Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/yq4UYM3nGa84nP8RU2wdNwtjnyU.roa
File: yq4UYM3nGa84nP8RU2wdNwtjnyU.roa (raw, json)
Hash identifier: 9uTPzxZ/V7nslNvnrbqJCS0MvRl+VWWldF0ereCqMbI=
Subject key identifier: CA:AE:14:60:CD:E7:19:AF:38:9C:FF:11:53:6C:1D:37:0B:63:9F:25
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0190830F55E4455FA73970D66FFFDD2B8E41
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/yq4UYM3nGa84nP8RU2wdNwtjnyU.roa
Signing time: Fri 05 Jul 2024 13:22:18 +0000
ROA not before: Fri 05 Jul 2024 13:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0a:db80:1000::/36 maxlen: 36
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
2a0a:db80:4000::/36 maxlen: 36
2a0a:db80:5000::/36 maxlen: 36
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 06 Jul 2024 07:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:83:0f:55:e4:45:5f:a7:39:70:d6:6f:ff:dd:2b:8e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jul 5 13:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caae1460cde719af389cff11536c1d370b639f25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:87:5a:34:90:91:aa:95:ba:a4:16:2b:8a:a0:
9d:44:15:51:36:00:f5:47:b7:bd:0d:c3:7f:8a:b5:
7a:6e:76:4f:52:37:48:f1:99:e5:13:3b:7b:56:7f:
ad:2b:66:97:5f:cf:b0:2d:02:79:95:15:4d:f9:29:
88:d0:e1:0f:3a:f2:66:6e:94:62:45:8f:c1:e2:ed:
7a:28:bf:a4:13:e4:6a:b4:bd:45:5a:1c:70:46:d0:
44:00:31:46:20:ca:87:58:13:39:ef:be:ce:8d:ef:
23:88:37:c9:b8:87:8d:1b:c4:8b:ca:62:81:93:ca:
a3:08:72:a0:4a:07:62:88:59:58:47:6b:de:4d:9e:
c7:df:54:53:ba:a6:ba:33:cd:51:0b:99:7d:4f:a9:
cc:70:b3:39:41:64:1e:ce:22:2e:35:3e:c6:cb:5a:
8c:96:16:3b:04:10:b4:d6:3c:d4:99:66:5b:07:32:
07:a3:3a:80:55:43:45:86:ab:9a:7b:19:26:b4:cd:
ba:a1:bc:e5:ed:e3:7b:12:11:81:63:de:82:33:14:
9d:af:27:e2:7b:63:a6:f5:a1:7e:89:e4:7c:58:02:
36:4f:5c:ac:63:b6:0d:3b:70:34:6d:25:fa:85:3b:
0e:45:cd:fe:83:4b:72:57:1a:2f:d1:f9:a5:da:dc:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AE:14:60:CD:E7:19:AF:38:9C:FF:11:53:6C:1D:37:0B:63:9F:25
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/yq4UYM3nGa84nP8RU2wdNwtjnyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0a:db80:1000::-2a0a:db80:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
d2:6d:06:6c:84:d7:48:1e:6a:84:1c:f9:7a:9f:32:7d:e2:66:
1d:78:34:9c:67:89:26:ce:d2:be:5b:45:99:e1:67:50:ae:14:
91:be:63:e7:7c:f5:94:ed:59:dd:ee:6e:d2:a7:0f:f7:f4:25:
4f:22:e9:7b:b7:b4:bb:b0:ac:77:23:27:8c:ae:70:57:ee:cd:
03:ea:2f:e6:80:6b:bf:2a:8c:6c:02:44:bc:41:ee:d9:52:82:
94:64:44:e3:ef:2c:41:f8:70:3d:e8:3b:ae:c0:28:d1:d4:e5:
c2:31:7c:d3:e0:53:52:7a:33:6b:cc:44:ac:07:21:38:3c:55:
94:f8:80:ea:1d:cd:13:2b:3c:a4:21:6e:b3:14:df:99:41:57:
e7:3f:bc:ac:7f:32:1b:3b:b4:da:d4:86:e5:08:e2:6a:8d:11:
bd:cd:47:d2:2c:3f:cf:37:8d:c2:32:97:23:d1:3b:a6:1d:0b:
57:35:ea:26:dc:10:da:d1:1f:1e:45:6e:01:a6:12:c7:26:89:
21:de:0e:fd:d3:c4:5b:87:6f:ec:96:14:85:82:d0:19:a4:d8:
64:69:80:84:9e:e4:e4:75:6d:3c:ed:34:af:08:ee:f5:c2:04:
10:e8:ce:0f:ca:c4:d9:3b:a1:bb:30:d5:54:80:ea:29:4c:88:
81:1a:96:d4
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgISAZCDD1XkRV+nOXDWb//dK45BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNzA1MTMyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFlMTQ2MGNkZTcxOWFmMzg5Y2ZmMTE1MzZjMWQzNzBiNjM5ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4daNJCRqpW6pBYriqCdRBVRNgD1
R7e9DcN/irV6bnZPUjdI8ZnlEzt7Vn+tK2aXX8+wLQJ5lRVN+SmI0OEPOvJmbpRi
RY/B4u16KL+kE+RqtL1FWhxwRtBEADFGIMqHWBM5777Oje8jiDfJuIeNG8SLymKB
k8qjCHKgSgdiiFlYR2veTZ7H31RTuqa6M81RC5l9T6nMcLM5QWQeziIuNT7Gy1qM
lhY7BBC01jzUmWZbBzIHozqAVUNFhquaexkmtM26obzl7eN7EhGBY96CMxSdryfi
e2Om9aF+ieR8WAI2T1ysY7YNO3A0bSX6hTsORc3+g0tyVxov0fml2tzQxQIDAQAB
o4IC/TCCAvkwHQYDVR0OBBYEFMquFGDN5xmvOJz/EVNsHTcLY58lMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEveXE0VVlNM25HYTg0blA4UlUyd2ROd3RqbnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEQYIKwYBBQUHAQcBAf8EggEAMIH9MIG7BAIAATCBtAME
AwVoaAMEBAXHgAMEAyWd+AMEBC4UIAMEBC7kwAMEBD6NIAMEA04fQAMEBFBS0AME
BFEekAMEA1OIUAMEBlUOwAMEBVVygAMEB1mjgAMEAFvCVAMEAFvUmQMEAFvUnwME
AFvUowMEBF26wAMEBJIAIAMEAJITpgMEAphZXAMEArkP9AMEArkt+AMEArnb0AME
AcFvxgMEAMJrgQMEAMJ+xgMEAcNd8gMEBtXKwAMEBNlPsDA9BAIAAjA3AwUBIAFL
oDAOAwUAIAFLowMFACABS6QDBQAqAQSAMBADBgQqCtuAEAMGBSoK24BAAwUAKgxr
ADANBgkqhkiG9w0BAQsFAAOCAQEA0m0GbITXSB5qhBz5ep8yfeJmHXg0nGeJJs7S
vltFmeFnUK4Ukb5j53z1lO1Z3e5u0qcP9/QlTyLpe7e0u7CsdyMnjK5wV+7NA+ov
5oBrvyqMbAJEvEHu2VKClGRE4+8sQfhwPeg7rsAo0dTlwjF80+BTUnoza8xErAch
ODxVlPiA6h3NEys8pCFusxTfmUFX5z+8rH8yGzu02tSG5Qjiao0Rvc1H0iw/zzeN
wjKXI9E7ph0LVzXqJtwQ2tEfHkVuAaYSxyaJId4O/dPEW4dv7JYUhYLQGaTYZGmA
hJ7k5HVtPO00rwju9cIEEOjOD8rE2TuhuzDVVIDqKUyIgRqW1A==
-----END CERTIFICATE-----
Generated at Sat Jul 6 09:08:52 2024 by rpki-client on console-fra.rpki-client.org