Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Y6bPwOFLDZC_QDugt-PzWmsLkFw.roa
File: Y6bPwOFLDZC_QDugt-PzWmsLkFw.roa (raw, json)
Hash identifier: AuEUWYMUSw2tyE4295rRDfBb2QwUXjcHKeFRpBsgw2c=
Subject key identifier: 63:A6:CF:C0:E1:4B:0D:90:BF:40:3B:A0:B7:E3:F3:5A:6B:0B:90:5C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF377ED052009F725338507D24AE7
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Y6bPwOFLDZC_QDugt-PzWmsLkFw.roa
Signing time: Sun 01 Jan 2023 18:55:02 +0000
ROA not before: Sun 01 Jan 2023 18:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56694
IP address blocks: 89.23.96.0/22 maxlen: 22
89.23.100.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f3:77:ed:05:20:09:f7:25:33:85:07:d2:4a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63a6cfc0e14b0d90bf403ba0b7e3f35a6b0b905c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:57:10:15:7a:b7:4f:2e:b0:db:c8:91:32:e1:
0a:07:83:bd:22:50:8c:e4:0d:ed:6c:ee:18:e6:04:
75:9d:fa:19:98:84:b6:83:36:7a:50:6c:1c:31:7e:
bb:2c:6d:8f:29:aa:f1:39:72:6e:70:d0:e3:4a:20:
d7:00:8c:13:a4:0b:c6:21:c0:80:07:0e:38:40:fb:
2f:a8:15:a9:5c:ca:b5:49:5f:7c:9e:70:10:56:62:
a1:ba:57:4c:f7:44:78:a1:19:67:11:a4:3c:d3:a2:
fc:42:6d:34:41:3a:8e:70:9c:f5:cb:dd:2f:bb:ed:
16:bc:99:cc:2c:51:56:35:62:d0:27:57:f8:be:3b:
3c:0f:4c:44:f9:1f:cd:0d:1b:2c:37:13:95:85:88:
65:fe:12:18:b0:38:32:9c:5f:0d:b7:42:be:bf:ea:
9f:5d:da:eb:7a:93:84:16:e6:16:b9:18:a3:8d:48:
b6:9e:06:80:5e:2e:b8:18:9a:a0:8f:4d:e4:9b:0c:
db:0e:09:c5:7f:b8:89:97:2f:ca:38:9c:c3:ba:3b:
e5:d1:72:d6:41:3a:c1:50:b1:87:83:c3:4b:55:b9:
df:23:fc:ac:59:62:e9:33:64:6c:17:57:70:7b:b9:
b0:2a:04:b0:4a:a6:86:17:5f:80:14:22:59:9d:33:
84:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A6:CF:C0:E1:4B:0D:90:BF:40:3B:A0:B7:E3:F3:5A:6B:0B:90:5C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Y6bPwOFLDZC_QDugt-PzWmsLkFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
Signature Algorithm: sha256WithRSAEncryption
99:4c:64:71:b7:15:e0:29:6e:5f:1c:5f:7c:a6:a6:b3:75:7c:
9f:9d:7b:35:66:ae:af:a8:3b:f3:14:b9:8b:02:9e:2f:e9:81:
a3:bf:c0:ac:40:e3:33:6d:9f:bf:ae:25:f6:4b:b7:86:59:21:
42:59:6e:ab:5c:b0:88:b0:49:86:e1:7e:b1:dd:c4:e5:fb:88:
dd:1b:0f:14:da:5c:e1:32:71:55:17:78:f2:2e:de:91:b6:1b:
85:a6:43:84:ba:78:2b:01:4e:b2:4c:03:6e:1b:3e:55:5b:f8:
8f:53:08:1e:fb:d3:e4:75:04:a4:b4:d2:29:70:af:78:50:4d:
c7:c2:e2:1b:73:7e:d4:e5:4b:c5:26:14:45:d1:af:67:73:7e:
03:36:20:89:d9:11:37:46:5a:ba:d2:f1:e8:ca:84:f7:3d:77:
27:4d:c0:53:9c:c5:47:49:c0:6c:85:75:e9:aa:c8:6d:06:76:
7e:0e:30:11:9e:d3:40:f5:95:2b:0d:06:1d:e7:5d:56:23:d1:
47:a6:94:02:c8:8d:8a:6f:7a:24:c0:6b:b7:8e:1d:e3:14:68:
b0:53:17:b1:34:60:9e:d6:84:d1:21:98:4e:21:11:f4:c3:db:
d7:a6:e8:2c:d3:3f:83:9e:b2:8c:ac:b1:a2:a6:51:21:ed:06:
02:7a:eb:14
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVur/N37QUgCfclM4UH0krnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E2Y2ZjMGUxNGIwZDkwYmY0MDNiYTBiN2UzZjM1YTZiMGI5MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1cQFXq3Ty6w28iRMuEKB4O9IlCM
5A3tbO4Y5gR1nfoZmIS2gzZ6UGwcMX67LG2PKarxOXJucNDjSiDXAIwTpAvGIcCA
Bw44QPsvqBWpXMq1SV98nnAQVmKhuldM90R4oRlnEaQ806L8Qm00QTqOcJz1y90v
u+0WvJnMLFFWNWLQJ1f4vjs8D0xE+R/NDRssNxOVhYhl/hIYsDgynF8Nt0K+v+qf
XdrrepOEFuYWuRijjUi2ngaAXi64GJqgj03kmwzbDgnFf7iJly/KOJzDujvl0XLW
QTrBULGHg8NLVbnfI/ysWWLpM2RsF1dwe7mwKgSwSqaGF1+AFCJZnTOEWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGOmz8DhSw2Qv0A7oLfj81prC5BcMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvWTZiUHdPRkxEWkNfUUR1Z3QtUHpXbXNMa0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVZF2AD
BABZF2YwDQYJKoZIhvcNAQELBQADggEBAJlMZHG3FeApbl8cX3ymprN1fJ+dezVm
rq+oO/MUuYsCni/pgaO/wKxA4zNtn7+uJfZLt4ZZIUJZbqtcsIiwSYbhfrHdxOX7
iN0bDxTaXOEycVUXePIu3pG2G4WmQ4S6eCsBTrJMA24bPlVb+I9TCB770+R1BKS0
0ilwr3hQTcfC4htzftTlS8UmFEXRr2dzfgM2IInZETdGWrrS8ejKhPc9dydNwFOc
xUdJwGyFdemqyG0Gdn4OMBGe00D1lSsNBh3nXVYj0UemlALIjYpveiTAa7eOHeMU
aLBTF7E0YJ7WhNEhmE4hEfTD29em6CzTP4OesoyssaKmUSHtBgJ66xQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org