Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/YYpqGYMHd2S7A9yABSLaTtGQR34.roa
File: YYpqGYMHd2S7A9yABSLaTtGQR34.roa (raw, json)
Hash identifier: C0pY89xYyrECBWEBR4jm0vM231+CyP46HsPlm5sXfVM=
Subject key identifier: 61:8A:6A:19:83:07:77:64:BB:03:DC:80:05:22:DA:4E:D1:90:47:7E
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 0192754643FB6F2AD5C726E240D1197D5350
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/YYpqGYMHd2S7A9yABSLaTtGQR34.roa
Signing time: Thu 10 Oct 2024 07:13:12 +0000
ROA not before: Thu 10 Oct 2024 07:13:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215992
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040::/29 maxlen: 29
2a09:2040:1::/48 maxlen: 48
2a09:2040:2::/48 maxlen: 48
2a09:2040:3::/48 maxlen: 48
2a09:2040:4::/48 maxlen: 48
2a09:2040:5::/48 maxlen: 48
2a09:2040:7::/48 maxlen: 48
2a09:2040:a::/48 maxlen: 48
2a09:2040:b::/48 maxlen: 48
2a09:2040:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 18 Oct 2024 06:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:46:43:fb:6f:2a:d5:c7:26:e2:40:d1:19:7d:53:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Oct 10 07:13:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=618a6a1983077764bb03dc800522da4ed190477e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:16:e2:d3:c2:c2:08:49:5c:e1:24:31:35:f0:
2d:eb:a1:c1:28:f1:32:1c:80:0a:ea:39:86:08:d0:
e1:eb:5f:7c:bd:86:9f:77:72:15:7c:fc:fd:cd:0a:
15:1a:63:23:d8:37:be:2d:07:03:15:35:29:c5:0c:
13:94:0a:d4:cc:89:0a:23:14:0f:a2:1c:c2:f6:ff:
75:23:28:86:5b:41:0a:ab:76:82:01:ed:94:2b:87:
60:ba:a2:c9:cd:c1:a9:a1:36:fd:97:a3:7f:0e:ba:
3d:1c:e4:7c:4a:7a:77:2f:31:df:d7:0a:08:cd:c4:
14:c9:66:75:01:a9:16:93:03:e0:a1:26:53:3c:5b:
04:85:a1:6e:58:29:ac:6d:48:f5:34:17:5a:0d:b4:
05:55:c4:fb:f7:79:56:b3:ac:4b:67:13:ed:3f:55:
66:0a:d0:ba:5a:8e:e5:53:dd:21:8d:c4:a4:69:5d:
cd:cb:90:d2:23:0d:6f:4b:62:96:a3:1e:ed:7b:10:
ed:bc:ca:a8:3a:bb:95:a2:fa:36:3a:86:e2:c6:50:
93:ca:dd:00:b0:6a:8e:60:94:88:22:30:ae:da:24:
99:5b:2e:eb:cb:fe:95:6d:5e:a4:cf:15:29:67:c0:
d3:38:a9:8d:c6:17:03:1c:d1:e9:00:6a:a3:12:90:
e3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8A:6A:19:83:07:77:64:BB:03:DC:80:05:22:DA:4E:D1:90:47:7E
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/YYpqGYMHd2S7A9yABSLaTtGQR34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
8b:98:00:91:06:57:b5:3f:ab:27:f9:56:a2:48:36:18:cb:19:
d5:b6:29:fd:21:56:79:8d:e4:33:36:46:25:8b:cc:bc:4d:41:
4a:a0:94:04:38:6e:e5:1e:be:f5:22:33:f8:12:23:bc:5e:87:
65:dc:5e:86:50:07:dd:59:0f:52:ec:6d:7d:3c:99:2f:59:31:
32:f1:d9:26:68:1b:2d:ee:dd:63:88:7e:e0:01:30:ea:94:88:
b6:d4:a6:65:b1:1a:28:f5:e4:f6:10:0b:d8:43:a4:43:5b:dc:
74:06:0e:6f:d8:8e:2b:f4:b3:d3:a7:0e:ef:4f:13:0c:d2:10:
c9:ef:de:77:50:c3:32:85:8c:c3:3c:5c:4b:cf:28:37:09:14:
ca:3d:cb:e2:9b:be:1f:89:30:95:ff:b9:9b:69:83:c1:c0:5f:
de:b0:34:2a:18:83:d9:ca:d7:3e:09:50:cc:0c:c6:ab:cd:be:
fc:ba:8c:5a:0f:3b:e6:5a:30:6f:6b:ba:a2:de:35:47:f5:69:
45:91:53:2b:3f:98:df:0f:40:35:0b:8e:1a:2e:f6:09:9f:6e:
b1:e6:80:74:7c:f3:da:07:48:83:12:f4:25:bc:c2:c2:38:13:
46:5f:7d:be:fa:4b:5b:d1:bb:56:81:72:34:82:e4:97:f6:57:
bb:e2:24:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJ1RkP7byrVxybiQNEZfVNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjQxMDEwMDcxMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThhNmExOTgzMDc3NzY0YmIwM2RjODAwNTIyZGE0ZWQxOTA0NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihbi08LCCElc4SQxNfAt66HBKPEy
HIAK6jmGCNDh6198vYafd3IVfPz9zQoVGmMj2De+LQcDFTUpxQwTlArUzIkKIxQP
ohzC9v91IyiGW0EKq3aCAe2UK4dguqLJzcGpoTb9l6N/Dro9HOR8Snp3LzHf1woI
zcQUyWZ1AakWkwPgoSZTPFsEhaFuWCmsbUj1NBdaDbQFVcT793lWs6xLZxPtP1Vm
CtC6Wo7lU90hjcSkaV3Ny5DSIw1vS2KWox7texDtvMqoOruVovo2OobixlCTyt0A
sGqOYJSIIjCu2iSZWy7ry/6VbV6kzxUpZ8DTOKmNxhcDHNHpAGqjEpDjNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGGKahmDB3dkuwPcgAUi2k7RkEd+MB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvWVlwcUdZTUhkMlM3QTl5QUJTTGFUdEdRUjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQCLmACRBle1P6sn+VaiSDYY
yxnVtin9IVZ5jeQzNkYli8y8TUFKoJQEOG7lHr71IjP4EiO8Xodl3F6GUAfdWQ9S
7G19PJkvWTEy8dkmaBst7t1jiH7gATDqlIi21KZlsRoo9eT2EAvYQ6RDW9x0Bg5v
2I4r9LPTpw7vTxMM0hDJ7953UMMyhYzDPFxLzyg3CRTKPcvim74fiTCV/7mbaYPB
wF/esDQqGIPZytc+CVDMDMarzb78uoxaDzvmWjBva7qi3jVH9WlFkVMrP5jfD0A1
C44aLvYJn26x5oB0fPPaB0iDEvQlvMLCOBNGX32++ktb0btWgXI0guSX9le74iQI
-----END CERTIFICATE-----
Generated at Fri Oct 18 08:17:09 2024 by rpki-client on console-fra.rpki-client.org