Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/yh1Z8wngTLk8K69lKlExstERIPw.roa
File: yh1Z8wngTLk8K69lKlExstERIPw.roa (raw, json)
Hash identifier: IQZencsb+x02xpPuwQC4mhslq8MJlaHcp1dUzfp8K+w=
Subject key identifier: CA:1D:59:F3:09:E0:4C:B9:3C:2B:AF:65:2A:51:31:B2:D1:11:20:FC
Certificate issuer: /CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Certificate serial: 018CC500191841313BDBA04CB91CC9183B0C
Authority key identifier: F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/yh1Z8wngTLk8K69lKlExstERIPw.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 134.99.0.0/16 maxlen: 16
134.99.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 08:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:19:18:41:31:3b:db:a0:4c:b9:1c:c9:18:3b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca1d59f309e04cb93c2baf652a5131b2d11120fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:92:87:31:2e:81:a5:c8:09:db:76:be:1e:cf:
dc:90:2d:57:96:39:27:14:c5:48:3a:79:35:16:de:
07:68:a8:62:f4:fb:0c:39:ba:7d:48:84:ac:22:3d:
29:9f:bb:bb:46:56:f1:23:1c:aa:a1:89:b8:20:bc:
94:c4:2b:e4:37:ba:05:87:3e:d4:19:f5:58:3d:e7:
8b:ce:7c:49:c1:ad:4b:28:99:44:22:8b:07:66:fe:
ee:b0:78:c2:4b:03:6c:4e:bf:6d:b3:dd:5c:f1:c6:
bd:5f:14:df:c2:47:77:78:da:5e:8e:27:59:20:97:
b3:18:77:1d:08:8d:61:92:e7:bf:2e:2b:3c:87:34:
07:80:d7:78:63:a1:1c:3e:0e:a9:52:a3:46:4f:2a:
0e:0d:71:d4:7c:69:91:c3:52:dc:aa:c0:c0:66:05:
06:64:37:3c:7c:05:f1:af:1a:67:57:ef:b4:ba:24:
5b:a6:20:84:ac:8c:20:ba:7e:bd:7f:78:62:c8:95:
6b:36:61:3d:6e:17:62:d0:d1:f7:cb:9a:85:a9:ee:
ae:0a:a3:87:50:12:8e:19:80:e9:98:48:7b:a3:39:
6b:16:41:33:8c:6e:26:26:45:d4:eb:5a:9f:f5:05:
aa:f9:91:80:13:f7:57:fe:63:83:e1:e0:67:64:a6:
e6:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1D:59:F3:09:E0:4C:B9:3C:2B:AF:65:2A:51:31:B2:D1:11:20:FC
X509v3 Authority Key Identifier:
keyid:F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/yh1Z8wngTLk8K69lKlExstERIPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/81bN1aSc5sQqmjX6d7lyeBloiJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:45:68:51:68:3b:a3:b2:3a:e6:5f:05:b9:7d:de:e8:e2:22:
43:b9:f8:b6:d3:fa:43:85:ef:e3:07:6d:7c:0c:d8:2a:3e:a0:
73:cc:cf:29:22:da:fc:06:eb:89:d2:c0:51:62:22:20:a5:da:
9c:3a:df:bf:60:e1:22:ab:c7:d8:a4:bc:f9:ac:cc:b0:b9:d2:
95:bf:47:44:a3:0b:92:6b:56:a6:d4:bd:5e:3e:41:b0:23:61:
4a:b9:fc:d6:ab:50:08:76:10:45:ab:7c:a3:97:2e:cd:e0:a9:
ba:13:ec:3f:4d:49:08:98:56:f1:f9:20:26:8c:2f:f5:49:e8:
96:13:03:82:a5:e4:cc:d6:ea:9c:f1:07:be:d9:46:24:5b:71:
c1:00:8d:aa:1b:89:32:b8:4b:b3:8b:1a:2d:a9:b8:71:9c:0d:
d8:f0:8d:9f:91:1b:cd:95:32:3f:c7:82:1e:95:d8:8b:2e:07:
e1:97:95:81:c0:8d:10:68:f6:a9:c5:89:5f:71:f6:09:6a:88:
f3:47:73:a2:b3:c3:95:22:2f:70:04:63:45:f0:1f:4f:49:db:
a9:4c:d9:a3:a3:51:1a:9c:78:20:5c:69:f4:9d:da:f0:8d:d4:
92:3b:79:15:62:5a:0d:4a:b1:ee:96:bc:2c:a8:2d:01:d7:ee:
78:0b:49:6e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzFABkYQTE726BMuRzJGDsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNTZjZGQ1YTQ5Y2U2YzQyYTlhMzVmYTc3Yjk3Mjc4MTk2
ODg4OTYwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFkNTlmMzA5ZTA0Y2I5M2MyYmFmNjUyYTUxMzFiMmQxMTEyMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJKHMS6BpcgJ23a+Hs/ckC1Xljkn
FMVIOnk1Ft4HaKhi9PsMObp9SISsIj0pn7u7RlbxIxyqoYm4ILyUxCvkN7oFhz7U
GfVYPeeLznxJwa1LKJlEIosHZv7usHjCSwNsTr9ts91c8ca9XxTfwkd3eNpejidZ
IJezGHcdCI1hkue/Lis8hzQHgNd4Y6EcPg6pUqNGTyoODXHUfGmRw1LcqsDAZgUG
ZDc8fAXxrxpnV++0uiRbpiCErIwgun69f3hiyJVrNmE9bhdi0NH3y5qFqe6uCqOH
UBKOGYDpmEh7ozlrFkEzjG4mJkXU61qf9QWq+ZGAE/dX/mOD4eBnZKbmSQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFModWfMJ4Ey5PCuvZSpRMbLRESD8MB8GA1UdIwQY
MBaAFPNWzdWknObEKpo1+ne5cngZaIiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMt
NTc2OGQzN2Y3YmI1LzEveWgxWjh3bmdUTGs4SzY5bEtsRXhzdEVSSVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMtNTc2OGQzN2Y3YmI1
LzEvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhmMwDQYJ
KoZIhvcNAQELBQADggEBAH1FaFFoO6OyOuZfBbl93ujiIkO5+LbT+kOF7+MHbXwM
2Co+oHPMzyki2vwG64nSwFFiIiCl2pw6379g4SKrx9ikvPmszLC50pW/R0SjC5Jr
VqbUvV4+QbAjYUq5/NarUAh2EEWrfKOXLs3gqboT7D9NSQiYVvH5ICaML/VJ6JYT
A4Kl5MzW6pzxB77ZRiRbccEAjaobiTK4S7OLGi2puHGcDdjwjZ+RG82VMj/Hgh6V
2IsuB+GXlYHAjRBo9qnFiV9x9glqiPNHc6Kzw5UiL3AEY0XwH09J26lM2aOjURqc
eCBcafSd2vCN1JI7eRViWg1Kse6WvCyoLQHX7ngLSW4=
-----END CERTIFICATE-----
Generated at Mon Apr 29 19:13:40 2024 by rpki-client on console.sobornost.net