Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/y_bwJIqE_EQJZw3artpsYSLOtsU.roa
File: y_bwJIqE_EQJZw3artpsYSLOtsU.roa (raw, json)
Hash identifier: UnVDGkRFfgbS3hHdH4hvrln6Pnrz/nUfVdEtsWUb21Y=
Subject key identifier: CB:F6:F0:24:8A:84:FC:44:09:67:0D:DA:AE:DA:6C:61:22:CE:B6:C5
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018F5835DF7764CF9C54ED897B71E120F321
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/y_bwJIqE_EQJZw3artpsYSLOtsU.roa
Signing time: Wed 08 May 2024 12:37:56 +0000
ROA not before: Wed 08 May 2024 12:37:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39486
IP address blocks: 36.255.188.0/22 maxlen: 32
45.134.79.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
193.161.128.0/22 maxlen: 24
194.104.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 09:22:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:35:df:77:64:cf:9c:54:ed:89:7b:71:e1:20:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 8 12:37:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf6f0248a84fc4409670ddaaeda6c6122ceb6c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ef:5a:2e:7e:be:46:a8:85:40:26:f9:bc:02:
2c:23:91:2b:89:42:7b:7e:01:7b:9f:45:b5:5d:78:
25:9d:43:07:df:61:30:88:3a:d1:7f:3d:50:16:50:
29:bd:66:2c:1f:d3:2c:5b:b1:60:74:96:85:32:8c:
00:fa:4f:71:33:6a:ca:b3:87:d2:76:fd:ee:c3:e1:
5a:33:86:77:ee:c6:d0:44:e9:53:9d:22:c9:1a:7a:
49:b4:67:0c:f3:48:fc:1e:6e:7e:de:f2:a9:33:a3:
d7:c2:d8:10:07:b7:d4:bd:d5:9b:c8:a6:b4:b6:3c:
74:27:46:58:f4:53:a8:f8:da:54:d8:aa:86:b0:d5:
26:09:c5:7b:e3:dc:91:93:fe:44:13:51:fc:56:0a:
64:58:4d:b9:8b:16:f1:ff:02:63:f4:cd:2a:ba:22:
08:92:75:ad:56:6c:66:e1:13:bb:3f:60:85:a1:3d:
bc:c1:ab:76:b5:49:18:8e:b9:32:79:03:f1:9d:34:
1e:3e:c7:42:51:23:0c:cc:f4:5a:03:23:af:34:61:
b0:61:b6:48:d4:e9:ba:78:a5:fb:55:6c:da:ed:6d:
02:ab:c7:e8:5f:ad:85:8d:29:bd:fb:4f:08:c9:87:
30:57:ff:b3:ce:0e:8a:04:cb:04:d8:de:55:38:b5:
22:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F6:F0:24:8A:84:FC:44:09:67:0D:DA:AE:DA:6C:61:22:CE:B6:C5
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/y_bwJIqE_EQJZw3artpsYSLOtsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.188.0/22
45.134.79.0/24
185.184.228.0/24
193.161.128.0/22
194.104.104.0/22
Signature Algorithm: sha256WithRSAEncryption
69:1c:b9:97:df:e8:79:5d:a0:84:6a:e4:27:8e:1b:7b:c2:11:
cd:69:18:26:bb:bf:07:dc:93:5a:57:84:bc:69:87:19:8a:b6:
18:a5:f0:63:7b:fa:f8:8d:46:e2:0a:21:b0:64:a1:8c:7f:be:
b7:de:5f:ee:d8:c5:a4:60:4b:7a:5c:f0:d9:96:0f:c5:71:d0:
43:90:27:ae:3b:fe:0c:5a:77:26:0f:50:8b:e6:f7:ff:85:37:
31:b3:c4:97:19:d8:e9:fd:78:f6:79:3e:7c:43:1f:da:68:7b:
fe:67:66:b0:d8:29:53:cd:68:ed:66:00:1f:e4:38:80:b1:42:
bd:a0:07:ac:9f:6c:f6:5d:7b:52:83:37:e5:81:78:37:16:2c:
b3:95:d2:7d:d1:bb:19:09:9f:c9:ff:25:01:2d:78:c8:2a:84:
dc:f5:cd:47:dd:1c:6c:1b:dd:5c:6b:9b:fc:5b:4c:03:c8:17:
b7:a1:dd:de:b8:1d:da:db:61:15:4a:79:09:cc:d5:0b:02:e5:
4c:b0:34:fc:d8:bf:61:ca:dc:e8:ce:93:39:79:47:2d:b2:1a:
3f:43:e8:a6:1c:2f:47:88:ea:fa:90:06:4a:00:98:86:2f:71:
e3:7d:21:1e:9f:71:38:00:c4:24:83:72:9e:68:72:39:81:36:
4c:30:30:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9YNd93ZM+cVO2Je3HhIPMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNTA4MTIzNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY2ZjAyNDhhODRmYzQ0MDk2NzBkZGFhZWRhNmM2MTIyY2ViNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse9aLn6+RqiFQCb5vAIsI5EriUJ7
fgF7n0W1XXglnUMH32EwiDrRfz1QFlApvWYsH9MsW7FgdJaFMowA+k9xM2rKs4fS
dv3uw+FaM4Z37sbQROlTnSLJGnpJtGcM80j8Hm5+3vKpM6PXwtgQB7fUvdWbyKa0
tjx0J0ZY9FOo+NpU2KqGsNUmCcV749yRk/5EE1H8VgpkWE25ixbx/wJj9M0quiII
knWtVmxm4RO7P2CFoT28wat2tUkYjrkyeQPxnTQePsdCUSMMzPRaAyOvNGGwYbZI
1Om6eKX7VWza7W0Cq8foX62FjSm9+08IyYcwV/+zzg6KBMsE2N5VOLUihQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMv28CSKhPxECWcN2q7abGEizrbFMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEveV9id0pJcUVfRVFKWnczYXJ0cHNZU0xPdHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCJP+8AwQA
LYZPAwQAubjkAwQCwaGAAwQCwmhoMA0GCSqGSIb3DQEBCwUAA4IBAQBpHLmX3+h5
XaCEauQnjht7whHNaRgmu78H3JNaV4S8aYcZirYYpfBje/r4jUbiCiGwZKGMf763
3l/u2MWkYEt6XPDZlg/FcdBDkCeuO/4MWncmD1CL5vf/hTcxs8SXGdjp/Xj2eT58
Qx/aaHv+Z2aw2ClTzWjtZgAf5DiAsUK9oAesn2z2XXtSgzflgXg3FiyzldJ90bsZ
CZ/J/yUBLXjIKoTc9c1H3RxsG91ca5v8W0wDyBe3od3euB3a22EVSnkJzNULAuVM
sDT82L9hytzozpM5eUctsho/Q+imHC9HiOr6kAZKAJiGL3HjfSEen3E4AMQkg3Ke
aHI5gTZMMDBm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org