Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YP4tAk2q235olUZcl4qlTMNv88E.roa
File: YP4tAk2q235olUZcl4qlTMNv88E.roa (raw, json)
Hash identifier: pBh7dit5TyWh5BlJei6pXkVhyPPn9VcHY3w7cVC0JYM=
Subject key identifier: 60:FE:2D:02:4D:AA:DB:7E:68:95:46:5C:97:8A:A5:4C:C3:6F:F3:C1
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 01856FD4F954EFA8B06506E81A99AD7A4EE2
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YP4tAk2q235olUZcl4qlTMNv88E.roa
Signing time: Mon 02 Jan 2023 00:15:06 +0000
ROA not before: Mon 02 Jan 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63593
IP address blocks: 192.169.104.0/24 maxlen: 24
192.169.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f9:54:ef:a8:b0:65:06:e8:1a:99:ad:7a:4e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 2 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60fe2d024daadb7e6895465c978aa54cc36ff3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:35:5d:71:73:a5:fd:4e:0b:64:9b:07:44:
c7:c1:5a:bd:26:d0:a5:52:06:ef:b2:fc:e3:2f:1a:
65:f1:fc:b2:b9:ba:0c:dd:bd:c7:e7:ef:1c:4e:f5:
b8:ca:fd:29:e7:f4:1a:ea:2d:45:ad:a7:4f:fb:0e:
6e:be:52:88:c8:93:7b:af:8d:8c:61:1b:5e:f7:bb:
d6:39:c3:79:ca:d7:f0:37:f6:89:d0:90:d3:7f:24:
8d:98:f8:24:ba:d2:48:29:a0:43:00:16:97:88:1a:
f8:18:ec:3a:96:27:9e:d0:c5:35:38:62:43:d2:43:
e0:17:07:de:25:4d:99:01:c5:30:eb:7c:b0:5d:af:
de:1e:7c:fa:a1:ef:2d:d5:3e:c2:47:f1:12:d1:55:
87:fb:61:72:d2:22:a1:41:0a:5b:8d:21:4d:8e:1b:
71:f3:a6:bf:b5:d9:f7:18:2c:b2:8a:e7:fe:da:00:
91:4c:26:d6:56:b5:52:bf:ac:1f:18:ea:e9:97:87:
b9:de:02:55:f7:25:b0:4a:1d:22:24:f5:1d:3e:22:
6e:51:d7:d9:0e:dc:7b:9e:4f:2b:89:f9:0f:79:c3:
ca:78:23:76:56:a8:0f:e0:9a:55:9a:e1:51:f6:2a:
bb:84:e8:1d:0b:04:6c:9e:b2:31:47:47:a6:eb:e0:
4a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FE:2D:02:4D:AA:DB:7E:68:95:46:5C:97:8A:A5:4C:C3:6F:F3:C1
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YP4tAk2q235olUZcl4qlTMNv88E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.169.104.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:59:ba:ff:d7:2b:42:1b:31:de:34:18:f7:d8:fa:68:e7:c2:
05:81:52:05:f8:37:b8:dc:aa:f4:f0:e7:d2:cf:70:00:11:41:
b1:86:e7:51:ce:5a:e2:2e:e6:01:e6:13:21:29:29:6e:f0:fd:
97:44:c9:b9:7e:bd:15:13:57:2d:09:77:4f:2a:8e:d3:90:14:
57:9d:f8:c0:e4:ee:c3:be:9d:91:27:cf:76:0e:9b:ab:90:ba:
52:5f:66:16:c3:37:78:35:42:39:53:7a:8d:0d:d9:16:61:f2:
71:e6:7f:46:04:15:a7:74:42:05:85:6d:bb:a3:6b:c2:04:11:
58:34:cf:db:cd:77:16:4e:ff:d0:c8:fa:01:57:04:71:56:41:
d5:55:78:5d:f1:9a:6a:bc:72:77:f0:12:64:33:15:f9:b8:5a:
8e:fb:67:4f:4e:50:73:dc:51:56:ac:ca:fd:d5:5d:ab:a7:13:
56:bc:44:e3:74:9a:79:ba:00:0f:cb:3d:c7:79:fe:89:a8:16:
af:cb:8d:66:1a:67:e2:ce:b9:42:19:80:1b:35:45:4c:17:68:
da:f0:ea:12:b4:16:30:90:95:6e:8b:6d:46:81:53:68:69:13:
b3:d3:7a:5b:bd:0b:06:22:30:a6:7a:f5:8a:5a:90:3c:41:ec:
b2:44:d8:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PlU76iwZQboGpmtek7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZlMmQwMjRkYWFkYjdlNjg5NTQ2NWM5NzhhYTU0Y2MzNmZmM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6I1XXFzpf1OC2SbB0THwVq9JtCl
UgbvsvzjLxpl8fyyuboM3b3H5+8cTvW4yv0p5/Qa6i1FradP+w5uvlKIyJN7r42M
YRte97vWOcN5ytfwN/aJ0JDTfySNmPgkutJIKaBDABaXiBr4GOw6liee0MU1OGJD
0kPgFwfeJU2ZAcUw63ywXa/eHnz6oe8t1T7CR/ES0VWH+2Fy0iKhQQpbjSFNjhtx
86a/tdn3GCyyiuf+2gCRTCbWVrVSv6wfGOrpl4e53gJV9yWwSh0iJPUdPiJuUdfZ
Dtx7nk8rifkPecPKeCN2VqgP4JpVmuFR9iq7hOgdCwRsnrIxR0em6+BKUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD+LQJNqtt+aJVGXJeKpUzDb/PBMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvWVA0dEFrMnEyMzVvbFVaY2w0cWxUTU52ODhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKloMA0G
CSqGSIb3DQEBCwUAA4IBAQAsWbr/1ytCGzHeNBj32Ppo58IFgVIF+De43Kr08OfS
z3AAEUGxhudRzlriLuYB5hMhKSlu8P2XRMm5fr0VE1ctCXdPKo7TkBRXnfjA5O7D
vp2RJ892DpurkLpSX2YWwzd4NUI5U3qNDdkWYfJx5n9GBBWndEIFhW27o2vCBBFY
NM/bzXcWTv/QyPoBVwRxVkHVVXhd8ZpqvHJ38BJkMxX5uFqO+2dPTlBz3FFWrMr9
1V2rpxNWvETjdJp5ugAPyz3Hef6JqBavy41mGmfizrlCGYAbNUVMF2ja8OoStBYw
kJVui21GgVNoaROz03pbvQsGIjCmevWKWpA8QeyyRNhc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:30 2024 by rpki-client on console-fra.rpki-client.org