Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RYM4B-rXR58IMFrDlB1UhkkBZmI.roa
File: RYM4B-rXR58IMFrDlB1UhkkBZmI.roa (raw, json)
Hash identifier: NIUJQ/1NHxz+BlfxdxpwtoOMRYEODuzc8KxdR2S5M4E=
Subject key identifier: 45:83:38:07:EA:D7:47:9F:08:30:5A:C3:94:1D:54:86:49:01:66:62
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 01928A0193C125C96F330FB37C04408429B6
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RYM4B-rXR58IMFrDlB1UhkkBZmI.roa
Signing time: Mon 14 Oct 2024 07:50:11 +0000
ROA not before: Mon 14 Oct 2024 07:50:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Oct 2024 06:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:01:93:c1:25:c9:6f:33:0f:b3:7c:04:40:84:29:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Oct 14 07:50:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45833807ead7479f08305ac3941d548649016662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2c:f0:5e:55:5c:16:87:39:ed:1b:fb:79:09:
ec:94:bc:08:f7:e1:72:71:b1:ea:00:1b:74:63:fa:
d9:22:94:8c:d4:eb:4d:0c:be:03:5c:b3:ca:58:bd:
ae:7e:c8:9c:a9:ee:53:37:87:69:27:38:26:c7:f3:
31:fc:fe:9d:3c:fc:11:f0:b8:52:36:26:b7:87:3a:
8a:f7:01:f9:3b:f0:d0:fc:99:89:0a:3b:fa:5c:12:
56:9f:30:4c:37:4f:fa:10:4b:44:26:b5:11:01:bf:
57:28:ae:d7:ad:86:31:05:ab:0b:ec:dd:5f:71:2e:
17:4f:6f:cc:52:f2:f1:8e:09:11:61:6a:4a:1c:86:
a3:be:04:a7:ef:36:76:9c:78:41:7c:ab:4e:88:fd:
f1:ab:67:6e:cb:50:9e:31:50:e8:7b:31:ea:30:7d:
86:31:61:da:60:7e:fe:9a:3c:eb:7e:b3:19:f7:ea:
0c:83:e6:3d:8e:69:16:52:85:10:21:6a:e8:3d:f8:
2c:1a:0f:a5:ce:fc:e8:28:e5:a8:38:8f:0e:f7:a7:
c4:9e:50:4b:59:e8:61:ea:5c:39:7f:1f:df:07:ad:
f3:36:7c:55:3a:a6:d8:d2:b0:dc:87:9d:8a:64:73:
cd:06:4d:c5:4d:59:80:b1:1a:50:69:5d:03:55:28:
e8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:83:38:07:EA:D7:47:9F:08:30:5A:C3:94:1D:54:86:49:01:66:62
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/RYM4B-rXR58IMFrDlB1UhkkBZmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.126.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
79:b0:d1:f7:f5:b9:43:8d:2e:26:10:35:53:a7:eb:1a:73:2b:
3c:cd:f9:4e:02:06:5f:de:4e:06:71:f1:f0:3d:14:aa:92:cb:
35:b8:3a:52:4b:ed:02:38:13:62:a7:87:f6:bd:51:af:70:77:
e5:12:d5:2a:71:e1:9f:9c:6c:b4:64:30:08:c7:66:e7:e2:fe:
5a:05:82:1a:ac:35:66:e3:37:c7:a0:8a:62:4d:d6:63:14:14:
f0:5a:85:36:b0:40:a4:63:15:58:46:fa:93:02:0c:db:5c:d0:
ce:0f:d7:90:75:77:07:1b:77:3b:fd:9a:45:81:14:5c:4f:2a:
70:2f:f4:e2:3f:82:f9:d5:94:fd:ab:78:5c:a0:11:b7:62:52:
ec:e6:01:33:c9:2e:5a:af:9e:8f:6e:56:db:ed:b4:a2:49:ac:
52:f8:62:7a:94:d3:11:3e:ef:c7:c3:7c:8a:b2:6a:07:e4:e8:
a1:5c:52:14:79:48:07:43:8c:be:28:0b:4c:7a:b3:92:dc:ae:
a9:f9:eb:07:d5:3c:7d:1f:5d:e9:c8:23:5c:4c:aa:9c:76:83:
81:12:db:86:6b:10:2b:a5:44:7c:7a:30:1e:18:00:30:14:99:
36:97:ed:ad:85:7d:0a:c4:3f:41:50:d0:ce:bd:ab:42:7c:12:
02:d3:b4:78
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAZKKAZPBJclvMw+zfARAhCm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQxMDE0MDc1MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTgzMzgwN2VhZDc0NzlmMDgzMDVhYzM5NDFkNTQ4NjQ5MDE2NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwizwXlVcFoc57Rv7eQnslLwI9+Fy
cbHqABt0Y/rZIpSM1OtNDL4DXLPKWL2ufsicqe5TN4dpJzgmx/Mx/P6dPPwR8LhS
Nia3hzqK9wH5O/DQ/JmJCjv6XBJWnzBMN0/6EEtEJrURAb9XKK7XrYYxBasL7N1f
cS4XT2/MUvLxjgkRYWpKHIajvgSn7zZ2nHhBfKtOiP3xq2duy1CeMVDoezHqMH2G
MWHaYH7+mjzrfrMZ9+oMg+Y9jmkWUoUQIWroPfgsGg+lzvzoKOWoOI8O96fEnlBL
Wehh6lw5fx/fB63zNnxVOqbY0rDch52KZHPNBk3FTVmAsRpQaV0DVSjonQIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFEWDOAfq10efCDBaw5QdVIZJAWZiMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvUllNNEItclhSNThJTUZyRGxCMVVoa2tCWm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB9QQCAAEwge4D
BABbws0DBABbysgDBABdvIcDBACU/SIDBACU/SQDBAGU/eQwDAMEAJT95wMEApT9
6AMEAJT97QMEAJT97wMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQA
o6tDAwQBo6tGAwQBo6tUAwQAo6tXMAwDBACjq10DBACjq14wDAMEBaOrYAMEAKOr
YjAMAwQAo6tlAwQAo6toAwQAo6t+AwQAo6umAwQBo6uwAwQAo6u2AwQAo6u8AwQA
o6vGAwQAo6vPAwQAo6veAwQBo6vgAwQAo6vnAwQAo6v5AwQAo6v8AwQAwmsTMA8E
AgACMAkDBwAqAVPA/8YwDQYJKoZIhvcNAQELBQADggEBAHmw0ff1uUONLiYQNVOn
6xpzKzzN+U4CBl/eTgZx8fA9FKqSyzW4OlJL7QI4E2Knh/a9Ua9wd+US1Spx4Z+c
bLRkMAjHZufi/loFghqsNWbjN8egimJN1mMUFPBahTawQKRjFVhG+pMCDNtc0M4P
15B1dwcbdzv9mkWBFFxPKnAv9OI/gvnVlP2reFygEbdiUuzmATPJLlqvno9uVtvt
tKJJrFL4YnqU0xE+78fDfIqyagfk6KFcUhR5SAdDjL4oC0x6s5Lcrqn56wfVPH0f
XenII1xMqpx2g4ES24ZrECulRHx6MB4YADAUmTaX7a2FfQrEP0FQ0M69q0J8EgLT
tHg=
-----END CERTIFICATE-----
Generated at Wed Oct 23 08:27:56 2024 by rpki-client on console-ams.rpki-client.org