Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YXPf2TU6PiG7rlm_P7WhXICkGTE.roa
File: YXPf2TU6PiG7rlm_P7WhXICkGTE.roa (raw, json)
Hash identifier: 6rlQ+DdE8YG7gIo3smS2+5GHx90MNI2KcBh1RYWaHBc=
Subject key identifier: 61:73:DF:D9:35:3A:3E:21:BB:AE:59:BF:3F:B5:A1:5C:80:A4:19:31
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC5006E984418A39256314A827384F4A3
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YXPf2TU6PiG7rlm_P7WhXICkGTE.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 32
185.15.108.0/22 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
46.29.224.0/21 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
46.29.228.0/23 maxlen: 32
185.52.172.0/24 maxlen: 32
93.91.144.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 31 Mar 2024 14:54:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:6e:98:44:18:a3:92:56:31:4a:82:73:84:f4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6173dfd9353a3e21bbae59bf3fb5a15c80a41931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:21:f9:aa:90:5e:22:c0:46:ee:14:4f:18:
63:ed:e0:64:91:9d:ea:93:2a:38:3b:55:08:bf:58:
8e:7c:84:a1:ce:5a:df:6b:7e:4e:7c:5c:4b:ae:8a:
76:6a:7c:e4:bc:03:4b:38:36:e6:71:c3:52:86:58:
b9:a2:89:7d:a2:bd:aa:72:da:85:15:04:6c:36:85:
76:2f:f1:28:6c:fa:a5:29:39:26:e0:b9:fb:41:80:
bd:8b:17:f6:c3:b8:92:b4:33:36:2d:03:c0:38:7b:
d5:b6:5b:6d:0d:c7:18:07:6c:dc:3b:b6:1b:7b:42:
26:7a:a3:08:e9:af:80:3e:58:99:68:49:c7:16:55:
02:90:e6:dc:96:4f:1f:4e:da:1f:ca:ab:3a:68:e2:
8c:52:53:0e:a6:63:be:17:bc:f3:3b:5e:b1:6f:77:
02:3d:39:82:34:c5:ee:13:d1:11:7b:67:b8:a8:56:
84:ac:1e:cf:1a:27:c8:2b:3f:fb:d7:07:86:bf:e6:
f6:2a:c6:87:73:32:4e:d5:69:64:3b:32:56:76:0f:
9d:be:e3:ab:0b:e8:45:ea:a4:72:5f:90:e4:02:05:
e7:74:d7:53:14:e0:2f:e3:f5:3d:3a:e4:e8:9e:bd:
5a:5c:73:d3:12:2a:d4:14:97:91:76:2d:0a:fe:12:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:73:DF:D9:35:3A:3E:21:BB:AE:59:BF:3F:B5:A1:5C:80:A4:19:31
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YXPf2TU6PiG7rlm_P7WhXICkGTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:6e:1c:0c:03:47:55:aa:f6:7a:66:ce:4b:5c:f9:a6:19:5c:
71:f7:63:9e:10:c6:b5:3c:b2:3b:de:a7:ad:c6:2d:59:17:a3:
6f:db:f1:03:9c:e1:c6:9b:7a:19:86:64:a3:35:67:24:3e:16:
cb:6f:8f:35:89:2e:c0:58:aa:0a:08:ba:3a:72:d2:1a:f0:fc:
c9:98:9d:42:1d:c4:2a:a1:d5:02:3c:1e:e9:d2:4c:81:36:ed:
67:a6:88:e5:d0:89:64:21:be:23:99:b0:0d:66:7c:41:01:c5:
42:1a:9d:28:e3:42:9c:ed:79:2c:45:9a:ac:a9:8a:45:c6:df:
bf:c9:70:82:8e:f3:79:04:b3:89:3b:97:e5:1f:31:02:c8:15:
67:f8:35:68:02:fa:3d:a3:14:a0:7f:38:ea:5f:29:ea:a5:44:
9a:03:c5:c3:8e:87:10:2f:15:88:5f:fb:b0:39:bd:ee:a8:c4:
c0:95:2f:e5:85:d0:1e:01:e6:86:bf:21:81:75:8f:d0:fb:22:
dc:70:23:a4:fe:7f:d2:55:08:e9:de:81:9e:3b:81:f7:df:5a:
e5:74:13:71:5e:94:e8:c1:a4:de:d1:62:0a:4c:d9:66:f9:77:
26:bf:cf:f7:48:ab:e2:46:5a:9a:f6:1f:71:be:5e:68:18:c6:
02:84:cd:a4
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzFAG6YRBijklYxSoJzhPSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTczZGZkOTM1M2EzZTIxYmJhZTU5YmYzZmI1YTE1YzgwYTQxOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktYh+aqQXiLARu4UTxhj7eBkkZ3q
kyo4O1UIv1iOfIShzlrfa35OfFxLrop2anzkvANLODbmccNShli5ool9or2qctqF
FQRsNoV2L/EobPqlKTkm4Ln7QYC9ixf2w7iStDM2LQPAOHvVtlttDccYB2zcO7Yb
e0ImeqMI6a+APliZaEnHFlUCkObclk8fTtofyqs6aOKMUlMOpmO+F7zzO16xb3cC
PTmCNMXuE9ERe2e4qFaErB7PGifIKz/71weGv+b2KsaHczJO1WlkOzJWdg+dvuOr
C+hF6qRyX5DkAgXndNdTFOAv4/U9OuTonr1aXHPTEirUFJeRdi0K/hJm8wIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFGFz39k1Oj4hu65Zvz+1oVyApBkxMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvWVhQZjJUVTZQaUc3cmxtX1A3V2hYSUNrR1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAI1uHAwDR1Wq9npmzktc+aYZXHH3Y54QxrU8sjvep63GLVkXo2/b
8QOc4cabehmGZKM1ZyQ+FstvjzWJLsBYqgoIujpy0hrw/MmYnUIdxCqh1QI8HunS
TIE27WemiOXQiWQhviOZsA1mfEEBxUIanSjjQpzteSxFmqypikXG37/JcIKO83kE
s4k7l+UfMQLIFWf4NWgC+j2jFKB/OOpfKeqlRJoDxcOOhxAvFYhf+7A5ve6oxMCV
L+WF0B4B5oa/IYF1j9D7ItxwI6T+f9JVCOnegZ47gfffWuV0E3FelOjBpN7RYgpM
2Wb5dya/z/dIq+JGWpr2H3G+XmgYxgKEzaQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:32 2024 by rpki-client on console-ams.rpki-client.org