Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/yHK9pVAYvkRYzuTMiXoBJT38ocU.roa
File: yHK9pVAYvkRYzuTMiXoBJT38ocU.roa (raw, json)
Hash identifier: 2OmiLh4Q1oIMCVSVoP0dASGjOOLV1yh6qHhwqjUBy2E=
Subject key identifier: C8:72:BD:A5:50:18:BE:44:58:CE:E4:CC:89:7A:01:25:3D:FC:A1:C5
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018D47788EC325A366051A362283B6A058A9
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/yHK9pVAYvkRYzuTMiXoBJT38ocU.roa
Signing time: Fri 26 Jan 2024 20:31:39 +0000
ROA not before: Fri 26 Jan 2024 20:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6206
IP address blocks: 31.171.131.0/24 maxlen: 24
37.46.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 24
94.228.208.0/20 maxlen: 24
109.235.48.0/21 maxlen: 24
194.110.67.0/24 maxlen: 24
2a00:dd0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 17 Sep 2024 19:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:47:78:8e:c3:25:a3:66:05:1a:36:22:83:b6:a0:58:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 26 20:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c872bda55018be4458cee4cc897a01253dfca1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:09:85:49:67:13:78:5a:29:7f:23:4b:5b:af:
a6:f7:9d:97:c2:ad:9c:70:14:40:0f:94:86:95:1d:
fa:f1:b6:28:a3:a3:2b:17:eb:f5:5c:40:5a:b3:2e:
c5:21:a0:d6:2e:1e:d0:54:9c:af:2b:b7:4c:2a:8d:
ee:02:6f:3d:43:7f:5e:6e:27:72:07:fb:4c:f4:d2:
67:d0:6f:3b:41:5b:7f:d8:5c:f7:3c:a5:fc:13:ce:
36:c0:9b:4c:79:aa:fe:35:12:7a:8d:34:78:dd:f7:
c8:93:26:41:69:d4:c4:f2:26:32:b6:27:3a:c1:29:
4e:3f:29:07:96:b0:62:61:33:74:34:f0:13:aa:f6:
43:5f:a4:84:ac:80:39:fd:05:38:94:5d:eb:3d:ce:
12:e4:01:9c:93:61:2f:90:80:30:df:20:a2:6c:69:
94:54:f1:b7:f5:bd:83:75:9d:1d:96:6f:16:d8:9a:
de:53:9a:7b:58:9f:5e:cf:54:28:ab:74:43:eb:94:
ce:8c:36:59:48:43:1f:38:11:21:d6:65:c2:e5:45:
78:c7:16:5b:74:06:e4:22:7a:64:2c:bc:d6:50:e4:
9e:15:84:8b:63:89:60:05:15:37:83:81:f2:4a:71:
de:03:69:00:e5:0e:cc:9c:0b:4c:c7:78:62:36:74:
8c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:72:BD:A5:50:18:BE:44:58:CE:E4:CC:89:7A:01:25:3D:FC:A1:C5
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/yHK9pVAYvkRYzuTMiXoBJT38ocU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.131.0/24
37.46.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
63:4d:62:42:8c:42:72:bd:09:40:cf:52:bd:49:c7:a6:ae:83:
de:34:5a:20:ff:7b:b6:32:a5:16:39:08:b0:88:28:1c:c2:e7:
03:aa:3f:d1:02:ad:a7:ae:7c:07:37:b2:8b:99:f8:8a:7d:3d:
98:af:d4:35:75:e6:b2:ee:11:bd:fd:9f:43:b6:08:7a:80:9e:
ce:10:15:e2:46:af:40:10:ca:89:1e:f2:e6:0d:4f:da:89:3d:
0a:6d:8c:db:d5:c8:75:52:14:60:2e:68:82:38:37:81:3b:a1:
1d:d7:36:45:8a:9a:46:16:30:f9:38:16:73:e9:ff:14:a6:a9:
f7:a2:cf:f8:76:fd:c4:a5:50:27:d9:23:29:3e:43:d0:50:d9:
40:2a:8a:43:cb:5f:9e:e0:29:ed:98:63:9d:f7:86:b5:e2:88:
39:15:78:d2:a1:19:ea:73:8f:f1:89:69:2e:c1:55:d8:9a:4e:
0a:b8:43:64:76:33:b0:66:bf:a9:32:b8:bb:88:c5:12:57:71:
e2:e3:8f:52:d1:0b:6b:f9:f6:a0:76:c8:9e:75:61:36:3d:6b:
5f:cc:67:41:99:ad:73:e1:71:c6:43:30:32:98:b8:d2:e8:60:
f7:62:8e:cb:73:6b:51:0e:f0:92:f1:c1:53:35:36:3c:2c:85:
72:5a:7d:55
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY1HeI7DJaNmBRo2IoO2oFipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQwMTI2MjAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcyYmRhNTUwMThiZTQ0NThjZWU0Y2M4OTdhMDEyNTNkZmNhMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAmFSWcTeFopfyNLW6+m952Xwq2c
cBRAD5SGlR368bYoo6MrF+v1XEBasy7FIaDWLh7QVJyvK7dMKo3uAm89Q39ebidy
B/tM9NJn0G87QVt/2Fz3PKX8E842wJtMear+NRJ6jTR43ffIkyZBadTE8iYytic6
wSlOPykHlrBiYTN0NPATqvZDX6SErIA5/QU4lF3rPc4S5AGck2EvkIAw3yCibGmU
VPG39b2DdZ0dlm8W2JreU5p7WJ9ez1Qoq3RD65TOjDZZSEMfOBEh1mXC5UV4xxZb
dAbkInpkLLzWUOSeFYSLY4lgBRU3g4HySnHeA2kA5Q7MnAtMx3hiNnSMMwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMhyvaVQGL5EWM7kzIl6ASU9/KHFMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEveUhLOXBWQVl2a1JZenVUTWlYb0JKVDM4b2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAH6uDAwQD
JS7AAwQAW8cyAwQDXrlQAwQEXuTQAwQDbeswAwQAwm5DMA0EAgACMAcDBQAqAA3Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBjTWJCjEJyvQlAz1K9ScemroPeNFog/3u2MqUW
OQiwiCgcwucDqj/RAq2nrnwHN7KLmfiKfT2Yr9Q1deay7hG9/Z9Dtgh6gJ7OEBXi
Rq9AEMqJHvLmDU/aiT0KbYzb1ch1UhRgLmiCODeBO6Ed1zZFippGFjD5OBZz6f8U
pqn3os/4dv3EpVAn2SMpPkPQUNlAKopDy1+e4CntmGOd94a14og5FXjSoRnqc4/x
iWkuwVXYmk4KuENkdjOwZr+pMri7iMUSV3Hi449S0Qtr+fagdsiedWE2PWtfzGdB
ma1z4XHGQzAymLjS6GD3Yo7Lc2tRDvCS8cFTNTY8LIVyWn1V
-----END CERTIFICATE-----
Generated at Tue Sep 17 22:38:11 2024 by rpki-client on console-ams.rpki-client.org