Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/YYwY2Jf7HUbJBD-K0OPVGjMOqH4.roa
File: YYwY2Jf7HUbJBD-K0OPVGjMOqH4.roa (raw, json)
Hash identifier: qaimU8jsRKZlfwi1f/jOJOcrgqty1a43C5hiSKCDrsU=
Subject key identifier: 61:8C:18:D8:97:FB:1D:46:C9:04:3F:8A:D0:E3:D5:1A:33:0E:A8:7E
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 018E99D657EFC23F77549174500C76FFA942
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/YYwY2Jf7HUbJBD-K0OPVGjMOqH4.roa
Signing time: Mon 01 Apr 2024 13:25:44 +0000
ROA not before: Mon 01 Apr 2024 13:25:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39728
IP address blocks: 91.217.4.0/23 maxlen: 23
176.113.224.0/19 maxlen: 19
178.214.160.0/19 maxlen: 19
178.216.232.0/21 maxlen: 21
185.149.196.0/22 maxlen: 22
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Apr 2024 14:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:d6:57:ef:c2:3f:77:54:91:74:50:0c:76:ff:a9:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Apr 1 13:25:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=618c18d897fb1d46c9043f8ad0e3d51a330ea87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:1e:b7:a5:b2:f6:bd:c5:65:88:a5:58:4f:
c2:96:7f:75:2d:49:d3:9e:52:04:0d:d6:48:86:85:
ef:6f:51:71:b1:7c:ae:75:51:f8:48:3d:7d:76:39:
e9:78:6d:67:65:05:7d:bb:14:30:90:b7:a5:a5:97:
54:9b:c0:de:41:7c:59:af:75:ea:85:05:e9:50:c6:
fa:9d:b1:15:aa:50:ca:ef:f4:ae:f0:a6:b4:1c:d2:
42:a5:f3:88:ee:42:04:d9:be:34:f2:53:c9:35:7a:
0d:c3:d1:5c:ee:c5:3f:ec:ff:f0:19:e2:a6:c8:23:
45:34:7f:61:87:2a:da:0e:90:69:e2:57:9c:4a:2e:
82:cb:ef:2b:85:71:99:24:ce:e2:aa:e9:d7:d9:50:
e6:f6:61:37:83:c2:3b:e4:3a:3b:53:87:e8:f5:e7:
29:79:64:7c:c2:ed:e5:ec:bc:27:82:63:10:b5:e4:
41:50:7e:13:59:2e:2f:36:cd:1d:98:c9:2f:a4:fb:
fa:8b:7b:16:d3:2c:e6:2e:b6:8a:68:de:53:68:08:
4c:26:aa:1e:9e:37:9f:8a:bb:6a:77:54:88:66:eb:
24:4f:d2:18:a1:f4:1d:92:ac:38:48:a7:43:bc:1d:
7f:8b:ad:7a:da:ab:46:56:6e:64:2a:09:38:27:17:
bf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:8C:18:D8:97:FB:1D:46:C9:04:3F:8A:D0:E3:D5:1A:33:0E:A8:7E
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/YYwY2Jf7HUbJBD-K0OPVGjMOqH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
18:00:95:f2:10:bb:da:99:b5:2a:fc:f0:1f:61:c2:69:1d:10:
e3:07:11:ec:f0:f0:63:f4:31:ef:8e:a6:da:93:54:8b:82:ae:
da:c2:f3:0a:cb:5f:80:f3:18:97:45:ca:46:bd:96:35:74:c9:
4e:ae:ba:89:62:c4:d0:7e:0e:a9:1f:79:b4:bf:63:ad:ad:4a:
75:2d:eb:04:f8:22:61:3b:bd:46:80:80:ef:b8:c9:9b:ed:d7:
58:f4:50:75:75:50:ed:06:1c:26:b9:af:b0:a2:c3:d8:53:a0:
d9:8c:46:60:21:98:9b:6a:d1:89:5a:d3:be:20:10:5c:7f:87:
82:79:38:72:78:cb:4c:1c:c2:3e:9b:c2:18:1a:67:da:7b:69:
8b:e2:34:31:d3:53:db:10:23:b6:9d:31:dd:e6:67:1a:e0:54:
9d:2a:bd:61:f5:8b:0e:3f:3b:b9:50:b2:bd:09:1f:0b:6f:da:
02:88:d3:f9:40:93:9a:4c:6b:50:10:be:23:dd:79:74:c2:57:
cb:17:84:e7:5f:6b:5e:d5:93:26:54:d5:78:a6:4e:f5:e8:66:
f2:e3:99:b8:3a:d9:36:8d:7f:50:f9:4e:ad:1c:aa:f8:77:5d:
a9:73:65:09:a1:4d:a9:d2:4d:46:a1:54:63:93:de:29:75:26:
40:c1:14:0e
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY6Z1lfvwj93VJF0UAx2/6lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwNDAxMTMyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MThjMThkODk3ZmIxZDQ2YzkwNDNmOGFkMGUzZDUxYTMzMGVhODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrAet6Wy9r3FZYilWE/Cln91LUnT
nlIEDdZIhoXvb1FxsXyudVH4SD19djnpeG1nZQV9uxQwkLelpZdUm8DeQXxZr3Xq
hQXpUMb6nbEVqlDK7/Su8Ka0HNJCpfOI7kIE2b408lPJNXoNw9Fc7sU/7P/wGeKm
yCNFNH9hhyraDpBp4lecSi6Cy+8rhXGZJM7iqunX2VDm9mE3g8I75Do7U4fo9ecp
eWR8wu3l7LwngmMQteRBUH4TWS4vNs0dmMkvpPv6i3sW0yzmLraKaN5TaAhMJqoe
njefirtqd1SIZuskT9IYofQdkqw4SKdDvB1/i6162qtGVm5kKgk4Jxe/kwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGGMGNiX+x1GyQQ/itDj1RozDqh+MB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvWVl3WTJKZjdIVWJKQkQtSzBPUFZHak1PcUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEMA8EAgACMAkDBwEqB2kAAAAwDQYJKoZIhvcN
AQELBQADggEBABgAlfIQu9qZtSr88B9hwmkdEOMHEezw8GP0Me+OptqTVIuCrtrC
8wrLX4DzGJdFyka9ljV0yU6uuolixNB+DqkfebS/Y62tSnUt6wT4ImE7vUaAgO+4
yZvt11j0UHV1UO0GHCa5r7Ciw9hToNmMRmAhmJtq0Yla074gEFx/h4J5OHJ4y0wc
wj6bwhgaZ9p7aYviNDHTU9sQI7adMd3mZxrgVJ0qvWH1iw4/O7lQsr0JHwtv2gKI
0/lAk5pMa1AQviPdeXTCV8sXhOdfa17VkyZU1XimTvXoZvLjmbg62TaNf1D5Tq0c
qvh3XalzZQmhTanSTUahVGOT3il1JkDBFA4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:39 2025 by rpki-client