Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/yKXw55UMGV76lb8pFqYACt54ILY.roa
File: yKXw55UMGV76lb8pFqYACt54ILY.roa (raw, json)
Hash identifier: QiNJvUGYZxJMxYnNhsPmJIvG630Ww/mrxtAE1RE8dbU=
Subject key identifier: C8:A5:F0:E7:95:0C:19:5E:FA:95:BF:29:16:A6:00:0A:DE:78:20:B6
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0189D440E78518B9AC689769BCFC3A83197C
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/yKXw55UMGV76lb8pFqYACt54ILY.roa
Signing time: Tue 08 Aug 2023 08:26:10 +0000
ROA not before: Tue 08 Aug 2023 08:26:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 5.44.248.0/24 maxlen: 32
45.67.4.0/22 maxlen: 32
137.59.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
185.72.240.0/22 maxlen: 32
46.16.32.0/24 maxlen: 32
2.58.76.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: Failed, certificate revoked on Sun 13 Aug 2023 06:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:40:e7:85:18:b9:ac:68:97:69:bc:fc:3a:83:19:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Aug 8 08:26:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8a5f0e7950c195efa95bf2916a6000ade7820b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:45:18:1c:09:c9:9c:c1:8a:65:42:e5:db:
44:bd:1d:35:b5:93:00:fd:d1:f5:9a:bd:43:3f:99:
ef:25:4c:69:de:8f:82:c7:a1:2b:d9:ae:b0:a8:bb:
73:f4:65:ea:94:ea:5d:e1:6d:1a:8e:60:ce:f7:8d:
03:9c:bc:37:ac:7b:13:b2:1e:34:43:2b:04:8f:ee:
7c:23:88:eb:8f:64:07:59:75:8c:9c:05:73:9a:d7:
21:e7:1e:3b:e2:76:43:59:09:4f:7b:1b:31:06:cc:
7f:4c:0e:26:a7:ae:8b:53:3d:b2:43:b1:7e:80:ab:
ff:1d:38:ad:79:86:6c:69:3f:56:a1:a3:c8:1c:7b:
dc:ca:bb:b3:71:ae:93:01:ca:1e:b7:69:92:da:92:
a5:5a:7d:be:68:84:e9:af:2c:2a:c0:f2:f8:9b:60:
b3:34:6e:cf:e5:ce:7e:23:f6:6e:a6:79:f9:e8:53:
2c:21:a2:f3:20:b6:13:66:e6:b3:1e:c0:7b:3c:6d:
32:99:92:33:10:da:54:46:b5:e7:46:87:58:f9:b8:
5b:b1:40:f4:98:1d:65:87:dc:d5:5c:c0:00:3b:cf:
94:45:ac:23:3b:ec:3b:5c:f0:67:aa:de:30:65:a2:
4d:c0:6a:5a:47:ff:8d:1b:bc:2d:07:f8:fa:19:ad:
18:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A5:F0:E7:95:0C:19:5E:FA:95:BF:29:16:A6:00:0A:DE:78:20:B6
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/yKXw55UMGV76lb8pFqYACt54ILY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
5.44.248.0/24
45.67.4.0/22
46.16.32.0/24
92.119.168.0/22
137.59.4.0/22
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:ce:af:5a:60:af:26:18:49:d6:17:42:82:0c:36:46:c2:c9:
e8:f1:01:28:cd:2d:cc:cb:02:94:65:72:95:e9:80:ce:e0:e9:
84:90:1b:db:e4:36:e2:5b:83:2f:95:30:cf:9d:30:6f:ea:c3:
9f:33:ee:71:49:02:e4:44:da:e0:63:d3:e9:a4:67:46:a6:28:
60:58:01:6a:76:de:5e:c1:fe:87:c7:69:96:5a:3d:34:ce:2c:
12:0e:b6:0b:b9:ce:8e:fc:fa:71:89:ba:5f:42:70:30:ab:aa:
47:1d:cb:41:23:ba:03:6e:d5:35:66:f6:a2:64:cf:85:89:77:
e3:04:c3:43:8b:62:cc:87:7a:ef:11:9b:25:4f:eb:88:f0:5c:
f0:ed:92:03:37:99:a0:ce:40:2d:01:cf:62:cb:d2:7a:05:8d:
05:55:71:56:ef:a7:27:1e:30:cb:6c:8f:ac:8c:64:22:b0:a6:
84:0c:7a:de:2a:03:45:eb:99:8f:ce:7e:94:d4:c9:43:ff:2c:
a6:9b:13:73:ed:3a:11:1e:47:cd:66:b0:86:a6:2b:de:c0:a8:
91:f4:77:de:d0:81:b6:c5:94:7e:b8:a6:27:7d:23:08:ae:ec:
13:cc:74:f6:77:37:60:ad:8f:66:84:4d:d3:a4:dc:fe:95:ec:
80:ff:3d:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYnUQOeFGLmsaJdpvPw6gxl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwODA4MDgyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGE1ZjBlNzk1MGMxOTVlZmE5NWJmMjkxNmE2MDAwYWRlNzgyMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna1FGBwJyZzBimVC5dtEvR01tZMA
/dH1mr1DP5nvJUxp3o+Cx6Er2a6wqLtz9GXqlOpd4W0ajmDO940DnLw3rHsTsh40
QysEj+58I4jrj2QHWXWMnAVzmtch5x474nZDWQlPexsxBsx/TA4mp66LUz2yQ7F+
gKv/HTiteYZsaT9WoaPIHHvcyruzca6TAcoet2mS2pKlWn2+aITprywqwPL4m2Cz
NG7P5c5+I/Zupnn56FMsIaLzILYTZuazHsB7PG0ymZIzENpURrXnRodY+bhbsUD0
mB1lh9zVXMAAO8+URawjO+w7XPBnqt4wZaJNwGpaR/+NG7wtB/j6Ga0YVQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMil8OeVDBle+pW/KRamAAreeCC2MB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEveUtYdzU1VU1HVjc2bGI4cEZxWUFDdDU0SUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjpMAwQA
BSz4AwQCLUMEAwQALhAgAwQCXHeoAwQCiTsEAwQCuUjwAwQC1a08MA0GCSqGSIb3
DQEBCwUAA4IBAQAezq9aYK8mGEnWF0KCDDZGwsno8QEozS3MywKUZXKV6YDO4OmE
kBvb5DbiW4MvlTDPnTBv6sOfM+5xSQLkRNrgY9PppGdGpihgWAFqdt5ewf6Hx2mW
Wj00ziwSDrYLuc6O/PpxibpfQnAwq6pHHctBI7oDbtU1ZvaiZM+FiXfjBMNDi2LM
h3rvEZslT+uI8Fzw7ZIDN5mgzkAtAc9iy9J6BY0FVXFW76cnHjDLbI+sjGQisKaE
DHreKgNF65mPzn6U1MlD/yymmxNz7ToRHkfNZrCGpivewKiR9Hfe0IG2xZR+uKYn
fSMIruwTzHT2dzdgrY9mhE3TpNz+leyA/z1B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org