Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Y99QU-WHiSCSue30f8GhFYbKoVg.roa
File: Y99QU-WHiSCSue30f8GhFYbKoVg.roa (raw, json)
Hash identifier: 2GNi3hj/VBdHKl8xxOC0ct4CUBwkevgSX+e9jsotlxw=
Subject key identifier: 63:DF:50:53:E5:87:89:20:92:B9:ED:F4:7F:C1:A1:15:86:CA:A1:58
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018D8AC3AB425C661A289A48B1EE093D28A0
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Y99QU-WHiSCSue30f8GhFYbKoVg.roa
Signing time: Thu 08 Feb 2024 22:08:15 +0000
ROA not before: Thu 08 Feb 2024 22:08:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
5.253.187.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.94.136.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.114.204.0/24 maxlen: 24
185.219.160.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
193.111.184.0/22 maxlen: 22
193.135.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:c3:ab:42:5c:66:1a:28:9a:48:b1:ee:09:3d:28:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Feb 8 22:08:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63df5053e587892092b9edf47fc1a11586caa158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:ad:0b:0a:2a:50:8f:91:9b:9c:ae:c4:31:
27:5b:46:37:4b:b6:91:ba:5d:4f:18:c0:2f:02:af:
59:43:b0:4f:c5:3f:8e:de:1b:11:f7:9b:27:e5:36:
f6:08:9c:2e:45:0d:72:55:ef:1d:8d:18:2a:f9:d9:
2d:03:0e:a3:f6:b7:d5:09:73:0d:01:39:71:39:3e:
70:a6:66:cd:c4:ca:1a:2e:c7:73:3c:90:21:af:c7:
0f:1d:94:bc:84:a3:4b:f2:1f:64:b0:f5:d6:e6:c7:
5b:6e:74:33:3c:cf:4b:a3:d3:b5:30:c4:d1:72:ee:
e0:0c:d9:4a:80:3c:6b:b0:45:b9:b5:a4:77:8a:2e:
bb:5c:77:20:94:74:be:78:96:3e:ff:c5:e5:3e:32:
85:4c:86:f5:46:5d:6f:62:2e:62:ab:cd:90:f4:54:
2e:92:c9:77:fb:14:97:b8:3d:cb:03:3e:ba:f0:21:
a4:d5:5b:de:c3:ab:2c:14:a9:ed:2e:48:cf:54:77:
0a:5e:76:16:65:7f:22:c9:ca:fc:21:03:2e:d2:d0:
ff:73:2b:40:50:69:bc:f3:8c:74:43:4a:b8:82:9d:
03:69:90:c5:dc:a7:50:a2:8f:97:15:fc:14:41:66:
bf:a7:62:b1:ba:a2:84:d5:28:d0:a6:12:0f:84:a0:
61:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DF:50:53:E5:87:89:20:92:B9:ED:F4:7F:C1:A1:15:86:CA:A1:58
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Y99QU-WHiSCSue30f8GhFYbKoVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.94.136.0/24
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/23
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:7e:11:c4:48:df:24:ff:16:be:4d:14:b5:8d:62:14:c5:c3:
7d:73:93:a6:90:bd:a1:8a:00:26:96:55:94:33:bc:94:bb:d9:
c8:e4:55:1c:3f:33:b1:a4:4c:a6:21:73:56:8c:5c:71:33:07:
25:a2:e3:9b:f2:b2:01:fc:69:91:40:e2:6b:25:6e:4b:4a:4d:
ba:08:17:31:45:28:76:bf:ae:0e:16:47:69:ea:23:69:b5:a0:
aa:c7:16:f1:53:19:bf:da:2e:69:a1:61:4a:8b:dc:06:3a:6f:
4e:d0:3d:be:64:14:25:d0:5c:f7:0e:1c:76:bd:bf:e2:55:bc:
87:a8:8c:34:c2:eb:2f:36:0f:f6:45:f4:ea:ad:5d:26:41:47:
bb:2c:f8:d7:04:f3:74:e1:27:a2:92:52:dc:27:16:1d:22:2c:
5b:38:3c:b9:67:35:31:2e:84:d6:8a:ae:bf:e5:7c:52:45:ed:
fa:a3:b8:0d:f4:4d:fd:8b:b2:03:59:c8:9d:d9:8c:a8:76:e0:
71:55:b8:ac:de:e2:f8:e3:25:36:cd:35:8e:ff:53:7f:fe:82:
ab:ae:cf:b3:f2:76:67:5b:8c:82:6c:57:44:ac:8f:87:0f:d0:
09:40:ee:44:c3:48:12:f6:04:6d:58:cd:b6:de:7b:92:a7:4e:
cb:9d:b1:90
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY2Kw6tCXGYaKJpIse4JPSigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMjA4MjIwODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RmNTA1M2U1ODc4OTIwOTJiOWVkZjQ3ZmMxYTExNTg2Y2FhMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpitCwoqUI+Rm5yuxDEnW0Y3S7aR
ul1PGMAvAq9ZQ7BPxT+O3hsR95sn5Tb2CJwuRQ1yVe8djRgq+dktAw6j9rfVCXMN
ATlxOT5wpmbNxMoaLsdzPJAhr8cPHZS8hKNL8h9ksPXW5sdbbnQzPM9Lo9O1MMTR
cu7gDNlKgDxrsEW5taR3ii67XHcglHS+eJY+/8XlPjKFTIb1Rl1vYi5iq82Q9FQu
ksl3+xSXuD3LAz668CGk1Vvew6ssFKntLkjPVHcKXnYWZX8iycr8IQMu0tD/cytA
UGm884x0Q0q4gp0DaZDF3KdQoo+XFfwUQWa/p2KxuqKE1SjQphIPhKBhCwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFGPfUFPlh4kgkrnt9H/BoRWGyqFYMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvWTk5UVUtV0hpU0NTdWUzMGY4R2hGWWJLb1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAAtXogwDAMEAC2CIQMEAi2CIAMEAljWAAMEAlja
xAMEALlyzAMEAbnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOC
AQEAbX4RxEjfJP8Wvk0UtY1iFMXDfXOTppC9oYoAJpZVlDO8lLvZyORVHD8zsaRM
piFzVoxccTMHJaLjm/KyAfxpkUDiayVuS0pNuggXMUUodr+uDhZHaeojabWgqscW
8VMZv9ouaaFhSovcBjpvTtA9vmQUJdBc9w4cdr2/4lW8h6iMNMLrLzYP9kX06q1d
JkFHuyz41wTzdOEnopJS3CcWHSIsWzg8uWc1MS6E1oquv+V8UkXt+qO4DfRN/Yuy
A1nIndmMqHbgcVW4rN7i+OMlNs01jv9Tf/6Cq67Ps/J2Z1uMgmxXRKyPhw/QCUDu
RMNIEvYEbVjNtt57kqdOy52xkA==
-----END CERTIFICATE-----
Generated at Wed Feb 14 12:16:42 2024 by rpki-client on console-fra.rpki-client.org