Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/YIbad5xQDBWXbWUaUsiEtwJhLl0.roa
File: YIbad5xQDBWXbWUaUsiEtwJhLl0.roa (raw, json)
Hash identifier: kcyeROMRJzlwfvzQd/DB4CBYFqUpef3TuaupTIuLhBo=
Subject key identifier: 60:86:DA:77:9C:50:0C:15:97:6D:65:1A:52:C8:84:B7:02:61:2E:5D
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 01856F0B7DCB4E084536873137A276B9213E
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/YIbad5xQDBWXbWUaUsiEtwJhLl0.roa
Signing time: Sun 01 Jan 2023 20:35:02 +0000
ROA not before: Sun 01 Jan 2023 20:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2847
IP address blocks: 193.219.152.0/21 maxlen: 21
193.219.160.0/19 maxlen: 19
193.219.60.0/24 maxlen: 24
193.219.60.0/22 maxlen: 22
193.219.64.0/20 maxlen: 20
83.171.0.0/18 maxlen: 18
193.219.32.0/21 maxlen: 21
2001:778::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:7d:cb:4e:08:45:36:87:31:37:a2:76:b9:21:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 1 20:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6086da779c500c15976d651a52c884b702612e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:46:f8:a4:1d:fb:df:1c:49:42:0d:34:0f:1e:
73:62:c2:2a:70:45:84:32:ff:94:d3:35:6b:94:f2:
fd:52:af:95:9f:6b:a2:bd:2a:70:c8:f1:36:6c:eb:
50:d4:f4:2a:ec:5b:6b:92:65:1e:34:d7:63:fb:98:
aa:9d:2c:9e:0f:c9:e1:17:d2:de:ee:97:43:e1:80:
45:ed:1c:67:90:fb:92:6f:99:51:97:7e:d7:ee:3d:
d6:dc:73:56:1d:e6:b4:08:2b:82:e1:88:4f:93:f9:
17:c2:2c:11:1b:43:90:86:db:82:79:08:e6:01:48:
13:9c:d0:0b:d5:bc:42:27:fa:ba:83:a5:e2:5d:8e:
c8:91:92:5f:f5:d3:88:d9:69:54:21:39:d8:81:d3:
5c:fd:2c:ef:b8:7b:6f:21:10:cd:2c:ec:13:08:2f:
81:4c:45:86:1d:8d:f8:aa:59:18:fc:bf:90:e3:53:
dd:fc:3a:2a:79:db:21:8b:be:8d:7c:d0:30:ca:ff:
54:6c:bd:14:65:d0:cb:b9:0c:f7:3e:1d:b4:95:3a:
59:d9:86:69:27:02:c1:7f:70:47:3a:1c:a8:c6:7e:
61:dc:be:23:15:e0:a2:b9:81:76:48:ba:33:36:d1:
91:24:4a:0c:79:5c:7f:d3:9e:34:8f:46:91:48:89:
bc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:86:DA:77:9C:50:0C:15:97:6D:65:1A:52:C8:84:B7:02:61:2E:5D
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/YIbad5xQDBWXbWUaUsiEtwJhLl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.0.0/18
193.219.32.0/21
193.219.60.0-193.219.79.255
193.219.152.0-193.219.191.255
IPv6:
2001:778::/32
Signature Algorithm: sha256WithRSAEncryption
9c:f2:fe:8e:d4:0a:71:d8:57:86:e1:09:eb:37:7b:cb:26:d2:
b5:48:bc:88:e1:40:7d:1b:e4:de:2b:d4:68:cd:54:99:3e:e9:
52:4e:45:06:61:c5:4d:86:5a:53:4c:a6:3c:9c:d2:55:55:2c:
c4:ac:3f:6e:85:e8:1d:9b:22:ac:0b:c5:4b:65:0f:19:35:fb:
8c:16:b6:2d:4d:0e:14:b7:f3:63:7e:70:41:95:11:36:9a:cf:
d2:70:62:4e:b9:4e:83:f8:08:74:2e:2a:c7:bc:83:2e:51:7a:
3b:24:43:18:3d:6d:f8:bd:9e:b9:99:d7:47:4e:fd:24:36:32:
38:99:eb:70:c4:38:18:55:b4:30:af:40:48:96:7e:3e:45:3c:
9c:55:bc:64:6f:74:a6:8d:7f:e9:ea:c3:9e:c0:46:be:c7:e7:
96:ed:e0:10:be:b2:4c:9d:d6:3e:4c:42:b4:ff:bc:0c:ec:57:
e3:66:da:c8:bf:4b:0a:e8:7d:b8:3f:5a:ea:fc:07:ff:19:77:
35:3e:3a:a4:7e:03:9d:75:56:dc:ca:d0:69:3f:c3:5b:6d:d5:
41:0b:88:db:86:6a:8b:ce:4b:f1:95:4f:8e:1b:a1:0f:3f:57:
cc:f5:38:f1:9f:b1:e5:2a:73:10:0f:9e:f2:aa:6d:a2:3a:5e:
59:00:69:c9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVvC33LTghFNocxN6J2uSE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjMwMTAxMjAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg2ZGE3NzljNTAwYzE1OTc2ZDY1MWE1MmM4ODRiNzAyNjEyZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUb4pB373xxJQg00Dx5zYsIqcEWE
Mv+U0zVrlPL9Uq+Vn2uivSpwyPE2bOtQ1PQq7FtrkmUeNNdj+5iqnSyeD8nhF9Le
7pdD4YBF7RxnkPuSb5lRl37X7j3W3HNWHea0CCuC4YhPk/kXwiwRG0OQhtuCeQjm
AUgTnNAL1bxCJ/q6g6XiXY7IkZJf9dOI2WlUITnYgdNc/SzvuHtvIRDNLOwTCC+B
TEWGHY34qlkY/L+Q41Pd/Doqedshi76NfNAwyv9UbL0UZdDLuQz3Ph20lTpZ2YZp
JwLBf3BHOhyoxn5h3L4jFeCiuYF2SLozNtGRJEoMeVx/0540j0aRSIm8AwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFGCG2necUAwVl21lGlLIhLcCYS5dMB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvWUliYWQ1eFFEQldYYldVYVVzaUV0d0poTGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMtOWQxODVmNzM4MjEx
LzEvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQGU6sAAwQD
wdsgMAwDBALB2zwDBATB20AwDAMEA8HbmAMEBsHbgDANBAIAAjAHAwUAIAEHeDAN
BgkqhkiG9w0BAQsFAAOCAQEAnPL+jtQKcdhXhuEJ6zd7yybStUi8iOFAfRvk3ivU
aM1UmT7pUk5FBmHFTYZaU0ymPJzSVVUsxKw/boXoHZsirAvFS2UPGTX7jBa2LU0O
FLfzY35wQZURNprP0nBiTrlOg/gIdC4qx7yDLlF6OyRDGD1t+L2euZnXR079JDYy
OJnrcMQ4GFW0MK9ASJZ+PkU8nFW8ZG90po1/6erDnsBGvsfnlu3gEL6yTJ3WPkxC
tP+8DOxX42bayL9LCuh9uD9a6vwH/xl3NT46pH4DnXVW3MrQaT/DW23VQQuI24Zq
i85L8ZVPjhuhDz9XzPU48Z+x5SpzEA+e8qptojpeWQBpyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:24 2024 by rpki-client on console-ams.rpki-client.org