Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YlJ2esw7eofZ9kTts_a7w185K1E.roa
File: YlJ2esw7eofZ9kTts_a7w185K1E.roa (raw, json)
Hash identifier: hh+KztkasN8bC2Le8bX5SygUfydNEMXAs71xlyoRO70=
Subject key identifier: 62:52:76:7A:CC:3B:7A:87:D9:F6:44:ED:B3:F6:BB:C3:5F:39:2B:51
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E31E920F25C90784B3F9CBAA5347A085C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YlJ2esw7eofZ9kTts_a7w185K1E.roa
Signing time: Tue 12 Mar 2024 09:05:45 +0000
ROA not before: Tue 12 Mar 2024 09:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.65.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 14:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:e9:20:f2:5c:90:78:4b:3f:9c:ba:a5:34:7a:08:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 09:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6252767acc3b7a87d9f644edb3f6bbc35f392b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:51:1c:7a:20:b6:d8:87:05:25:da:1c:85:dd:
da:c4:c2:2a:4e:ef:bf:21:2e:15:01:6f:17:ca:ef:
0f:a9:3f:d8:7d:c9:a6:31:53:9e:3e:43:9b:f9:bd:
f0:aa:2a:51:85:fe:09:7c:d7:97:46:a0:0a:ac:88:
08:3d:51:22:b6:72:74:a5:01:98:64:7d:3d:8c:1d:
10:5b:b0:f8:0c:f2:dd:7a:20:a9:cf:e6:2a:f0:d5:
bd:31:14:fc:9a:93:ab:4e:92:98:e1:b3:94:27:77:
c9:47:b0:92:24:94:d0:a7:d5:62:9b:be:49:fd:44:
0e:95:4a:fd:c0:68:d7:52:5a:d7:e7:8b:ff:1c:bb:
33:55:d6:9d:26:05:37:08:76:ad:ce:c1:23:c3:f3:
9b:bf:68:e7:04:4b:b0:eb:a2:ab:2d:25:92:06:75:
38:1c:4f:21:75:c1:9b:35:18:e5:83:dd:77:35:12:
47:42:e1:96:3d:0f:cf:4c:6f:04:2b:65:aa:6b:6b:
44:3e:a8:76:01:ff:38:a0:3d:0f:f8:74:ae:18:dc:
5f:96:b5:34:3d:79:14:fa:9a:57:c8:82:5d:49:67:
74:6d:3b:c7:2f:14:7a:95:76:72:64:62:ad:43:58:
bd:d7:17:d5:c5:df:de:30:49:d9:ba:75:02:b9:45:
eb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:52:76:7A:CC:3B:7A:87:D9:F6:44:ED:B3:F6:BB:C3:5F:39:2B:51
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YlJ2esw7eofZ9kTts_a7w185K1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
45.8.94.0/24
87.120.68.0/23
87.121.61.0-87.121.63.255
87.121.114.0/23
91.92.26.0/24
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
62:fd:3e:25:2b:ca:7d:f1:84:50:eb:d3:dc:9b:5d:20:28:07:
27:5c:86:e6:33:7a:c1:ff:ce:e6:bd:45:ff:8d:2b:09:87:81:
5b:8a:76:39:69:51:e9:78:17:34:1a:c6:71:6b:09:3d:2c:34:
43:14:78:1f:17:4c:fa:d1:b6:fb:a6:59:51:4f:6f:82:e2:0f:
21:2d:48:46:51:83:ca:47:0d:9a:2b:e1:d5:32:33:57:a7:07:
65:24:ed:65:fc:cb:72:64:b1:48:18:21:45:f3:97:0d:8f:21:
b2:25:43:14:4a:e1:5e:22:84:cd:26:f6:0c:28:9c:cc:35:b5:
8b:48:1f:73:48:50:5f:1c:ad:57:24:9e:72:4d:ab:5a:0c:ee:
f6:c7:23:6f:f8:1d:38:58:ab:33:ce:f9:48:df:51:97:e2:9a:
11:58:c3:c3:32:31:83:4f:75:51:81:51:c9:e0:df:17:9b:4e:
c2:9a:7b:1c:e7:f9:8d:43:d0:7b:d6:c5:00:0c:c3:30:11:f7:
5b:34:3f:19:52:89:60:7a:79:72:39:47:78:52:6d:c6:bf:23:
fc:7c:6b:69:3c:64:fc:57:71:30:7c:f0:a9:91:68:dc:59:67:
b7:64:3e:d2:6b:db:4d:4c:0c:38:05:97:3f:85:88:46:a7:3a:
aa:d1:19:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY4x6SDyXJB4Sz+cuqU0eghcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzEyMDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUyNzY3YWNjM2I3YTg3ZDlmNjQ0ZWRiM2Y2YmJjMzVmMzkyYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1EceiC22IcFJdochd3axMIqTu+/
IS4VAW8Xyu8PqT/YfcmmMVOePkOb+b3wqipRhf4JfNeXRqAKrIgIPVEitnJ0pQGY
ZH09jB0QW7D4DPLdeiCpz+Yq8NW9MRT8mpOrTpKY4bOUJ3fJR7CSJJTQp9Vim75J
/UQOlUr9wGjXUlrX54v/HLszVdadJgU3CHatzsEjw/Obv2jnBEuw66KrLSWSBnU4
HE8hdcGbNRjlg913NRJHQuGWPQ/PTG8EK2Wqa2tEPqh2Af84oD0P+HSuGNxflrU0
PXkU+ppXyIJdSWd0bTvHLxR6lXZyZGKtQ1i91xfVxd/eMEnZunUCuUXr+wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGJSdnrMO3qH2fZE7bP2u8NfOStRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWWxKMmVzdzdlb2ZaOWtUdHNfYTd3MTg1SzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABf1BAwQA
LQheAwQBV3hEMAwDBABXeT0DBAZXeQADBAFXeXIDBABbXBoDBAFde0oDBABde1AD
BAG5/KAwDQYJKoZIhvcNAQELBQADggEBAGL9PiUryn3xhFDr09ybXSAoBydchuYz
esH/zua9Rf+NKwmHgVuKdjlpUel4FzQaxnFrCT0sNEMUeB8XTPrRtvumWVFPb4Li
DyEtSEZRg8pHDZor4dUyM1enB2Uk7WX8y3JksUgYIUXzlw2PIbIlQxRK4V4ihM0m
9gwonMw1tYtIH3NIUF8crVcknnJNq1oM7vbHI2/4HThYqzPO+UjfUZfimhFYw8My
MYNPdVGBUcng3xebTsKaexzn+Y1D0HvWxQAMwzAR91s0PxlSiWB6eXI5R3hSbca/
I/x8a2k8ZPxXcTB88KmRaNxZZ7dkPtJr201MDDgFlz+FiEanOqrRGZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:13 2024 by rpki-client on console-fra.rpki-client.org