Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/RyWneYq26qp7BpTDQsEOqEFozjw.roa
File: RyWneYq26qp7BpTDQsEOqEFozjw.roa (raw, json)
Hash identifier: Q2IRhFhTAfL9aiJp0Qxg5IHi3jrLYSjStt44BqkM6mw=
Subject key identifier: 47:25:A7:79:8A:B6:EA:AA:7B:06:94:C3:42:C1:0E:A8:41:68:CE:3C
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 01857321C6D05174C37F9CC6BBF72FADEB64
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/RyWneYq26qp7BpTDQsEOqEFozjw.roa
Signing time: Mon 02 Jan 2023 15:37:51 +0000
ROA not before: Mon 02 Jan 2023 15:37:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.59.0/24 maxlen: 24
147.235.70.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.71.0/24 maxlen: 24
147.235.0.0/16 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.194.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.196.0/23 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.97.0/24 maxlen: 24
147.235.96.0/24 maxlen: 24
147.235.96.0/23 maxlen: 23
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
147.235.254.0/23 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.201.0/24 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.204.0/23 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.205.0/24 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.200.0/23 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.215.0/24 maxlen: 24
147.235.216.0/24 maxlen: 24
147.235.216.0/22 maxlen: 23
147.235.214.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.217.0/24 maxlen: 24
147.235.222.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.220.0/22 maxlen: 22
147.235.223.0/24 maxlen: 24
147.235.220.0/24 maxlen: 24
147.235.220.0/23 maxlen: 23
147.235.221.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
2a06:c700:2000::/36 maxlen: 36
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:c6:d0:51:74:c3:7f:9c:c6:bb:f7:2f:ad:eb:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Jan 2 15:37:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4725a7798ab6eaaa7b0694c342c10ea84168ce3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d0:44:4a:9f:0d:3e:21:23:18:66:53:6f:d3:
98:63:1b:88:93:51:b0:27:8c:87:d4:b2:29:dc:a8:
ff:22:47:7e:d8:64:86:00:49:8d:a4:a5:15:d2:35:
bd:75:36:4e:d4:f8:62:ef:62:64:e5:a2:88:ae:73:
98:cf:ba:b3:73:62:13:a1:1e:52:b9:e4:6a:04:49:
04:ac:c5:f5:6e:0b:f3:04:fa:3a:24:78:40:4e:14:
a8:6e:57:de:9a:99:e0:1a:52:2e:5b:a7:26:6c:27:
5f:01:9a:2f:b8:8f:f4:7f:50:bc:b0:71:e1:5a:06:
e1:d3:4e:2b:67:9c:75:8f:27:af:b5:3e:eb:af:fc:
67:26:2f:68:77:f7:ad:80:70:d0:0b:d2:b0:9d:29:
74:c2:1f:be:06:21:0e:5b:e0:8d:78:30:4b:12:2a:
c2:60:38:d2:63:07:6e:fe:82:8b:e9:24:30:71:16:
7a:9b:79:f8:54:b7:5b:bb:80:fd:4b:df:6f:9b:83:
fd:26:96:8e:ab:e4:14:a8:c9:d9:08:7a:70:c5:ca:
89:3c:f2:68:0d:73:d3:52:92:3a:83:b7:da:90:22:
61:6b:ae:9b:fc:92:b0:f7:06:59:45:f7:e1:95:6c:
38:6b:fd:1c:c5:6f:ca:02:e8:ec:8e:b1:7b:3e:b8:
dd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:25:A7:79:8A:B6:EA:AA:7B:06:94:C3:42:C1:0E:A8:41:68:CE:3C
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/RyWneYq26qp7BpTDQsEOqEFozjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
7f:43:c5:69:1b:c6:52:5b:1a:ec:1a:6e:6b:7c:fe:09:6e:0b:
9c:78:25:13:08:58:44:a0:a7:d8:5e:c8:81:bd:23:b4:13:cc:
f5:c0:2f:3d:bd:4e:08:cb:c7:b4:06:33:73:e8:a9:77:2d:4a:
d1:59:fe:a0:ef:b3:75:cc:63:3b:d2:1e:2f:3e:82:42:0d:3a:
d9:8d:74:e8:23:a1:f0:93:7e:67:9c:86:b7:81:8c:3b:c6:0b:
8f:01:f5:17:06:d0:5f:42:61:7b:1d:f7:ec:de:8b:c4:46:aa:
b1:26:23:96:14:bf:d4:08:cf:d8:65:cf:27:c7:98:93:e4:0d:
55:86:c5:21:7a:aa:ba:24:e3:97:84:2a:5f:0c:0d:7c:8d:c9:
2a:b8:86:bf:0e:47:fc:c1:06:d0:b5:b6:ae:ee:1d:48:ba:91:
e9:d5:34:31:27:6e:ff:9d:13:1c:db:1e:6a:ac:08:50:e3:94:
5a:28:f5:3e:e9:1a:9f:3e:a6:7e:2e:1e:2b:1b:76:f7:e5:63:
06:ed:72:90:ee:a7:28:3f:d2:64:ef:51:43:33:f5:6e:10:08:
35:44:d3:3d:c4:ba:2b:75:71:f2:19:e9:88:f3:05:37:85:c8:
f8:53:53:e0:ab:98:bf:80:4d:bb:0b:88:97:ae:d5:51:1d:65:
1e:73:7a:4d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVzIcbQUXTDf5zGu/cvretkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjMwMTAyMTUzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI1YTc3OThhYjZlYWFhN2IwNjk0YzM0MmMxMGVhODQxNjhjZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9BESp8NPiEjGGZTb9OYYxuIk1Gw
J4yH1LIp3Kj/Ikd+2GSGAEmNpKUV0jW9dTZO1Phi72Jk5aKIrnOYz7qzc2IToR5S
ueRqBEkErMX1bgvzBPo6JHhAThSoblfempngGlIuW6cmbCdfAZovuI/0f1C8sHHh
Wgbh004rZ5x1jyevtT7rr/xnJi9od/etgHDQC9KwnSl0wh++BiEOW+CNeDBLEirC
YDjSYwdu/oKL6SQwcRZ6m3n4VLdbu4D9S99vm4P9JpaOq+QUqMnZCHpwxcqJPPJo
DXPTUpI6g7fakCJha66b/JKw9wZZRffhlWw4a/0cxW/KAujsjrF7PrjdewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEclp3mKtuqqewaUw0LBDqhBaM48MB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvUnlXbmVZcTI2cXA3QnBURFFzRU9xRUZvemp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBAH9DxWkb
xlJbGuwabmt8/gluC5x4JRMIWESgp9heyIG9I7QTzPXALz29TgjLx7QGM3PoqXct
StFZ/qDvs3XMYzvSHi8+gkINOtmNdOgjofCTfmechreBjDvGC48B9RcG0F9CYXsd
9+zei8RGqrEmI5YUv9QIz9hlzyfHmJPkDVWGxSF6qrok45eEKl8MDXyNySq4hr8O
R/zBBtC1tq7uHUi6kenVNDEnbv+dExzbHmqsCFDjlFoo9T7pGp8+pn4uHisbdvfl
YwbtcpDupyg/0mTvUUMz9W4QCDVE0z3Euit1cfIZ6YjzBTeFyPhTU+CrmL+ATbsL
iJeu1VEdZR5zek0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:41 2024 by rpki-client on console-ams.rpki-client.org