Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Yf6dREG_J1TNzP_LnsNyorrUHYM.roa
File: Yf6dREG_J1TNzP_LnsNyorrUHYM.roa (raw, json)
Hash identifier: jRBwASDeTycQ38mJAUk1IasPb8mK43v2k1hmAwO50yo=
Subject key identifier: 61:FE:9D:44:41:BF:27:54:CD:CC:FF:CB:9E:C3:72:A2:BA:D4:1D:83
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DCC65066666376575CA7A2E0C3D03BF67
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Yf6dREG_J1TNzP_LnsNyorrUHYM.roa
Signing time: Wed 21 Feb 2024 15:59:49 +0000
ROA not before: Wed 21 Feb 2024 15:59:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.107.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:65:06:66:66:37:65:75:ca:7a:2e:0c:3d:03:bf:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 21 15:59:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61fe9d4441bf2754cdccffcb9ec372a2bad41d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4c:d4:d2:59:2c:ec:66:0d:04:1a:38:6f:66:
62:16:2f:e8:45:46:a0:1b:1b:db:c6:68:02:cc:8b:
6d:10:ad:13:a4:45:b5:b5:a6:30:69:19:17:2a:fe:
0d:23:44:f3:55:e7:d8:14:9e:5d:2b:5c:f7:a2:7c:
43:16:8c:23:98:b0:b1:d1:ae:71:c2:87:1a:23:96:
27:eb:e4:53:b2:f7:8b:ea:83:db:18:20:69:7f:ae:
ae:d7:53:6e:db:c1:31:8b:3d:c2:e2:cf:3f:c2:86:
9e:40:2f:ff:3b:06:51:d0:ac:bc:91:ee:89:18:dd:
8c:da:25:bd:23:57:3a:a0:30:08:fe:45:6f:0a:00:
f0:a0:d5:90:d4:71:01:35:c0:b5:d7:b5:85:8d:98:
8a:1f:c2:7f:0a:75:6e:11:18:dd:aa:c1:cc:3e:ff:
c9:16:da:c1:ce:74:83:99:63:db:70:dd:e8:03:b4:
c0:21:39:28:bf:1c:4c:ee:16:5c:e9:cd:1d:01:fb:
41:ec:cf:f4:e2:70:b1:67:06:98:f3:81:48:9e:fe:
42:06:55:fb:d3:6c:2d:77:e6:5b:6d:71:ac:e1:97:
bb:13:da:45:37:2a:2e:11:a3:b9:84:5b:76:9f:b4:
4d:cb:e0:a4:04:31:90:a4:42:12:e8:10:f5:f0:1d:
0b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:FE:9D:44:41:BF:27:54:CD:CC:FF:CB:9E:C3:72:A2:BA:D4:1D:83
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Yf6dREG_J1TNzP_LnsNyorrUHYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
83.138.52.0/24
84.246.82.0/24
91.206.69.0/24
91.237.104.0/23
176.116.5.0/24
176.116.20.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.58.171.0/24
193.58.178.0/24
194.107.200.0/24
Signature Algorithm: sha256WithRSAEncryption
04:e0:8c:76:51:ae:45:e1:57:f1:44:f2:e9:84:a2:c0:99:b3:
b3:17:75:a4:73:94:7e:ce:c9:d7:69:b4:fd:0d:49:ab:fb:01:
a9:49:cf:3d:c8:3f:2f:ef:cb:7c:d5:4f:22:ef:1b:3a:8d:9d:
7c:9c:90:4c:97:38:28:5d:97:2a:f6:60:cf:91:ba:9f:05:2e:
5b:c0:cb:84:3b:d2:98:86:26:33:46:2b:05:55:ff:42:91:41:
c2:49:61:34:1a:42:39:d1:dc:b4:d6:6b:19:2e:f9:24:d1:33:
a3:9e:fb:3c:84:a1:6a:91:43:cc:95:15:d3:f5:b4:3f:1c:72:
b6:93:1c:a2:56:c6:1f:14:ce:9e:be:a5:91:18:9c:c3:f0:1c:
a9:e5:7f:b6:36:60:dd:3a:51:92:02:ff:9c:95:82:08:1d:27:
27:88:e3:34:29:92:32:73:69:17:44:79:e8:a1:d5:68:80:a6:
13:13:c4:6e:b4:a3:08:7b:4e:65:0f:ea:8e:39:d1:a8:16:84:
31:58:f1:bf:0e:c4:67:85:9a:f3:ec:8a:25:81:f3:e5:3e:df:
dd:52:e0:bf:7d:39:d3:26:ec:83:77:1b:3a:d5:59:ee:4d:ab:
9c:aa:ba:0e:a9:4e:9f:7a:f1:c7:d6:d7:17:bb:23:4c:a2:a6:
ca:01:46:b0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAY3MZQZmZjdldcp6Lgw9A79nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIxMTU1OTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWZlOWQ0NDQxYmYyNzU0Y2RjY2ZmY2I5ZWMzNzJhMmJhZDQxZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEzU0lks7GYNBBo4b2ZiFi/oRUag
GxvbxmgCzIttEK0TpEW1taYwaRkXKv4NI0TzVefYFJ5dK1z3onxDFowjmLCx0a5x
wocaI5Yn6+RTsveL6oPbGCBpf66u11Nu28Exiz3C4s8/woaeQC//OwZR0Ky8ke6J
GN2M2iW9I1c6oDAI/kVvCgDwoNWQ1HEBNcC117WFjZiKH8J/CnVuERjdqsHMPv/J
FtrBznSDmWPbcN3oA7TAITkovxxM7hZc6c0dAftB7M/04nCxZwaY84FInv5CBlX7
02wtd+ZbbXGs4Ze7E9pFNyouEaO5hFt2n7RNy+CkBDGQpEIS6BD18B0LSQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFGH+nURBvydUzcz/y57DcqK61B2DMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvWWY2ZFJFR19KMVROelBfTG5zTnlvcnJVSFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAt
D+8DBAAtgQEDBAAthCcDBAAthyMDBAAtigcDBAAtitQDBAAtitcDBAAtjEEDBAEt
lYIDBAEtmHYDBABTijQDBABU9lIDBABbzkUDBAFb7WgDBACwdAUDBACwdBQwDAME
AMEA9QMEAMEA9gMEAMEFAQMEAME6qwMEAME6sgMEAMJryDANBgkqhkiG9w0BAQsF
AAOCAQEABOCMdlGuReFX8UTy6YSiwJmzsxd1pHOUfs7J12m0/Q1Jq/sBqUnPPcg/
L+/LfNVPIu8bOo2dfJyQTJc4KF2XKvZgz5G6nwUuW8DLhDvSmIYmM0YrBVX/QpFB
wklhNBpCOdHctNZrGS75JNEzo577PIShapFDzJUV0/W0PxxytpMcolbGHxTOnr6l
kRicw/AcqeV/tjZg3TpRkgL/nJWCCB0nJ4jjNCmSMnNpF0R56KHVaICmExPEbrSj
CHtOZQ/qjjnRqBaEMVjxvw7EZ4Wa8+yKJYHz5T7f3VLgv3050ybsg3cbOtVZ7k2r
nKq6DqlOn3rxx9bXF7sjTKKmygFGsA==
-----END CERTIFICATE-----
Generated at Thu Feb 22 20:07:06 2024 by rpki-client on console-ams.rpki-client.org