Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/yjj378niQvrXpLN-L1hswPvs-zg.roa
File: yjj378niQvrXpLN-L1hswPvs-zg.roa (raw, json)
Hash identifier: ZDoE1ziRisddj13sBLWG4MvreAd5vwCLcdzRCFURIZI=
Subject key identifier: CA:38:F7:EF:C9:E2:42:FA:D7:A4:B3:7E:2F:58:6C:C0:FB:EC:FB:38
Certificate issuer: /CN=c5e14070210627bfca4654b42de797acd6d2c4f4
Certificate serial: 018CDC0C13A5470733DDDCE26E57F3A83DCF
Authority key identifier: C5:E1:40:70:21:06:27:BF:CA:46:54:B4:2D:E7:97:AC:D6:D2:C4:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/yjj378niQvrXpLN-L1hswPvs-zg.roa
Signing time: Fri 05 Jan 2024 23:53:48 +0000
ROA not before: Fri 05 Jan 2024 23:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205081
IP address blocks: 155.133.192.0/23 maxlen: 23
153.92.27.0/24 maxlen: 24
185.136.216.0/22 maxlen: 22
2a0c:5500:2::/48 maxlen: 48
2a0c:5500::/48 maxlen: 48
2a0c:5500:3::/48 maxlen: 48
2a0c:5500:1::/48 maxlen: 48
2a0c:5500:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 07 Jan 2024 18:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:dc:0c:13:a5:47:07:33:dd:dc:e2:6e:57:f3:a8:3d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5e14070210627bfca4654b42de797acd6d2c4f4
Validity
Not Before: Jan 5 23:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca38f7efc9e242fad7a4b37e2f586cc0fbecfb38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:aa:c5:c8:d8:18:90:5b:db:d0:15:8b:38:
93:ec:a7:5a:a2:8a:e2:cb:ce:03:09:e5:fd:59:b7:
34:19:a6:18:16:dc:b4:b2:e2:c0:00:99:98:1d:f0:
05:18:be:f8:cd:2d:b6:c4:f3:28:ee:1a:a6:4b:84:
c2:78:c7:63:5a:7b:0b:7b:ee:aa:3f:01:70:2b:e3:
3e:ed:d3:28:9b:c8:b6:54:90:09:dd:03:c8:4f:43:
67:a3:3d:ff:e2:80:15:2d:e3:43:12:da:68:55:84:
00:3d:9b:5f:8f:8b:d5:c3:12:d6:d0:5a:1f:7a:b1:
fa:cf:11:48:8e:9e:93:e5:55:e9:83:41:5c:96:f5:
d7:5e:76:57:8f:0c:e9:93:48:9f:58:1f:f0:1c:17:
3c:e0:de:36:4c:c9:87:54:8f:eb:b8:99:e7:b2:ce:
3f:60:69:9e:25:8f:f2:a9:d0:84:f2:2e:91:fb:57:
cb:49:af:bf:60:d1:84:35:35:25:7a:a3:55:c3:e6:
91:e5:2f:13:23:ec:7c:69:b6:10:78:4f:9a:1f:2d:
d3:77:22:71:3a:20:d0:93:54:ad:41:58:a2:c3:5d:
44:fa:35:3d:85:2a:2a:0e:fd:d5:10:ca:eb:52:f8:
c2:fc:53:b2:54:e3:02:39:8d:33:be:60:39:55:f6:
30:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:38:F7:EF:C9:E2:42:FA:D7:A4:B3:7E:2F:58:6C:C0:FB:EC:FB:38
X509v3 Authority Key Identifier:
keyid:C5:E1:40:70:21:06:27:BF:CA:46:54:B4:2D:E7:97:AC:D6:D2:C4:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/yjj378niQvrXpLN-L1hswPvs-zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.27.0/24
155.133.192.0/23
185.136.216.0/22
IPv6:
2a0c:5500::-2a0c:5500:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:48:ea:29:74:0b:e2:cf:9b:fd:49:86:26:ef:a4:c0:59:b7:
e5:d2:14:0f:2e:c4:7a:35:0d:09:95:b9:76:00:19:79:cc:8a:
01:2a:09:25:d8:44:2e:b0:db:95:cb:30:8a:fd:6d:6f:7d:51:
f6:04:bf:da:7e:dc:54:72:5d:c0:cc:69:ec:b7:7c:82:8d:10:
1b:f2:25:3f:5b:db:1f:88:f2:b8:c0:64:91:10:54:39:20:ab:
80:cb:e3:a0:d7:c0:a7:3c:95:e4:44:c0:56:d7:ca:39:29:e7:
56:21:2e:c6:5d:6d:56:35:35:55:42:ec:32:9e:30:f9:5c:4a:
8c:8f:3a:5b:e3:15:74:9c:91:28:4f:e0:bf:a2:a6:a4:fb:b7:
6f:6d:0e:40:d8:ec:95:91:2d:65:9e:74:94:ed:d9:c3:a5:36:
e1:53:d0:ca:11:3d:0e:05:45:32:a0:ad:cf:cf:bb:26:f5:c6:
fa:4e:70:fc:e9:39:3c:46:0a:a4:ed:21:4e:fa:c4:c6:ca:ca:
60:18:69:c3:84:f3:c5:a6:ad:1a:64:31:61:bf:67:4f:20:69:
f4:16:7f:f0:e0:08:19:65:ca:f9:fa:57:ab:58:85:25:11:0d:
4e:3b:57:71:31:b4:cb:08:bf:e4:a3:54:a2:b6:b2:17:d0:8e:
d7:5c:dd:3d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzcDBOlRwcz3dziblfzqD3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZTE0MDcwMjEwNjI3YmZjYTQ2NTRiNDJkZTc5N2FjZDZk
MmM0ZjQwHhcNMjQwMTA1MjM1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM4ZjdlZmM5ZTI0MmZhZDdhNGIzN2UyZjU4NmNjMGZiZWNmYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYCqxcjYGJBb29AViziT7Kdaoori
y84DCeX9Wbc0GaYYFty0suLAAJmYHfAFGL74zS22xPMo7hqmS4TCeMdjWnsLe+6q
PwFwK+M+7dMom8i2VJAJ3QPIT0Nnoz3/4oAVLeNDEtpoVYQAPZtfj4vVwxLW0Fof
erH6zxFIjp6T5VXpg0FclvXXXnZXjwzpk0ifWB/wHBc84N42TMmHVI/ruJnnss4/
YGmeJY/yqdCE8i6R+1fLSa+/YNGENTUleqNVw+aR5S8TI+x8abYQeE+aHy3TdyJx
OiDQk1StQViiw11E+jU9hSoqDv3VEMrrUvjC/FOyVOMCOY0zvmA5VfYwJwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMo49+/J4kL616Szfi9YbMD77Ps4MB8GA1UdIwQY
MBaAFMXhQHAhBie/ykZUtC3nl6zW0sT0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGVGQWNDRUdKN19LUmxTMExlZVhyTmJTeFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmQ1MDAtNWQ0Zi00ODg5LTkxNDIt
M2M0ODM5YzhlODUxLzEveWpqMzc4bmlRdnJYcExOLUwxaHN3UHZzLXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmQ1MDAtNWQ0Zi00ODg5LTkxNDItM2M0ODM5YzhlODUx
LzEveGVGQWNDRUdKN19LUmxTMExlZVhyTmJTeFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQAmVwbAwQB
m4XAAwQCuYjYMBcEAgACMBEwDwMEACoMVQMHACoMVQAABDANBgkqhkiG9w0BAQsF
AAOCAQEABEjqKXQL4s+b/UmGJu+kwFm35dIUDy7EejUNCZW5dgAZecyKASoJJdhE
LrDblcswiv1tb31R9gS/2n7cVHJdwMxp7Ld8go0QG/IlP1vbH4jyuMBkkRBUOSCr
gMvjoNfApzyV5ETAVtfKOSnnViEuxl1tVjU1VULsMp4w+VxKjI86W+MVdJyRKE/g
v6KmpPu3b20OQNjslZEtZZ50lO3Zw6U24VPQyhE9DgVFMqCtz8+7JvXG+k5w/Ok5
PEYKpO0hTvrExsrKYBhpw4TzxaatGmQxYb9nTyBp9BZ/8OAIGWXK+fpXq1iFJREN
TjtXcTG0ywi/5KNUorayF9CO11zdPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:34 2024 by rpki-client on console-ams.rpki-client.org