Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/yh4VNDp5m7WvPgNGEVh0K9xNOfc.roa
File: yh4VNDp5m7WvPgNGEVh0K9xNOfc.roa (raw, json)
Hash identifier: aYzHUT+KJ2ArNRq1mvyupGGjtz4am93nWvz3OnyrZJg=
Subject key identifier: CA:1E:15:34:3A:79:9B:B5:AF:3E:03:46:11:58:74:2B:DC:4D:39:F7
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 01856FDDDBEFB1DBA701DC3823F9E175070A
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/yh4VNDp5m7WvPgNGEVh0K9xNOfc.roa
Signing time: Mon 02 Jan 2023 00:24:48 +0000
ROA not before: Mon 02 Jan 2023 00:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12322
IP address blocks: 213.228.0.0/18 maxlen: 18
78.192.0.0/10 maxlen: 11
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
62.147.0.0/16 maxlen: 16
82.64.0.0/14 maxlen: 15
212.27.32.0/19 maxlen: 19
2a01:e00::/26 maxlen: 39
Validation: Failed, certificate revoked on Sat 23 Dec 2023 08:54:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:db:ef:b1:db:a7:01:dc:38:23:f9:e1:75:07:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Jan 2 00:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1e15343a799bb5af3e03461158742bdc4d39f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:df:ee:f5:40:f9:45:db:6f:32:c2:0d:00:
01:b6:8d:62:42:e9:27:a5:cd:fd:71:7f:4c:05:34:
82:45:a9:32:3a:35:27:2a:22:e3:17:70:78:93:fc:
74:67:bb:36:bf:e5:6a:cd:6b:f3:39:22:63:9c:42:
36:df:8e:10:09:26:04:48:a5:95:0f:5f:0b:d2:17:
5d:4d:02:d4:84:5a:94:74:74:33:d6:82:ae:0a:75:
88:90:ac:34:9f:0a:1e:58:ed:1e:6c:66:93:79:19:
8f:f0:da:40:14:2e:1a:fb:5f:a3:96:4e:c6:e8:e5:
ed:63:94:22:ee:33:77:04:0e:d9:01:26:d4:f7:bc:
f9:b7:d3:c9:02:b4:d6:a8:f9:32:bc:c8:0c:ec:0a:
f8:08:65:80:0f:51:af:a0:b0:06:53:88:e7:45:84:
f3:21:88:b0:c2:91:5d:e3:41:1d:76:b4:8d:24:0b:
cf:f9:a0:43:7c:17:96:87:15:f6:d4:6a:47:85:df:
6f:7c:e7:89:63:a6:6f:65:17:4b:df:ce:20:4c:c4:
5f:fe:73:6a:14:19:3c:cf:3a:cc:f0:01:d1:43:44:
c4:b0:c0:d3:fc:d8:02:a6:ad:7f:27:cd:75:e6:22:
db:78:4e:37:3a:50:fb:07:71:55:41:e2:7c:9a:7a:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1E:15:34:3A:79:9B:B5:AF:3E:03:46:11:58:74:2B:DC:4D:39:F7
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/yh4VNDp5m7WvPgNGEVh0K9xNOfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
77:e4:30:42:3e:d3:3d:34:0a:aa:3c:49:55:7d:e0:72:52:8e:
d3:c9:69:37:87:f5:e6:bc:5b:35:4c:96:ff:45:c7:96:bb:32:
e3:cd:d4:5d:dc:e4:1b:ce:14:8c:42:41:d9:fe:2f:3e:35:90:
9b:3a:3d:ac:e0:f0:1b:01:6b:97:31:ca:91:a4:d5:12:78:e0:
c4:cf:82:44:fc:bd:48:36:94:32:71:d2:9c:87:07:ee:12:08:
f2:94:50:64:fa:5a:62:1d:02:3d:e4:05:4d:2d:85:cd:66:d4:
bb:bd:db:80:e9:11:61:04:f7:ec:e9:f6:e3:46:5b:85:2f:43:
6a:d2:9b:6b:c3:1a:e8:f7:35:59:4c:82:9f:cc:f9:52:d8:0b:
f7:44:cd:fb:93:d0:df:ac:59:ae:83:28:c9:8c:5e:07:23:81:
ea:1c:7f:0b:0d:fe:38:21:a1:3b:94:2d:7f:df:62:24:02:1d:
7a:1d:e9:f1:87:1b:f2:6b:a9:f2:8d:dd:a7:84:ec:9d:42:33:
77:12:54:7f:57:f5:4f:89:e1:17:38:4e:95:3e:38:b2:68:f7:
d6:5c:2a:07:bf:b6:c8:fa:79:31:22:d1:2f:d7:b5:54:50:7d:
97:64:92:e3:b3:a9:3c:4c:29:fd:b6:7b:22:c3:e6:4a:71:b4:
eb:1f:f3:1b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVv3dvvsdunAdw4I/nhdQcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMwMTAyMDAyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFlMTUzNDNhNzk5YmI1YWYzZTAzNDYxMTU4NzQyYmRjNGQzOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8vf7vVA+UXbbzLCDQABto1iQukn
pc39cX9MBTSCRakyOjUnKiLjF3B4k/x0Z7s2v+VqzWvzOSJjnEI2344QCSYESKWV
D18L0hddTQLUhFqUdHQz1oKuCnWIkKw0nwoeWO0ebGaTeRmP8NpAFC4a+1+jlk7G
6OXtY5Qi7jN3BA7ZASbU97z5t9PJArTWqPkyvMgM7Ar4CGWAD1GvoLAGU4jnRYTz
IYiwwpFd40EddrSNJAvP+aBDfBeWhxX21GpHhd9vfOeJY6ZvZRdL384gTMRf/nNq
FBk8zzrM8AHRQ0TEsMDT/NgCpq1/J8115iLbeE43OlD7B3FVQeJ8mno19wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMoeFTQ6eZu1rz4DRhFYdCvcTTn3MB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEveWg0Vk5EcDVtN1d2UGdOR0VWaDBLOXhOT2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwMAPpMDAwZO
wAMDAlJAAwMFUuADAwVYoAMEBdQbIAMEBtXkADANBAIAAjAHAwUGKgEOADANBgkq
hkiG9w0BAQsFAAOCAQEAd+QwQj7TPTQKqjxJVX3gclKO08lpN4f15rxbNUyW/0XH
lrsy483UXdzkG84UjEJB2f4vPjWQmzo9rODwGwFrlzHKkaTVEnjgxM+CRPy9SDaU
MnHSnIcH7hII8pRQZPpaYh0CPeQFTS2FzWbUu73bgOkRYQT37On240ZbhS9DatKb
a8Ma6Pc1WUyCn8z5UtgL90TN+5PQ36xZroMoyYxeByOB6hx/Cw3+OCGhO5Qtf99i
JAIdeh3p8Ycb8mup8o3dp4TsnUIzdxJUf1f1T4nhFzhOlT44smj31lwqB7+2yPp5
MSLRL9e1VFB9l2SS47OpPEwp/bZ7IsPmSnG06x/zGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:41 2024 by rpki-client on console-ams.rpki-client.org