Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeqbGxK-tCJfZA7RkH_hR9_g6B0.roa
File: YeqbGxK-tCJfZA7RkH_hR9_g6B0.roa (raw, json)
Hash identifier: /Rd5Db/dV8sQC21oF7iByOw3TAeWeD1foV7pC0T9yFY=
Subject key identifier: 61:EA:9B:1B:12:BE:B4:22:5F:64:0E:D1:90:7F:E1:47:DF:E0:E8:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018894901B3AB89DEC43CC9EAD90B30F7B7D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeqbGxK-tCJfZA7RkH_hR9_g6B0.roa
Signing time: Wed 07 Jun 2023 06:34:12 +0000
ROA not before: Wed 07 Jun 2023 06:34:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.104.0/24 maxlen: 24
195.133.84.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.188.0/24 maxlen: 24
194.87.86.0/24 maxlen: 24
194.87.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:90:1b:3a:b8:9d:ec:43:cc:9e:ad:90:b3:0f:7b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 7 06:34:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61ea9b1b12beb4225f640ed1907fe147dfe0e81d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0f:5a:a1:89:50:a7:15:54:43:2c:2a:45:f5:
13:78:bb:63:76:9a:b0:63:a8:e1:e1:1e:c9:71:f8:
2f:b0:a6:3c:b5:be:71:d9:f1:2f:e9:a4:32:d7:41:
6f:c5:bf:8a:40:be:55:c6:cc:81:15:fb:a1:df:5a:
5f:64:26:8d:df:4d:8e:e1:c0:b0:58:62:0e:34:51:
19:3c:24:6b:a8:ac:71:71:7c:15:d1:7c:c3:14:c6:
3a:f9:46:e6:03:ee:60:03:66:1c:ed:4b:7e:b6:14:
a4:ce:1b:84:8d:ea:ce:41:6d:54:09:09:1b:ea:52:
c8:9f:45:7b:4e:e2:d4:2a:f7:d9:c8:80:b8:03:e5:
c0:73:3a:5d:7c:83:04:6d:ff:92:71:74:fe:f5:65:
c0:fc:44:b4:bc:19:51:02:db:e1:4f:75:0f:29:94:
51:f5:7a:81:46:6c:b3:ec:e2:86:6e:51:68:49:52:
40:aa:f6:a3:1c:e2:8b:d4:b5:cb:e2:de:b2:1e:44:
8c:5d:77:11:04:ac:91:35:00:50:b3:59:8f:cc:84:
45:91:3d:01:07:f5:14:eb:08:47:6f:83:31:c5:90:
84:ca:1e:6b:cc:e2:57:a0:d6:f6:61:39:f6:68:c2:
79:97:ab:de:ec:5d:8b:ca:4c:9e:fc:b6:f6:d1:e3:
7b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:EA:9B:1B:12:BE:B4:22:5F:64:0E:D1:90:7F:E1:47:DF:E0:E8:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YeqbGxK-tCJfZA7RkH_hR9_g6B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
194.87.86.0/24
194.87.91.0/24
194.87.104.0/24
194.87.188.0/24
195.58.56.0/24
195.58.59.0/24
195.58.61.0/24
195.133.84.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:6c:2e:50:01:02:8a:03:5a:2e:43:63:01:9f:cb:52:0b:30:
68:e5:7f:77:27:0c:d0:d2:b7:a3:d4:2f:4d:8e:6d:29:12:29:
93:c6:4d:39:d7:73:8b:6d:44:71:69:c2:7f:af:4d:27:94:63:
6f:6d:04:62:2e:5b:b0:be:ca:b7:eb:7a:72:b3:11:49:03:de:
67:70:86:7c:5a:dd:b4:1e:2a:c3:90:3f:67:2a:30:fe:25:44:
aa:f3:d7:09:5a:ab:34:60:c1:26:e6:a2:f6:78:39:69:e6:b5:
45:24:d3:37:8d:6f:af:d2:3e:a8:fc:51:c4:19:c3:2b:40:05:
d2:da:d4:88:f2:0c:7a:c2:0c:f1:4a:b4:55:17:a6:31:55:64:
21:a9:d0:c8:6d:e0:74:96:29:4a:d5:12:b7:27:31:80:62:e8:
0f:a8:b9:47:03:0a:5b:1b:dc:46:77:26:20:53:85:3b:75:12:
3c:bf:cc:0b:2a:69:6d:d6:09:7d:ae:c6:b1:e8:c9:c9:0f:6f:
d4:36:6a:98:bf:a8:f7:d8:d8:a2:54:a3:b0:2d:85:8d:8e:4f:
fb:f8:cb:b1:d2:f2:47:13:bb:cd:e4:66:e8:81:37:a3:78:15:
a9:e7:ab:8b:64:83:d4:59:57:a2:d1:fc:b1:98:3a:53:db:c0:
2e:42:c7:e0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYiUkBs6uJ3sQ8yerZCzD3t9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjA3MDYzNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWVhOWIxYjEyYmViNDIyNWY2NDBlZDE5MDdmZTE0N2RmZTBlODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAww9aoYlQpxVUQywqRfUTeLtjdpqw
Y6jh4R7JcfgvsKY8tb5x2fEv6aQy10Fvxb+KQL5VxsyBFfuh31pfZCaN302O4cCw
WGIONFEZPCRrqKxxcXwV0XzDFMY6+UbmA+5gA2Yc7Ut+thSkzhuEjerOQW1UCQkb
6lLIn0V7TuLUKvfZyIC4A+XAczpdfIMEbf+ScXT+9WXA/ES0vBlRAtvhT3UPKZRR
9XqBRmyz7OKGblFoSVJAqvajHOKL1LXL4t6yHkSMXXcRBKyRNQBQs1mPzIRFkT0B
B/UU6whHb4MxxZCEyh5rzOJXoNb2YTn2aMJ5l6ve7F2Lykye/Lb20eN79wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGHqmxsSvrQiX2QO0ZB/4Uff4OgdMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWVxYkd4Sy10Q0pmWkE3UmtIX2hSOV9nNkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPkziAwQA
wldWAwQAwldbAwQAwldoAwQAwle8AwQAwzo4AwQAwzo7AwQAwzo9AwQAw4VUMA0G
CSqGSIb3DQEBCwUAA4IBAQB9bC5QAQKKA1ouQ2MBn8tSCzBo5X93JwzQ0rej1C9N
jm0pEimTxk0513OLbURxacJ/r00nlGNvbQRiLluwvsq363pysxFJA95ncIZ8Wt20
HirDkD9nKjD+JUSq89cJWqs0YMEm5qL2eDlp5rVFJNM3jW+v0j6o/FHEGcMrQAXS
2tSI8gx6wgzxSrRVF6YxVWQhqdDIbeB0lilK1RK3JzGAYugPqLlHAwpbG9xGdyYg
U4U7dRI8v8wLKmlt1gl9rsax6MnJD2/UNmqYv6j32NiiVKOwLYWNjk/7+Mux0vJH
E7vN5GbogTejeBWp56uLZIPUWVei0fyxmDpT28AuQsfg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:00 2023 by rpki-client on console-ams.rpki-client.org