Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/YuGnOSAIMQEEyN9n53P_Jdnq-TU.roa
File: YuGnOSAIMQEEyN9n53P_Jdnq-TU.roa (raw, json)
Hash identifier: g8utUG+5V/fjgRnAV50Wpq+DK9SL2F1GDPy0Dv7reVM=
Subject key identifier: 62:E1:A7:39:20:08:31:01:04:C8:DF:67:E7:73:FF:25:D9:EA:F9:35
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 01857169ABF81305108F55EA297CE933AAD5
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/YuGnOSAIMQEEyN9n53P_Jdnq-TU.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 5.61.250.0/24 maxlen: 24
5.61.248.0/24 maxlen: 24
5.61.251.0/24 maxlen: 24
5.61.248.0/21 maxlen: 21
5.61.249.0/24 maxlen: 24
5.61.252.0/24 maxlen: 24
5.61.253.0/24 maxlen: 24
5.61.254.0/24 maxlen: 24
5.61.255.0/24 maxlen: 24
2a01:7860::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ab:f8:13:05:10:8f:55:ea:29:7c:e9:33:aa:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62e1a7392008310104c8df67e773ff25d9eaf935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:2f:ed:a2:0f:80:4d:e2:b8:b6:ea:dd:96:
ad:3f:d5:81:ec:5e:b1:53:bc:53:12:ca:80:2a:8d:
b8:da:82:45:e3:08:56:c9:2d:1a:f2:ae:75:d8:0b:
a3:d7:30:48:36:d9:79:3d:3e:57:b8:d9:bb:00:d9:
96:07:d2:f3:33:a8:0e:4b:3e:97:ce:3b:2d:06:cf:
7d:37:eb:27:88:1b:b4:67:5a:df:28:6c:46:9d:47:
23:b9:10:25:8e:b8:5f:21:d0:50:3c:fe:fc:6f:97:
5d:e8:0c:52:8f:35:66:10:b8:34:9c:a2:18:ec:8a:
b3:f7:9a:bb:72:16:9a:21:ac:15:d6:8d:99:ec:57:
cf:09:c2:0e:e4:25:ee:6c:00:18:91:78:8e:55:3d:
4f:cb:22:84:f0:41:4b:25:7e:ec:7f:c6:65:d3:79:
d3:08:a6:ab:22:54:34:1f:fb:43:95:2d:4e:eb:16:
b4:ac:ad:09:de:9a:d6:56:f1:8c:98:3d:ab:f7:96:
f5:f4:46:20:05:e9:49:11:ff:d5:b1:47:9a:bf:19:
e4:d1:e2:d2:1d:0b:aa:7b:73:77:07:f5:23:6b:e4:
55:7e:f1:d4:14:dd:6a:1d:54:36:d1:fa:ec:8a:f0:
35:13:d0:c4:b3:47:97:71:58:70:f9:99:75:bc:63:
18:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E1:A7:39:20:08:31:01:04:C8:DF:67:E7:73:FF:25:D9:EA:F9:35
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/YuGnOSAIMQEEyN9n53P_Jdnq-TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.248.0/21
IPv6:
2a01:7860::/32
Signature Algorithm: sha256WithRSAEncryption
b8:77:bb:03:43:21:22:8a:ec:0a:06:f8:86:e9:79:55:ab:3a:
47:49:5f:74:b8:1c:e3:49:5c:25:b4:89:76:30:d6:e5:97:47:
7d:30:0d:f0:4d:5e:65:7d:45:f3:c0:74:88:94:59:46:57:3a:
c5:39:cd:62:18:02:e2:53:40:fb:b4:80:9a:be:4d:bb:8c:ad:
f0:e9:03:28:bf:45:46:18:02:f1:e8:03:26:9e:1b:fe:e4:d6:
c5:7e:ef:32:07:1a:df:fd:86:d5:3e:10:5c:33:0a:77:02:e7:
ec:78:93:b7:15:6d:b6:15:c9:a0:35:1d:ee:11:f2:21:e3:31:
9b:c5:ea:ab:c9:11:69:1c:16:62:5b:65:df:07:0b:73:16:79:
0e:4d:4e:4b:4e:a9:2e:02:01:79:33:92:88:83:47:93:a4:a3:
5b:9e:e7:4d:73:b1:cc:2f:78:13:b0:c5:c1:18:ab:47:be:92:
a8:99:1f:e5:03:36:e0:fd:3a:5b:6a:39:42:2a:e7:92:e7:7a:
33:6e:f6:42:6f:d3:31:ec:cf:49:b0:86:71:f3:53:08:0c:98:
d9:f1:c4:7a:82:b8:24:63:20:7a:9c:7b:8b:3e:e7:af:19:bf:
ea:3d:48:5e:a4:ab:28:dd:93:0b:07:3b:55:83:53:cb:8e:15:
1c:42:b2:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaav4EwUQj1XqKXzpM6rVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmUxYTczOTIwMDgzMTAxMDRjOGRmNjdlNzczZmYyNWQ5ZWFmOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpov7aIPgE3iuLbq3ZatP9WB7F6x
U7xTEsqAKo242oJF4whWyS0a8q512Auj1zBINtl5PT5XuNm7ANmWB9LzM6gOSz6X
zjstBs99N+sniBu0Z1rfKGxGnUcjuRAljrhfIdBQPP78b5dd6AxSjzVmELg0nKIY
7Iqz95q7chaaIawV1o2Z7FfPCcIO5CXubAAYkXiOVT1PyyKE8EFLJX7sf8Zl03nT
CKarIlQ0H/tDlS1O6xa0rK0J3prWVvGMmD2r95b19EYgBelJEf/VsUeavxnk0eLS
HQuqe3N3B/Uja+RVfvHUFN1qHVQ20frsivA1E9DEs0eXcVhw+Zl1vGMYCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGLhpzkgCDEBBMjfZ+dz/yXZ6vk1MB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvWXVHbk9TQUlNUUVFeU45bjUzUF9KZG5xLVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQtMzFkNWFjM2FjOWI1
LzEvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBT34MA0E
AgACMAcDBQAqAXhgMA0GCSqGSIb3DQEBCwUAA4IBAQC4d7sDQyEiiuwKBviG6XlV
qzpHSV90uBzjSVwltIl2MNbll0d9MA3wTV5lfUXzwHSIlFlGVzrFOc1iGALiU0D7
tICavk27jK3w6QMov0VGGALx6AMmnhv+5NbFfu8yBxrf/YbVPhBcMwp3AufseJO3
FW22FcmgNR3uEfIh4zGbxeqryRFpHBZiW2XfBwtzFnkOTU5LTqkuAgF5M5KIg0eT
pKNbnudNc7HML3gTsMXBGKtHvpKomR/lAzbg/TpbajlCKueS53ozbvZCb9Mx7M9J
sIZx81MIDJjZ8cR6grgkYyB6nHuLPuevGb/qPUhepKso3ZMLBztVg1PLjhUcQrLQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:52 2024 by rpki-client on console-fra.rpki-client.org