Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YYEz10GAw-uodSlbW_LnXegBvdc.roa
File: YYEz10GAw-uodSlbW_LnXegBvdc.roa (raw, json)
Hash identifier: jeUeNtqNng/Lo9ICfnU3JrApeJ0dP9OkQPzLSShC6EU=
Subject key identifier: 61:81:33:D7:41:80:C3:EB:A8:75:29:5B:5B:F2:E7:5D:E8:01:BD:D7
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CE42CBCEFF3DFA8997A3DE0AC0D25
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YYEz10GAw-uodSlbW_LnXegBvdc.roa
Signing time: Mon 02 Jan 2023 03:35:59 +0000
ROA not before: Mon 02 Jan 2023 03:35:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56341
IP address blocks: 46.52.224.0/21 maxlen: 21
188.133.224.0/20 maxlen: 20
109.203.198.0/23 maxlen: 23
188.133.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e4:2c:bc:ef:f3:df:a8:99:7a:3d:e0:ac:0d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=618133d74180c3eba875295b5bf2e75de801bdd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:e4:e2:0d:06:09:96:f9:31:cc:80:50:8b:
bc:db:93:a4:bd:1d:e0:0e:31:53:fc:1c:f8:27:9f:
9d:81:53:66:19:a9:46:f5:82:ee:eb:05:66:df:fb:
26:80:92:5f:e5:3f:67:bc:6b:0a:0f:11:4e:7d:1e:
b5:65:f6:94:39:6b:52:d0:47:ed:72:d2:4b:e6:50:
ce:6a:81:81:29:96:38:bc:86:8b:b5:8f:82:6a:71:
15:d6:a5:d1:9f:ef:f6:8f:9e:a3:c4:5c:53:6a:c4:
5c:ab:0c:74:74:91:e5:a8:16:9d:ef:55:1c:7c:f2:
a8:6b:22:4b:d9:d1:de:aa:e9:6e:78:97:bb:09:b7:
21:6a:59:ed:7f:48:75:af:73:4c:88:12:d9:03:f2:
14:fe:b9:4c:2d:48:71:77:01:e0:ea:1a:48:dc:d9:
44:08:e4:32:a9:93:1f:01:49:7f:7a:68:6e:cd:97:
8b:1a:61:a0:98:2d:8b:d8:7e:46:71:e9:72:46:d9:
83:a6:0d:86:a9:18:50:9e:7d:6c:d5:ec:67:a4:28:
94:da:0f:b2:22:a6:78:d3:71:86:b5:2c:5e:ed:c9:
1d:55:36:37:c6:be:22:f2:3e:2c:95:6a:f6:f1:44:
37:6e:ac:cc:b4:78:f6:67:9b:ae:1b:9d:32:57:08:
33:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:81:33:D7:41:80:C3:EB:A8:75:29:5B:5B:F2:E7:5D:E8:01:BD:D7
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YYEz10GAw-uodSlbW_LnXegBvdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.52.224.0/21
109.203.198.0/23
188.133.224.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:4b:82:9d:e6:c1:b6:6e:86:06:9a:9e:00:dc:c6:95:f2:2c:
77:43:49:ff:9e:11:b1:5e:27:41:e4:e9:67:01:7c:6e:bc:6c:
76:19:af:c8:ed:d2:0d:59:11:d7:28:02:91:e2:6f:e8:17:70:
41:0d:d1:ed:e7:c2:c1:bb:c1:0a:41:b8:a9:25:79:7b:6d:0c:
14:99:5f:e6:ec:d6:f6:77:b5:6a:32:83:a5:c8:a1:90:d1:9c:
f0:f9:80:4e:8e:df:51:39:fc:14:e7:96:88:bb:cc:ae:f5:b8:
6c:7f:b5:82:3d:a8:a8:96:07:c0:47:f4:e1:1c:bf:4f:27:f5:
77:ef:25:c6:18:b1:9a:2b:fe:10:a4:c7:2d:28:18:3c:eb:44:
9c:4f:0f:7e:a3:1c:3c:4e:00:63:dc:89:00:fb:8b:48:cd:0d:
4c:a0:c1:ae:1f:cf:00:85:4e:16:13:5a:b4:b1:11:cb:8d:56:
30:c6:b9:20:b9:e7:80:61:1f:20:39:63:b8:f4:2e:14:d1:ee:
d4:73:5f:e9:e6:09:ca:b5:a4:7a:2b:db:42:54:2c:64:1b:a0:
d2:fe:00:bb:22:31:fd:73:3c:3e:57:93:df:c0:7a:29:17:32:
1f:66:d6:71:c6:2b:3f:a7:3e:69:96:28:a3:e9:b0:ed:ed:e4:
ea:4c:05:68
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjOQsvO/z36iZej3grA0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTgxMzNkNzQxODBjM2ViYTg3NTI5NWI1YmYyZTc1ZGU4MDFiZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDvk4g0GCZb5McyAUIu825OkvR3g
DjFT/Bz4J5+dgVNmGalG9YLu6wVm3/smgJJf5T9nvGsKDxFOfR61ZfaUOWtS0Eft
ctJL5lDOaoGBKZY4vIaLtY+CanEV1qXRn+/2j56jxFxTasRcqwx0dJHlqBad71Uc
fPKoayJL2dHequlueJe7Cbchalntf0h1r3NMiBLZA/IU/rlMLUhxdwHg6hpI3NlE
COQyqZMfAUl/emhuzZeLGmGgmC2L2H5GcelyRtmDpg2GqRhQnn1s1exnpCiU2g+y
IqZ403GGtSxe7ckdVTY3xr4i8j4slWr28UQ3bqzMtHj2Z5uuG50yVwgzZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGGBM9dBgMPrqHUpW1vy513oAb3XMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWVlFejEwR0F3LXVvZFNsYldfTG5YZWdCdmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLjTgAwQB
bcvGAwQFvIXgMA0GCSqGSIb3DQEBCwUAA4IBAQCaS4Kd5sG2boYGmp4A3MaV8ix3
Q0n/nhGxXidB5OlnAXxuvGx2Ga/I7dINWRHXKAKR4m/oF3BBDdHt58LBu8EKQbip
JXl7bQwUmV/m7Nb2d7VqMoOlyKGQ0Zzw+YBOjt9ROfwU55aIu8yu9bhsf7WCPaio
lgfAR/ThHL9PJ/V37yXGGLGaK/4QpMctKBg860ScTw9+oxw8TgBj3IkA+4tIzQ1M
oMGuH88AhU4WE1q0sRHLjVYwxrkgueeAYR8gOWO49C4U0e7Uc1/p5gnKtaR6K9tC
VCxkG6DS/gC7IjH9czw+V5PfwHopFzIfZtZxxis/pz5pliij6bDt7eTqTAVo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org