7f:a2:e5:8a:7b:
b0:8c:c2:a4:49:20:60:34:e1:39:f0:82:92:2f:35:
5e:78:d0:37:9c:d9:ae:6d:c8:a9:2f:2d:5d:4c:93:
29:09:04:b5:fd:a9:2b:c7:4a:13:82:86:f5:1e:91:
1f:7f:19:10:df:ca:29:a5:52:4b:e1:cf:5e:74:94:
ef:9d:a3:3a:61:02:10:ce:a9:92:87:b4:ab:e5:69:
93:d0:ca:03:44:ed:fb:05:60:5f:71:cb:2e:49:d8:
cf:98:ec:7b:6b:a3:65:fe:0d:25:ad:01:7b:b5:c2:
55:84:7f:44:52:20:bd:2d:85:29:bb:08:db:a5:97:
41:d8:d7:9c:f9:f7:7f:9c:5b:8f:63:a8:c0:63:09:
35:ae:26:a3:27:c8:20:b8:d1:5d:e8:53:18:05:7b:
2c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8F:41:83:ED:36:FA:3A:EE:67:5F:16:56:CA:43:F8:5E:4B:05:76
X509v3 Authority Key Identifier:
keyid:29:18:46:47:24:8B:55:52:39:99:CB:B7:FE:5B:20:A9:9F:E7:3B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRhGRySLVVI5mcu3_lsgqZ_nO-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/fY9Bg-02-jruZ18WVspD-F5LBXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/56036b-23d8-4b37-b546-8fc2373fc26e/1/KRhGRySLVVI5mcu3_lsgqZ_nO-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.32.0/22
217.151.192.0/20
IPv6:
2a03:c300::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ed:a9:df:af:d0:d9:ec:61:b2:8c:ba:e2:17:c1:3a:0e:d9:
0b:5f:dc:04:5d:87:75:21:27:c9:7e:78:27:bf:d8:d5:36:93:
58:a3:33:f4:40:0a:a4:06:f7:c2:3f:6d:4d:0a:e1:44:51:cf:
9d:a6:5f:d7:79:d6:8b:eb:c0:4b:15:0e:cd:b6:bb:41:d1:b9:
41:b2:5a:e2:34:5e:37:93:96:a0:ca:09:62:3c:f2:d6:85:22:
5b:fc:b4:3b:84:b8:e7:50:d9:f8:8e:75:97:3d:21:b3:1e:d9:
a7:5b:ff:72:a2:2d:b6:31:52:0d:4b:c8:b4:5c:f2:2d:db:e6:
c4:b8:c9:9f:4c:1a:d0:80:d8:66:0b:d5:f6:66:d4:bd:99:f9:
1e:92:0d:4a:6f:b9:47:26:45:6e:b6:c0:d7:50:15:60:58:0f:
c6:10:52:ea:d4:18:e7:cb:63:15:d3:b0:40:62:22:61:b9:47:
47:c3:92:3b:e0:20:e2:cc:4b:af:c0:99:0a:c1:f7:86:fa:43:
85:d3:fb:d9:3a:7d:74:91:a7:a1:92:59:9d:8a:0e:48:74:16:
8b:62:d1:1b:32:ba:90:19:22:4e:ed:8a:83:ad:22:38:24:75:
3c:e5:98:45:b7:e8:e1:7a:b0:88:f5:38:3c:9d:c4:14:77:d9:
b1:7d:d7:d9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSReVnyXd/YjKVCNcSEZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTg0NjQ3MjQ4YjU1NTIzOTk5Y2JiN2ZlNWIyMGE5OWZl
NzNiZTMwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhmNDE4M2VkMzZmYTNhZWU2NzVmMTY1NmNhNDNmODVlNGIwNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3HPJiAQb5DNzF2KHSs60sVke0oZ
JL0T/n/IMKdLTYX/RDbjQ1MoU4g+EIOtyDKVUbX0PqmfeaHzjU1lNOfj8nrvWJ6T
j8XOuP9R4HtSNR4/RKKdhSUEUuuE2MROVKN02BAsf6LlinuwjMKkSSBgNOE58IKS
LzVeeNA3nNmubcipLy1dTJMpCQS1/akrx0oTgob1HpEffxkQ38oppVJL4c9edJTv
naM6YQIQzqmSh7Sr5WmT0MoDRO37BWBfccsuSdjPmOx7a6Nl/g0lrQF7tcJVhH9E
UiC9LYUpuwjbpZdB2Nec+fd/nFuPY6jAYwk1riajJ8gguNFd6FMYBXss/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH2PQYPtNvo67mdfFlbKQ/heSwV2MB8GA1UdIwQY
MBaAFCkYRkcki1VSOZnLt/5bIKmf5zvjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYt
OGZjMjM3M2ZjMjZlLzEvZlk5QmctMDItanJ1WjE4V1ZzcEQtRjVMQlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NjAzNmItMjNkOC00YjM3LWI1NDYtOGZjMjM3M2ZjMjZl
LzEvS1JoR1J5U0xWVkk1bWN1M19sc2dxWl9uTy1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaYgAwQE
2ZfAMA0EAgACMAcDBQAqA8MAMA0GCSqGSIb3DQEBCwUAA4IBAQAO7anfr9DZ7GGy
jLriF8E6DtkLX9wEXYd1ISfJfngnv9jVNpNYozP0QAqkBvfCP21NCuFEUc+dpl/X
edaL68BLFQ7NtrtB0blBslriNF43k5agygliPPLWhSJb/LQ7hLjnUNn4jnWXPSGz
HtmnW/9yoi22MVINS8i0XPIt2+bEuMmfTBrQgNhmC9X2ZtS9mfkekg1Kb7lHJkVu
tsDXUBVgWA/GEFLq1Bjny2MV07BAYiJhuUdHw5I74CDizEuvwJkKwfeG+kOF0/vZ
On10kaehklmdig5IdBaLYtEbMrqQGSJO7YqDrSI4JHU85ZhFt+jherCI9Tg8ncQU
d9mxfdfZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:35 2024 by rpki-client on console-ams.rpki-client.org