Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/yY2FZ-vvJfG4OCwG7bWTAQ1yR7s.roa
File: yY2FZ-vvJfG4OCwG7bWTAQ1yR7s.roa (raw, json)
Hash identifier: YNSEtG7sbwLipTpnwJtuoENAVrFZBBk5AA0gpjRDH5w=
Subject key identifier: C9:8D:85:67:EB:EF:25:F1:B8:38:2C:06:ED:B5:93:01:0D:72:47:BB
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 01877467BCC969B96BF98997E57FBB9E81A1
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/yY2FZ-vvJfG4OCwG7bWTAQ1yR7s.roa
Signing time: Wed 12 Apr 2023 07:39:28 +0000
ROA not before: Wed 12 Apr 2023 07:39:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5390
IP address blocks: 83.119.0.0/18 maxlen: 24
83.119.0.0/21 maxlen: 24
85.148.0.0/15 maxlen: 16
83.119.8.0/21 maxlen: 24
83.119.16.0/20 maxlen: 24
83.119.14.0/24 maxlen: 24
83.118.224.0/22 maxlen: 24
85.150.0.0/16 maxlen: 16
2a02:2500::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 May 2023 14:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:67:bc:c9:69:b9:6b:f9:89:97:e5:7f:bb:9e:81:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: Apr 12 07:39:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c98d8567ebef25f1b8382c06edb593010d7247bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5d:42:c2:28:fc:fd:c8:bb:96:66:57:68:9e:
13:a9:b5:6c:f0:3f:f4:06:98:99:76:17:0c:09:84:
a4:0c:83:e4:37:d1:71:c7:52:b7:51:3d:4a:52:57:
d1:08:9e:77:ff:4c:bc:6b:ee:1c:3a:4a:44:09:e8:
fe:a7:6d:ec:30:28:ee:76:f1:14:99:59:b2:51:fd:
13:69:78:eb:b7:55:f2:8b:fe:9a:18:19:05:04:30:
03:72:87:51:db:b7:03:72:a2:9e:13:2e:44:1d:45:
52:b1:7f:32:a3:4b:56:a2:f6:e9:cc:ca:e1:ad:b2:
2a:c8:df:4a:0e:cb:62:1e:e2:f8:58:45:10:bf:cb:
e7:ed:4c:8f:e6:50:0d:60:2c:8b:71:f8:87:9d:a8:
03:97:85:bc:00:5a:37:c1:7f:b1:c9:8c:8b:e4:0b:
79:c4:33:ce:b5:bd:53:02:46:45:30:c1:64:b3:25:
db:cc:2c:31:1f:1c:28:49:ce:e2:60:47:57:04:16:
23:12:bf:a4:7e:72:89:d1:ae:a8:eb:16:05:0a:75:
e5:d5:60:54:b7:01:25:47:e4:0e:a3:a8:92:80:49:
02:35:e0:59:1b:d3:58:40:f6:a6:e2:2e:11:a9:96:
56:db:a3:d3:7b:67:c9:69:65:f6:cc:2e:19:35:0a:
fb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8D:85:67:EB:EF:25:F1:B8:38:2C:06:ED:B5:93:01:0D:72:47:BB
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/yY2FZ-vvJfG4OCwG7bWTAQ1yR7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.224.0/22
83.119.0.0/18
85.148.0.0-85.150.255.255
IPv6:
2a02:2500::/32
Signature Algorithm: sha256WithRSAEncryption
24:08:98:69:eb:ed:ae:e8:e5:b6:2d:ab:86:8b:ea:30:99:1b:
e8:a3:e5:b8:83:76:48:09:6e:30:e6:1e:b1:db:09:22:c7:da:
99:83:41:24:87:bf:73:1f:e9:af:8b:f0:07:f0:f6:cb:a5:e8:
21:a6:47:c8:e1:0f:11:3b:e2:6e:b6:77:8d:5e:b1:fd:c2:ce:
88:73:0e:1f:5a:c2:6e:58:77:b7:0f:d7:95:bb:d1:45:19:68:
9d:d6:83:2f:78:35:55:9f:6a:1e:f8:29:fd:34:1a:63:5a:a1:
91:e9:5d:c3:57:64:5a:07:12:4f:d7:8d:43:5a:05:fe:7e:93:
65:0b:ce:9b:f9:44:d1:6e:35:23:ec:58:69:3f:71:65:bd:07:
06:32:0c:c6:d6:45:ac:20:66:65:a5:6c:b6:02:4b:1f:b3:52:
8f:5c:06:3e:a4:64:21:03:09:a0:b0:3e:73:96:c2:d1:66:22:
25:54:39:18:77:78:4a:f6:dd:36:55:02:40:c2:a8:11:ce:e6:
3d:23:c7:83:b5:d8:52:9c:09:23:83:0a:cc:ee:43:53:b6:be:
8e:08:ed:05:38:11:d6:bc:98:14:06:b1:78:84:dc:88:bb:5a:
90:e0:24:42:65:ba:09:f6:92:15:65:47:0d:88:43:84:28:6c:
43:ee:24:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYd0Z7zJablr+YmX5X+7noGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTk2Y2VjYzIxZGQwMjY3N2E3MjdlZjM3ZjA2ODk1NDZl
YTUwOTcwHhcNMjMwNDEyMDczOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThkODU2N2ViZWYyNWYxYjgzODJjMDZlZGI1OTMwMTBkNzI0N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl1Cwij8/ci7lmZXaJ4TqbVs8D/0
BpiZdhcMCYSkDIPkN9Fxx1K3UT1KUlfRCJ53/0y8a+4cOkpECej+p23sMCjudvEU
mVmyUf0TaXjrt1Xyi/6aGBkFBDADcodR27cDcqKeEy5EHUVSsX8yo0tWovbpzMrh
rbIqyN9KDstiHuL4WEUQv8vn7UyP5lANYCyLcfiHnagDl4W8AFo3wX+xyYyL5At5
xDPOtb1TAkZFMMFksyXbzCwxHxwoSc7iYEdXBBYjEr+kfnKJ0a6o6xYFCnXl1WBU
twElR+QOo6iSgEkCNeBZG9NYQPam4i4RqZZW26PTe2fJaWX2zC4ZNQr7gQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMmNhWfr7yXxuDgsBu21kwENcke7MB8GA1UdIwQY
MBaAFElZbOzCHdAmd6cn7zfwaJVG6lCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUt
ODk3ZDAwOTc3ZmYyLzEveVkyRlotdnZKZkc0T0N3RzdiV1RBUTF5UjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUtODk3ZDAwOTc3ZmYy
LzEvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCU3bgAwQG
U3cAMAoDAwJVlAMDAFWWMA0EAgACMAcDBQAqAiUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAkCJhp6+2u6OW2LauGi+owmRvoo+W4g3ZICW4w5h6x2wkix9qZg0Ekh79zH+mv
i/AH8PbLpeghpkfI4Q8RO+JutneNXrH9ws6Icw4fWsJuWHe3D9eVu9FFGWid1oMv
eDVVn2oe+Cn9NBpjWqGR6V3DV2RaBxJP141DWgX+fpNlC86b+UTRbjUj7FhpP3Fl
vQcGMgzG1kWsIGZlpWy2Aksfs1KPXAY+pGQhAwmgsD5zlsLRZiIlVDkYd3hK9t02
VQJAwqgRzuY9I8eDtdhSnAkjgwrM7kNTtr6OCO0FOBHWvJgUBrF4hNyIu1qQ4CRC
ZboJ9pIVZUcNiEOEKGxD7iRv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:07 2024 by rpki-client on console-fra.rpki-client.org