Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YBJ27XhTeq1VLgSsNUtsVXQuBt8.roa
File: YBJ27XhTeq1VLgSsNUtsVXQuBt8.roa (raw, json)
Hash identifier: ufI70cqiib7oZE1YXSZhT7DR2pz8fVuAU/SkNBuK7FI=
Subject key identifier: 60:12:76:ED:78:53:7A:AD:55:2E:04:AC:35:4B:6C:55:74:2E:06:DF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C1A3D6A2A9034EB820C7A337D4F13FEAE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YBJ27XhTeq1VLgSsNUtsVXQuBt8.roa
Signing time: Wed 29 Nov 2023 08:41:21 +0000
ROA not before: Wed 29 Nov 2023 08:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 194.87.1.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
212.192.214.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
194.87.104.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.56.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
194.87.83.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
195.133.84.0/23 maxlen: 23
212.192.11.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:3d:6a:2a:90:34:eb:82:0c:7a:33:7d:4f:13:fe:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 29 08:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=601276ed78537aad552e04ac354b6c55742e06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7d:12:7b:4b:01:4f:7a:e9:d4:d9:83:7c:4c:
6c:db:d3:a6:48:b1:b5:13:de:83:59:c3:4a:7a:44:
76:44:f6:e2:41:6c:f4:fa:f4:20:db:39:c0:3e:52:
af:bb:86:f9:d4:20:c4:13:28:e9:b9:99:ed:a8:51:
b4:dc:35:c5:35:b9:0a:b1:63:e1:8b:7e:f7:69:2e:
8c:f1:84:bb:1f:ac:fe:f2:0e:4f:a4:70:ea:05:8c:
a8:36:d9:cc:89:68:c7:07:9e:4f:12:16:ff:3a:48:
5c:73:66:2a:01:5f:38:a0:26:86:fe:49:e6:7c:8f:
e6:7b:2b:06:a8:0f:8e:c0:40:fc:ed:e2:dc:36:d6:
9c:20:a8:77:44:d7:94:b2:d5:a4:69:4d:6e:31:c4:
a5:91:ab:35:42:10:ab:dd:b5:d0:00:b2:89:4f:27:
d6:ab:a4:26:bc:ec:77:bc:d5:1a:9e:65:05:22:05:
df:78:13:fc:25:8c:78:35:dc:52:62:61:13:e1:f7:
0d:66:2e:24:80:91:ff:9a:b4:9b:b2:94:e2:86:2b:
15:e7:93:63:0b:1c:f0:04:34:c9:61:65:cc:38:19:
5f:26:16:17:4e:fa:4c:f8:db:f7:95:c4:6c:00:d8:
5a:eb:ef:ee:6a:1f:c6:1c:67:95:9f:4b:5d:2a:38:
3d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:12:76:ED:78:53:7A:AD:55:2E:04:AC:35:4B:6C:55:74:2E:06:DF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YBJ27XhTeq1VLgSsNUtsVXQuBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
193.124.200.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.83.0/24
194.87.104.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
194.87.200.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.73.0/24
195.133.84.0/23
212.192.11.0/24
212.192.214.0/24
Signature Algorithm: sha256WithRSAEncryption
86:76:7c:7f:14:cc:be:7d:11:51:92:2d:bd:f2:f8:3d:a3:ca:
83:41:e4:9d:bc:35:6c:62:38:24:2c:d4:60:71:6d:a1:f3:d7:
fd:7d:80:2b:d5:b0:28:37:08:bc:ed:23:52:57:47:02:4f:0a:
fe:86:23:31:c5:06:a8:d0:b0:22:36:a2:f5:7a:d8:48:06:74:
2e:db:09:a1:d9:8d:1d:32:bc:6c:e3:86:46:6d:57:74:b0:ea:
16:4d:bb:11:c3:f7:1e:1d:5d:15:6e:62:de:a3:4d:37:aa:f2:
fa:f6:d8:e7:49:0b:a2:ad:37:7a:99:b0:50:28:fb:77:8f:fb:
c4:ec:69:1e:7c:14:b7:20:8f:49:87:97:27:c5:ae:9a:54:fd:
b6:16:0f:b1:46:92:ba:98:5d:37:7f:bd:e7:e5:5e:00:78:27:
4d:46:15:f5:99:b1:79:90:c7:cb:c6:b1:0e:9c:37:cc:54:d7:
4e:60:d5:83:6c:ef:19:f9:30:da:23:8d:d9:6b:3f:00:28:1e:
7c:47:f7:4c:d6:bf:bf:1b:db:e9:fa:bc:a1:a3:ff:0f:8c:62:
c0:0c:65:24:eb:e8:15:23:d9:89:96:6c:56:81:05:3b:67:68:
3f:2c:46:32:10:32:24:87:51:20:09:39:19:83:76:2e:4f:31:
9b:0a:aa:51
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYwaPWoqkDTrggx6M31PE/6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI5MDg0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDEyNzZlZDc4NTM3YWFkNTUyZTA0YWMzNTRiNmM1NTc0MmUwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX0Se0sBT3rp1NmDfExs29OmSLG1
E96DWcNKekR2RPbiQWz0+vQg2znAPlKvu4b51CDEEyjpuZntqFG03DXFNbkKsWPh
i373aS6M8YS7H6z+8g5PpHDqBYyoNtnMiWjHB55PEhb/Okhcc2YqAV84oCaG/knm
fI/meysGqA+OwED87eLcNtacIKh3RNeUstWkaU1uMcSlkas1QhCr3bXQALKJTyfW
q6QmvOx3vNUanmUFIgXfeBP8JYx4NdxSYmET4fcNZi4kgJH/mrSbspTihisV55Nj
CxzwBDTJYWXMOBlfJhYXTvpM+Nv3lcRsANha6+/uah/GHGeVn0tdKjg9WQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFGASdu14U3qtVS4ErDVLbFV0LgbfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWUJKMjdYaFRlcTFWTGdTc05VdHNWWFF1QnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADBfMgDBADCOi8DBADCVwEwDAME
AMJXCwMEAMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXUwMEAMJXaAME
AMJXbAMEAcJXcgMEAMJXegMEAMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAMJXyAME
AcM6OgMEAcM6PgMEAMOFAAMEAcOFKAMEAMOFSQMEAcOFVAMEANTACwMEANTA1jAN
BgkqhkiG9w0BAQsFAAOCAQEAhnZ8fxTMvn0RUZItvfL4PaPKg0Hknbw1bGI4JCzU
YHFtofPX/X2AK9WwKDcIvO0jUldHAk8K/oYjMcUGqNCwIjai9XrYSAZ0LtsJodmN
HTK8bOOGRm1XdLDqFk27EcP3Hh1dFW5i3qNNN6ry+vbY50kLoq03epmwUCj7d4/7
xOxpHnwUtyCPSYeXJ8WumlT9thYPsUaSuphdN3+95+VeAHgnTUYV9ZmxeZDHy8ax
Dpw3zFTXTmDVg2zvGfkw2iON2Ws/ACgefEf3TNa/vxvb6fq8oaP/D4xiwAxlJOvo
FSPZiZZsVoEFO2doPyxGMhAyJIdRIAk5GYN2Lk8xmwqqUQ==
-----END CERTIFICATE-----
Generated at Thu Nov 30 17:46:32 2023 by rpki-client on console-ams.rpki-client.org