Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/YhPzVCxEbtuXRvwdkWD35lCtpRA.roa
File: YhPzVCxEbtuXRvwdkWD35lCtpRA.roa (raw, json)
Hash identifier: kiHJcysUq2R/1Mfk2+xvVR/fVdAvSVjVZtw3W5K5WWg=
Subject key identifier: 62:13:F3:54:2C:44:6E:DB:97:46:FC:1D:91:60:F7:E6:50:AD:A5:10
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 018FCD639912DF34919490E67C75BB7C8B7A
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/YhPzVCxEbtuXRvwdkWD35lCtpRA.roa
Signing time: Fri 31 May 2024 06:43:27 +0000
ROA not before: Fri 31 May 2024 06:43:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.102.0/23 maxlen: 23
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 02:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:63:99:12:df:34:91:94:90:e6:7c:75:bb:7c:8b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: May 31 06:43:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6213f3542c446edb9746fc1d9160f7e650ada510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:47:6e:f3:c6:bd:7e:46:e8:16:1c:82:29:30:
00:d9:41:5c:42:e3:7c:df:3e:4e:ca:d3:5a:ab:44:
c2:db:41:a0:ad:57:29:5d:94:a9:89:5e:f9:bd:e1:
bf:92:9c:72:b7:b7:c0:a4:7b:86:85:5b:ca:4c:ae:
35:84:60:89:ae:0d:14:66:61:09:c1:aa:06:48:68:
78:d1:81:25:a2:5e:ba:c0:1a:62:18:fa:b8:9f:55:
f7:07:91:d1:bb:65:0f:47:3e:e0:e8:fc:02:56:88:
87:eb:14:f9:fd:31:d5:f8:c9:0e:f7:22:8c:6d:4e:
62:bd:19:56:68:ee:07:25:66:d1:9f:d3:15:32:0d:
fd:0e:b9:36:ea:4c:af:dd:5b:4b:dd:e7:23:ee:b2:
1b:a3:19:ce:f9:64:64:23:47:6a:bc:4b:b5:c6:16:
07:9e:36:06:d4:63:d2:b9:f0:2e:d3:38:7d:75:db:
8b:76:f1:02:37:e1:be:91:52:0e:47:d2:53:c1:74:
ca:1e:c5:56:f4:d7:73:32:a1:99:5e:fc:93:2f:6b:
d0:3d:1e:83:d2:9e:17:23:fc:86:64:96:42:12:1d:
6b:0b:cd:61:29:c6:4d:45:09:19:8a:9e:ea:0a:92:
70:83:ba:02:3d:b8:69:2c:b9:59:09:96:cd:a4:08:
d3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:13:F3:54:2C:44:6E:DB:97:46:FC:1D:91:60:F7:E6:50:AD:A5:10
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/YhPzVCxEbtuXRvwdkWD35lCtpRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
78.143.252.0/23
79.135.102.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
81:36:58:07:50:87:4f:59:5f:3d:80:f9:f3:41:42:dc:be:a2:
ae:6b:d1:99:31:76:f4:19:2d:dd:de:59:72:95:c0:86:21:b8:
00:28:35:e7:28:a8:4b:27:ff:e6:24:ac:11:cf:b1:ac:a4:cb:
5c:79:c6:8b:37:9b:ff:07:3f:e6:38:73:b2:2c:75:1b:48:17:
9c:fe:76:01:15:24:f6:58:d3:93:cc:54:6a:81:62:65:14:a1:
09:2f:e3:3f:28:6b:e7:67:59:bf:8b:77:8b:13:e2:ac:01:1b:
18:d3:a7:cd:ae:7d:c9:b5:07:00:95:cb:41:74:0c:e8:05:39:
e1:e6:01:12:45:e8:f0:ba:64:ee:7d:28:43:04:27:d9:30:a3:
61:04:f9:61:a6:54:c8:63:89:29:2f:d9:84:1f:55:6f:af:09:
e4:85:f4:d3:eb:a4:cf:3c:fa:33:92:18:8c:87:21:2f:43:29:
92:0f:35:fe:bb:f4:eb:91:93:e1:ad:be:75:5d:eb:9f:88:ec:
48:1b:ce:a4:9c:b0:1a:e7:99:49:f1:70:09:42:44:60:de:5a:
c8:59:7b:22:87:fd:7d:64:fa:63:8c:d7:75:8d:f7:4c:59:5c:
c2:76:0d:52:5f:e1:f0:83:0d:7d:33:5c:02:f7:0a:67:e6:24:
0c:51:2a:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/NY5kS3zSRlJDmfHW7fIt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwNTMxMDY0MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjEzZjM1NDJjNDQ2ZWRiOTc0NmZjMWQ5MTYwZjdlNjUwYWRhNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Udu88a9fkboFhyCKTAA2UFcQuN8
3z5OytNaq0TC20GgrVcpXZSpiV75veG/kpxyt7fApHuGhVvKTK41hGCJrg0UZmEJ
waoGSGh40YElol66wBpiGPq4n1X3B5HRu2UPRz7g6PwCVoiH6xT5/THV+MkO9yKM
bU5ivRlWaO4HJWbRn9MVMg39Drk26kyv3VtL3ecj7rIboxnO+WRkI0dqvEu1xhYH
njYG1GPSufAu0zh9dduLdvECN+G+kVIOR9JTwXTKHsVW9NdzMqGZXvyTL2vQPR6D
0p4XI/yGZJZCEh1rC81hKcZNRQkZip7qCpJwg7oCPbhpLLlZCZbNpAjTmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGIT81QsRG7bl0b8HZFg9+ZQraUQMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvWWhQelZDeEVidHVYUnZ3ZGtXRDM1bEN0cFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBZCaAwQB
To/8AwQBT4dmAwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQCBNlgHUIdPWV89gPnz
QULcvqKua9GZMXb0GS3d3llylcCGIbgAKDXnKKhLJ//mJKwRz7GspMtcecaLN5v/
Bz/mOHOyLHUbSBec/nYBFST2WNOTzFRqgWJlFKEJL+M/KGvnZ1m/i3eLE+KsARsY
06fNrn3JtQcAlctBdAzoBTnh5gESRejwumTufShDBCfZMKNhBPlhplTIY4kpL9mE
H1VvrwnkhfTT66TPPPozkhiMhyEvQymSDzX+u/TrkZPhrb51XeufiOxIG86knLAa
55lJ8XAJQkRg3lrIWXsih/19ZPpjjNd1jfdMWVzCdg1SX+Hwgw19M1wC9wpn5iQM
USre
-----END CERTIFICATE-----
Generated at Fri Jun 21 06:43:18 2024 by rpki-client on console-fra.rpki-client.org