Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/sYtFPAvnPTUKtkFq69zdSG2DFYs.roa
File: sYtFPAvnPTUKtkFq69zdSG2DFYs.roa (raw, json)
Hash identifier: nwwr9C17f2Z/tRH5yYTZMkrt1TS4H1uJqzUl2+2oJ9M=
Subject key identifier: B1:8B:45:3C:0B:E7:3D:35:0A:B6:41:6A:EB:DC:DD:48:6D:83:15:8B
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 018CC72747A979D2093B20F61FCB44FBAD0A
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/sYtFPAvnPTUKtkFq69zdSG2DFYs.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 378
IP address blocks: 192.117.80.0/20 maxlen: 20
192.115.164.0/22 maxlen: 22
192.115.168.0/21 maxlen: 21
192.114.0.0/21 maxlen: 21
192.114.16.0/21 maxlen: 21
192.115.192.0/21 maxlen: 21
128.139.0.0/17 maxlen: 17
128.139.0.0/16 maxlen: 16
192.114.92.0/22 maxlen: 22
192.114.96.0/20 maxlen: 20
192.114.102.0/24 maxlen: 24
192.114.100.0/24 maxlen: 24
192.114.101.0/24 maxlen: 24
192.114.124.0/22 maxlen: 22
128.139.199.0/24 maxlen: 24
192.114.128.0/20 maxlen: 20
185.115.212.0/22 maxlen: 22
192.114.48.0/21 maxlen: 21
192.114.56.0/22 maxlen: 22
128.139.128.0/17 maxlen: 17
192.114.60.0/23 maxlen: 23
192.114.192.0/18 maxlen: 18
128.139.200.0/24 maxlen: 24
192.115.46.0/24 maxlen: 24
192.115.64.0/22 maxlen: 22
132.78.0.0/16 maxlen: 16
192.115.32.0/20 maxlen: 20
2001:bf8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Jun 2024 11:09:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:47:a9:79:d2:09:3b:20:f6:1f:cb:44:fb:ad:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b18b453c0be73d350ab6416aebdcdd486d83158b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a4:63:6e:26:12:06:b2:d2:4f:db:9e:e1:a0:
29:61:a1:5f:c6:89:e3:3e:79:96:d9:68:d8:62:47:
f2:73:ab:59:e9:a4:3e:40:04:16:4f:00:07:47:e2:
53:04:1b:0c:b4:32:cd:d4:75:97:0e:8b:92:e6:89:
d5:81:0e:db:78:0d:af:bd:4e:1c:07:09:9d:87:bb:
2f:12:58:a3:11:2c:d2:ca:72:9f:3d:96:18:e0:5d:
d9:ce:ec:05:90:e7:a7:9c:f2:97:ac:22:08:26:59:
50:87:7a:3f:e0:4e:66:98:f2:de:58:0c:1a:d7:2b:
7e:63:6a:59:cc:29:1c:a8:6c:57:9c:4e:e7:c2:fb:
d8:d8:5b:a7:0d:fb:fa:ba:11:f0:43:52:a2:92:c5:
34:1f:a1:6e:36:09:1f:53:ae:60:23:b4:fa:0f:01:
ee:39:57:8c:f5:90:f4:bd:6c:18:79:98:f9:f6:59:
43:dd:30:3b:ad:62:93:0c:46:3c:f4:13:67:5a:79:
80:d3:9b:f4:8b:01:83:04:e1:d8:09:b9:6c:57:aa:
24:d5:d1:68:ae:2b:d2:19:b9:0b:c3:8d:8c:f5:28:
8d:cb:b8:e1:12:0d:f0:f6:87:16:79:93:c1:9f:70:
d1:8b:f6:7b:48:86:45:99:98:97:2f:8a:be:19:e5:
07:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:8B:45:3C:0B:E7:3D:35:0A:B6:41:6A:EB:DC:DD:48:6D:83:15:8B
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/sYtFPAvnPTUKtkFq69zdSG2DFYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
132.78.0.0/16
185.115.212.0/22
192.114.0.0/21
192.114.16.0/21
192.114.48.0-192.114.61.255
192.114.92.0-192.114.111.255
192.114.124.0-192.114.143.255
192.114.192.0/18
192.115.32.0/20
192.115.64.0/22
192.115.164.0-192.115.175.255
192.115.192.0/21
192.117.80.0/20
IPv6:
2001:bf8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:c0:88:08:00:dd:81:97:09:90:4e:d0:e0:42:68:95:9b:4f:
5e:ae:2d:c9:a7:02:0c:be:bd:a9:93:50:a4:31:dd:1c:ec:3d:
c1:70:f0:90:4c:aa:34:df:74:bc:9c:21:99:8b:ed:58:3e:49:
e3:1d:cc:7d:25:39:7f:24:eb:f0:48:d7:a2:40:9d:d4:94:5d:
e6:6f:3d:31:95:cc:ce:5f:fc:55:2f:1c:ee:85:8f:4c:cb:0a:
2e:58:de:43:de:14:06:22:09:0c:47:32:3c:e1:8e:79:e9:8c:
60:8a:3e:f8:8f:1d:33:46:1d:17:53:99:4f:c9:a9:fe:c5:62:
63:37:58:6d:67:b9:5e:57:73:f0:9f:08:65:6c:19:ca:a6:28:
d9:6f:07:0a:1f:67:5f:13:46:1e:91:67:24:6c:d2:1f:b7:f6:
99:cb:25:39:50:40:08:99:b7:18:9a:6c:82:6c:a6:18:a0:0c:
13:d9:c7:0b:d7:c4:2c:f0:bd:56:fa:32:d1:f4:1e:8b:09:1d:
3f:96:b5:89:8e:4e:bd:13:b9:18:44:0a:6d:95:74:a8:bf:63:
7b:bc:cd:96:89:52:af:b4:b8:1e:17:51:5a:66:f9:fd:6f:56:
6b:e4:ba:18:d4:3f:7e:3b:07:63:79:c5:ed:9a:bc:de:b2:df:
33:62:b3:9f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYzHJ0epedIJOyD2H8tE+60KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMThiNDUzYzBiZTczZDM1MGFiNjQxNmFlYmRjZGQ0ODZkODMxNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKRjbiYSBrLST9ue4aApYaFfxonj
PnmW2WjYYkfyc6tZ6aQ+QAQWTwAHR+JTBBsMtDLN1HWXDouS5onVgQ7beA2vvU4c
Bwmdh7svElijESzSynKfPZYY4F3ZzuwFkOennPKXrCIIJllQh3o/4E5mmPLeWAwa
1yt+Y2pZzCkcqGxXnE7nwvvY2FunDfv6uhHwQ1KiksU0H6FuNgkfU65gI7T6DwHu
OVeM9ZD0vWwYeZj59llD3TA7rWKTDEY89BNnWnmA05v0iwGDBOHYCblsV6ok1dFo
rivSGbkLw42M9SiNy7jhEg3w9ocWeZPBn3DRi/Z7SIZFmZiXL4q+GeUH8QIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFLGLRTwL5z01CrZBauvc3UhtgxWLMB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvc1l0RlBBdm5QVFVLdGtGcTY5emRTRzJERllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwMAgIsD
AwCETgMEArlz1AMEA8ByAAMEA8ByEDAMAwQEwHIwAwQBwHI8MAwDBALAclwDBATA
cmAwDAMEAsByfAMEBMBygAMEBsBywAMEBMBzIAMEAsBzQDAMAwQCwHOkAwQEwHOg
AwQDwHPAAwQEwHVQMA0EAgACMAcDBQAgAQv4MA0GCSqGSIb3DQEBCwUAA4IBAQCf
wIgIAN2BlwmQTtDgQmiVm09eri3JpwIMvr2pk1CkMd0c7D3BcPCQTKo033S8nCGZ
i+1YPknjHcx9JTl/JOvwSNeiQJ3UlF3mbz0xlczOX/xVLxzuhY9MywouWN5D3hQG
IgkMRzI84Y556Yxgij74jx0zRh0XU5lPyan+xWJjN1htZ7leV3PwnwhlbBnKpijZ
bwcKH2dfE0YekWckbNIft/aZyyU5UEAImbcYmmyCbKYYoAwT2ccL18Qs8L1W+jLR
9B6LCR0/lrWJjk69E7kYRAptlXSov2N7vM2WiVKvtLgeF1FaZvn9b1Zr5LoY1D9+
OwdjecXtmrzest8zYrOf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:11 2024 by rpki-client on console-ams.rpki-client.org