Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/yu-EM2zfsmgPcwe8Gdr-oUEDZLc.roa
File: yu-EM2zfsmgPcwe8Gdr-oUEDZLc.roa (raw, json)
Hash identifier: Ee5LA+Fk6Qjv+cv4gQw6ZbxZYSjA9VF5yK07XUYADPY=
Subject key identifier: CA:EF:84:33:6C:DF:B2:68:0F:73:07:BC:19:DA:FE:A1:41:03:64:B7
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018D128F3EEECE9EBC38E6853A4FE2E5D959
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/yu-EM2zfsmgPcwe8Gdr-oUEDZLc.roa
Signing time: Tue 16 Jan 2024 13:56:34 +0000
ROA not before: Tue 16 Jan 2024 13:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 107.181.137.0/24 maxlen: 24
155.254.52.0/22 maxlen: 24
155.254.56.0/22 maxlen: 24
162.220.246.0/23 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.131.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
198.105.96.0/22 maxlen: 24
198.105.104.0/22 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.113.0/24 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.118.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 14:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:8f:3e:ee:ce:9e:bc:38:e6:85:3a:4f:e2:e5:d9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 16 13:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caef84336cdfb2680f7307bc19dafea1410364b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:36:dc:d8:6e:86:d0:ef:81:da:89:06:f5:1e:
fb:b6:64:bf:75:4a:ad:18:15:99:1d:1a:01:5b:27:
f9:d2:59:65:3b:a2:20:34:f3:54:ee:08:5f:07:a4:
b2:fc:c5:12:32:1e:79:16:37:7d:b6:c4:01:ab:a7:
a3:53:3b:5b:bc:e4:91:f6:4e:8d:5b:3b:00:8f:01:
97:18:5c:42:e6:05:b6:61:42:8c:31:00:0d:aa:91:
c1:bc:ed:33:6f:db:77:4d:be:1d:94:d1:c7:7c:ac:
67:af:45:ef:67:37:bb:0d:be:1d:af:35:4d:18:31:
f7:2d:3c:e0:48:f1:57:e7:c5:61:d1:46:a8:4c:52:
8b:6a:60:81:86:9e:28:18:48:1c:60:af:fd:6c:74:
00:c6:67:27:d2:f5:6e:bc:fd:c3:2c:a0:f1:ca:46:
d1:65:eb:72:2e:32:6e:d1:d0:ec:96:42:32:04:7d:
67:be:2a:23:92:07:bc:2e:59:f3:36:84:28:9d:40:
ce:d4:7c:48:c6:ff:76:b6:44:2a:8c:93:ba:62:5f:
2c:65:ac:39:60:68:9f:3f:03:3a:24:b6:cf:c0:f1:
6e:b6:0c:63:af:9b:5a:32:bd:ca:d9:13:5c:02:d4:
63:91:62:1f:3b:50:fe:1c:5b:1f:61:fb:64:40:6f:
73:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EF:84:33:6C:DF:B2:68:0F:73:07:BC:19:DA:FE:A1:41:03:64:B7
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/yu-EM2zfsmgPcwe8Gdr-oUEDZLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.137.0/24
155.254.52.0-155.254.59.255
162.220.246.0/23
185.53.128.0/22
185.83.216.0/22
198.105.96.0/22
198.105.104.0/22
198.105.112.0/22
198.105.118.0/23
IPv6:
2a02:2ca0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:a5:fa:73:a0:72:6a:df:e2:f2:2e:0d:42:b3:35:08:68:f2:
dc:de:54:c2:a7:7f:46:b2:39:26:53:f1:0a:b2:12:45:ce:65:
e7:e4:6b:a2:9f:79:c5:38:94:17:92:75:4b:dd:19:33:79:40:
30:63:89:7c:ff:4c:2b:a6:69:cb:a8:b7:b1:d8:89:30:e0:41:
bc:3f:08:f9:fe:5d:81:4f:35:4a:b4:b1:65:1c:25:e6:fb:a4:
f9:91:02:7a:6d:79:56:a9:3e:42:1c:2c:ea:0a:49:79:c2:4f:
41:3b:ca:a6:3b:4b:a6:7a:3d:f7:4c:63:5f:21:14:23:2c:87:
79:ed:5f:d2:75:e6:f8:7b:38:f4:46:c8:ce:95:e6:18:e4:be:
d3:1a:0b:65:f3:48:10:ee:96:01:ea:bd:1c:cb:0d:86:48:0e:
1b:f2:c3:ba:76:f4:29:c2:6e:21:5d:be:18:74:62:2e:45:dd:
1d:9d:14:71:8d:53:6c:a4:29:a9:b5:97:79:d6:26:37:0f:5f:
ec:1a:7e:2f:4e:24:97:b5:3c:41:81:1e:fe:34:f0:bf:a3:66:
c1:60:d7:18:95:52:45:a0:ab:7c:43:48:fc:a4:08:6c:49:10:
93:7c:e5:f6:6c:76:5d:0e:a4:6f:c7:34:4d:b2:94:08:48:f6:
28:ef:46:1a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY0Sjz7uzp68OOaFOk/i5dlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTE2MTM1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWVmODQzMzZjZGZiMjY4MGY3MzA3YmMxOWRhZmVhMTQxMDM2NGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljbc2G6G0O+B2okG9R77tmS/dUqt
GBWZHRoBWyf50lllO6IgNPNU7ghfB6Sy/MUSMh55Fjd9tsQBq6ejUztbvOSR9k6N
WzsAjwGXGFxC5gW2YUKMMQANqpHBvO0zb9t3Tb4dlNHHfKxnr0XvZze7Db4drzVN
GDH3LTzgSPFX58Vh0UaoTFKLamCBhp4oGEgcYK/9bHQAxmcn0vVuvP3DLKDxykbR
ZetyLjJu0dDslkIyBH1nviojkge8LlnzNoQonUDO1HxIxv92tkQqjJO6Yl8sZaw5
YGifPwM6JLbPwPFutgxjr5taMr3K2RNcAtRjkWIfO1D+HFsfYftkQG9zDwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMrvhDNs37JoD3MHvBna/qFBA2S3MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEveXUtRU0yemZzbWdQY3dlOEdkci1vVUVEWkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQAa7WJMAwD
BAKb/jQDBAKb/jgDBAGi3PYDBAK5NYADBAK5U9gDBALGaWADBALGaWgDBALGaXAD
BAHGaXYwDQQCAAIwBwMFAyoCLKAwDQYJKoZIhvcNAQELBQADggEBALSl+nOgcmrf
4vIuDUKzNQho8tzeVMKnf0ayOSZT8QqyEkXOZefka6KfecU4lBeSdUvdGTN5QDBj
iXz/TCumacuot7HYiTDgQbw/CPn+XYFPNUq0sWUcJeb7pPmRAnpteVapPkIcLOoK
SXnCT0E7yqY7S6Z6PfdMY18hFCMsh3ntX9J15vh7OPRGyM6V5hjkvtMaC2XzSBDu
lgHqvRzLDYZIDhvyw7p29CnCbiFdvhh0Yi5F3R2dFHGNU2ykKam1l3nWJjcPX+wa
fi9OJJe1PEGBHv408L+jZsFg1xiVUkWgq3xDSPykCGxJEJN85fZsdl0OpG/HNE2y
lAhI9ijvRho=
-----END CERTIFICATE-----
Generated at Thu Jan 18 18:09:00 2024 by rpki-client on console-ams.rpki-client.org