Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Yxd-Akgtwe28ABvBzvgPltuYMZw.roa
File: Yxd-Akgtwe28ABvBzvgPltuYMZw.roa (raw, json)
Hash identifier: yYDxf8h6cB+QoiMZ6ITAbRf3mhp9RA91Egpo8T4EHr0=
Subject key identifier: 63:17:7E:02:48:2D:C1:ED:BC:00:1B:C1:CE:F8:0F:96:DB:98:31:9C
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018A84DCFEB99B69D353C3691A5E00D86103
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Yxd-Akgtwe28ABvBzvgPltuYMZw.roa
Signing time: Mon 11 Sep 2023 15:29:50 +0000
ROA not before: Mon 11 Sep 2023 15:29:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57633
IP address blocks: 195.49.132.0/22 maxlen: 22
45.9.244.0/22 maxlen: 22
185.79.220.0/22 maxlen: 22
77.240.192.0/20 maxlen: 20
37.25.72.0/21 maxlen: 21
46.182.208.0/21 maxlen: 21
2a00:1ab0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:dc:fe:b9:9b:69:d3:53:c3:69:1a:5e:00:d8:61:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Sep 11 15:29:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63177e02482dc1edbc001bc1cef80f96db98319c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9f:f1:39:4a:82:18:b0:09:b6:8b:ba:44:8d:
79:94:a5:b2:19:91:be:ad:4e:61:b3:f1:c6:55:df:
99:d8:bf:7a:7d:6c:79:0d:df:3e:fa:0b:0b:ae:7c:
ff:ab:2a:0f:68:c3:53:a9:f8:a0:15:03:74:25:ca:
24:6c:76:87:0a:4f:3f:0c:db:ad:a5:b6:b6:f1:1d:
19:39:50:aa:e2:73:d8:ce:1b:b5:c9:7b:24:87:be:
f5:a1:93:0b:f8:3c:4c:4f:a6:66:fe:f5:b0:04:34:
55:b7:4a:0d:70:1d:87:8e:55:51:14:8c:5f:27:13:
a2:38:90:39:9e:ea:f9:15:f7:bd:f2:29:55:db:97:
d9:fc:25:cd:22:d0:8b:c8:74:ea:ea:be:59:83:08:
61:9a:40:4f:f0:5b:1f:df:0f:0f:e0:8f:73:61:df:
c8:70:86:91:93:a9:ae:7b:4f:97:3f:64:bc:4e:b7:
ea:a1:60:75:e1:12:e1:53:f8:df:80:ab:f5:5d:79:
a6:f4:8d:51:fa:8f:fb:f8:75:62:b8:01:24:35:1d:
94:c4:bc:3e:99:09:b4:64:ad:c5:45:73:32:58:11:
8e:c6:7e:e9:54:40:1d:05:52:1f:13:e8:81:d8:dc:
5d:89:8e:c4:01:60:06:c8:2a:c5:93:8d:3f:5b:bc:
b1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:17:7E:02:48:2D:C1:ED:BC:00:1B:C1:CE:F8:0F:96:DB:98:31:9C
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/Yxd-Akgtwe28ABvBzvgPltuYMZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.72.0/21
45.9.244.0/22
46.182.208.0/21
77.240.192.0/20
185.79.220.0/22
195.49.132.0/22
IPv6:
2a00:1ab0::/32
Signature Algorithm: sha256WithRSAEncryption
22:fb:d3:cb:10:8e:7f:f3:fa:bd:87:0e:7e:eb:ff:54:65:33:
47:e4:f2:4c:97:da:74:44:2f:ab:98:6a:92:47:be:0f:75:97:
96:6a:da:92:2f:d9:07:69:1d:97:aa:cc:29:41:da:2f:36:e7:
0a:6a:20:51:46:15:54:4c:54:42:82:7e:95:c7:6b:bb:4e:0b:
9b:91:e0:c5:3e:5f:72:d9:32:6d:c4:59:51:cf:fb:17:1d:1d:
46:27:18:2c:7f:e6:49:68:90:3c:5f:e8:b1:23:b6:7b:27:f0:
19:b2:9b:46:b0:49:ba:fd:45:58:71:cc:05:b8:7b:c0:a3:75:
54:34:14:e8:e2:7c:51:1c:c6:7e:5e:e5:1d:e5:fc:ae:c0:cf:
e7:bc:3a:8c:c0:69:0c:47:90:4f:5a:7c:de:88:db:25:96:3c:
62:65:f5:30:9b:e5:40:9d:6f:91:39:10:33:97:cc:b0:2f:66:
6b:69:01:ba:b7:bc:e5:49:ef:54:17:d8:60:f9:db:5f:85:c7:
ff:b5:61:04:83:d9:48:f8:45:93:72:06:97:c8:02:8e:32:02:
50:ef:e7:cd:4e:61:92:ca:90:a4:aa:09:93:90:e8:7e:46:3e:
e5:bc:83:c9:14:4c:bf:8b:dd:b2:04:c0:55:16:b9:92:2d:6b:
85:bf:e5:88
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYqE3P65m2nTU8NpGl4A2GEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwOTExMTUyOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE3N2UwMjQ4MmRjMWVkYmMwMDFiYzFjZWY4MGY5NmRiOTgzMTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp/xOUqCGLAJtou6RI15lKWyGZG+
rU5hs/HGVd+Z2L96fWx5Dd8++gsLrnz/qyoPaMNTqfigFQN0JcokbHaHCk8/DNut
pba28R0ZOVCq4nPYzhu1yXskh771oZML+DxMT6Zm/vWwBDRVt0oNcB2HjlVRFIxf
JxOiOJA5nur5Ffe98ilV25fZ/CXNItCLyHTq6r5ZgwhhmkBP8Fsf3w8P4I9zYd/I
cIaRk6mue0+XP2S8TrfqoWB14RLhU/jfgKv1XXmm9I1R+o/7+HViuAEkNR2UxLw+
mQm0ZK3FRXMyWBGOxn7pVEAdBVIfE+iB2NxdiY7EAWAGyCrFk40/W7yxzwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGMXfgJILcHtvAAbwc74D5bbmDGcMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvWXhkLUFrZ3R3ZTI4QUJ2Qnp2Z1BsdHVZTVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJRlIAwQC
LQn0AwQDLrbQAwQETfDAAwQCuU/cAwQCwzGEMA0EAgACMAcDBQAqABqwMA0GCSqG
SIb3DQEBCwUAA4IBAQAi+9PLEI5/8/q9hw5+6/9UZTNH5PJMl9p0RC+rmGqSR74P
dZeWatqSL9kHaR2XqswpQdovNucKaiBRRhVUTFRCgn6Vx2u7TgubkeDFPl9y2TJt
xFlRz/sXHR1GJxgsf+ZJaJA8X+ixI7Z7J/AZsptGsEm6/UVYccwFuHvAo3VUNBTo
4nxRHMZ+XuUd5fyuwM/nvDqMwGkMR5BPWnzeiNslljxiZfUwm+VAnW+RORAzl8yw
L2ZraQG6t7zlSe9UF9hg+dtfhcf/tWEEg9lI+EWTcgaXyAKOMgJQ7+fNTmGSypCk
qgmTkOh+Rj7lvIPJFEy/i92yBMBVFrmSLWuFv+WI
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:04 2024 by rpki-client on console-ams.rpki-client.org