Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/Y9_xbCAfYNI7rlmXz0Q7ZJMhlf0.roa
File: Y9_xbCAfYNI7rlmXz0Q7ZJMhlf0.roa (raw, json)
Hash identifier: XWOU5HLZb2TAV1KniAiByMeNxTTzb6QfLwlAkyU+eFg=
Subject key identifier: 63:DF:F1:6C:20:1F:60:D2:3B:AE:59:97:CF:44:3B:64:93:21:95:FD
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018CC5011AD329FEBC51A98A340424C531BA
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/Y9_xbCAfYNI7rlmXz0Q7ZJMhlf0.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207456
IP address blocks: 185.153.188.0/22 maxlen: 24
31.171.132.0/22 maxlen: 24
185.196.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 01:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1a:d3:29:fe:bc:51:a9:8a:34:04:24:c5:31:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63dff16c201f60d23bae5997cf443b64932195fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:7d:d6:56:28:0f:af:62:da:6c:ea:5d:f2:
f1:7b:d3:b5:df:ce:16:59:56:e9:5d:9c:64:98:c6:
86:1a:5a:d0:2d:16:81:aa:0a:b2:45:c6:3f:11:c1:
19:95:d0:d2:1e:77:8b:72:e2:ed:3c:14:0d:21:2f:
0d:66:10:a5:6b:b3:70:63:5e:66:4f:a6:cf:e7:d6:
13:04:70:d6:28:9b:ef:9f:00:d7:ae:29:ba:29:2b:
e4:bf:21:5e:7b:80:e4:b3:42:2a:5b:f0:47:eb:9e:
eb:ac:7b:a5:7e:61:46:9b:68:00:55:aa:8e:9e:f7:
09:b0:8d:74:db:ea:66:04:d0:d7:8a:7f:04:dd:b5:
8a:be:6b:69:20:0f:48:62:ad:c8:0e:75:b7:e5:2f:
48:ab:33:3b:e6:ac:06:2a:09:81:98:b0:11:47:4e:
cf:aa:9f:08:21:3a:aa:f3:48:fc:39:ef:00:6b:7f:
85:45:43:6a:71:43:dd:d4:cd:12:38:27:20:b0:3b:
be:f7:14:8c:cb:2d:c8:42:82:5d:d3:51:97:20:1d:
63:68:21:53:47:dc:c2:e2:99:5b:6b:1d:4d:00:ff:
49:95:26:da:39:50:d0:4f:f0:33:8b:52:33:68:45:
a5:e0:49:36:e9:0d:e4:f5:75:8b:0f:b3:44:0f:e6:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DF:F1:6C:20:1F:60:D2:3B:AE:59:97:CF:44:3B:64:93:21:95:FD
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/Y9_xbCAfYNI7rlmXz0Q7ZJMhlf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.132.0/22
185.153.188.0/22
185.196.92.0/22
Signature Algorithm: sha256WithRSAEncryption
02:73:c8:a9:19:e2:c5:19:b2:54:12:a8:67:5d:a3:ee:78:1e:
92:29:38:38:b5:bd:e2:9e:14:ee:66:29:7b:fa:a7:7c:37:41:
df:e2:5c:bf:59:4a:dc:e0:68:a6:64:d1:fb:ec:55:03:31:59:
db:f5:30:95:0c:cf:c3:b8:e7:fb:fa:a8:ce:48:30:62:53:b3:
af:21:92:89:59:5a:76:ba:95:8b:73:f4:cf:48:c5:af:77:9a:
22:f0:62:b8:a3:b1:b4:44:9c:85:4b:98:54:f1:e9:62:65:fc:
47:ff:c7:3b:37:34:48:29:e7:7a:0e:d3:c5:b8:dd:c8:f6:ea:
4d:81:69:22:8c:c2:b0:3e:64:67:ef:98:c3:1a:f8:9d:e3:e7:
81:5a:71:d9:e3:77:0c:ae:e9:d5:e4:91:92:4e:4b:15:c0:87:
98:07:49:11:64:d6:1f:4d:3c:36:ae:6c:fe:f3:2e:81:8a:e4:
d3:80:b3:94:fe:00:9e:61:97:58:3c:b2:1c:ba:09:96:48:f9:
5b:b3:9e:fe:74:34:18:56:d6:bd:aa:a9:06:e3:fa:01:f9:8c:
44:eb:58:82:4a:c8:06:b5:fc:3b:1a:2e:ac:f1:ba:87:90:90:
2e:29:a7:d1:ee:89:7d:5e:42:42:cc:e6:4e:54:0e:06:a2:99:
0d:19:34:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFARrTKf68UamKNAQkxTG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RmZjE2YzIwMWY2MGQyM2JhZTU5OTdjZjQ0M2I2NDkzMjE5NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunN91lYoD69i2mzqXfLxe9O1384W
WVbpXZxkmMaGGlrQLRaBqgqyRcY/EcEZldDSHneLcuLtPBQNIS8NZhCla7NwY15m
T6bP59YTBHDWKJvvnwDXrim6KSvkvyFee4Dks0IqW/BH657rrHulfmFGm2gAVaqO
nvcJsI102+pmBNDXin8E3bWKvmtpIA9IYq3IDnW35S9IqzM75qwGKgmBmLARR07P
qp8IITqq80j8Oe8Aa3+FRUNqcUPd1M0SOCcgsDu+9xSMyy3IQoJd01GXIB1jaCFT
R9zC4plbax1NAP9JlSbaOVDQT/Azi1IzaEWl4Ek26Q3k9XWLD7NED+ZXOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPf8WwgH2DSO65Zl89EO2STIZX9MB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvWTlfeGJDQWZZTkk3cmxtWHowUTdaSk1obGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH6uEAwQC
uZm8AwQCucRcMA0GCSqGSIb3DQEBCwUAA4IBAQACc8ipGeLFGbJUEqhnXaPueB6S
KTg4tb3inhTuZil7+qd8N0Hf4ly/WUrc4GimZNH77FUDMVnb9TCVDM/DuOf7+qjO
SDBiU7OvIZKJWVp2upWLc/TPSMWvd5oi8GK4o7G0RJyFS5hU8eliZfxH/8c7NzRI
Ked6DtPFuN3I9upNgWkijMKwPmRn75jDGvid4+eBWnHZ43cMrunV5JGSTksVwIeY
B0kRZNYfTTw2rmz+8y6BiuTTgLOU/gCeYZdYPLIcugmWSPlbs57+dDQYVta9qqkG
4/oB+YxE61iCSsgGtfw7Gi6s8bqHkJAuKafR7ol9XkJCzOZOVA4GopkNGTRt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org