Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ysmLvhpOxcmBNeCRM1YTbvRPG00.roa
File: ysmLvhpOxcmBNeCRM1YTbvRPG00.roa (raw, json)
Hash identifier: vPFYStr4H6xL8ybzZjSHdfp4UVEytBmcLaeD8IDTorA=
Subject key identifier: CA:C9:8B:BE:1A:4E:C5:C9:81:35:E0:91:33:56:13:6E:F4:4F:1B:4D
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 018B3D09FBCB66FDB6F33D55FB4432DA9BE8
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ysmLvhpOxcmBNeCRM1YTbvRPG00.roa
Signing time: Tue 17 Oct 2023 09:49:06 +0000
ROA not before: Tue 17 Oct 2023 09:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47527
IP address blocks: 185.126.152.0/23 maxlen: 23
91.223.235.0/24 maxlen: 24
185.208.212.0/22 maxlen: 24
194.247.61.0/24 maxlen: 24
62.69.152.0/21 maxlen: 21
46.30.120.0/21 maxlen: 21
91.230.239.0/24 maxlen: 24
2a00:1b18::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Oct 2023 12:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:09:fb:cb:66:fd:b6:f3:3d:55:fb:44:32:da:9b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Oct 17 09:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cac98bbe1a4ec5c98135e0913356136ef44f1b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8c:ca:ab:68:d0:d5:1c:17:0b:c9:e3:1b:7b:
3d:7e:c9:63:99:05:b3:6c:e4:36:2d:14:03:a5:9d:
ea:22:c3:f5:03:93:ef:74:b2:11:bf:ed:d6:cf:be:
c8:1a:3b:cf:b8:6a:62:10:a5:80:57:1c:2f:26:95:
02:83:bf:3e:94:41:ae:d9:a6:c8:17:d4:89:8f:73:
29:70:f6:77:15:a5:39:59:97:4c:04:2d:43:7e:c9:
85:f5:28:54:b6:28:e2:bd:b4:06:4b:03:dd:9f:6f:
ef:de:1b:27:7b:e6:ef:cd:56:e6:95:90:93:c6:4e:
b7:dd:47:b7:f9:e5:5d:e2:51:20:52:18:12:27:7e:
8d:ac:16:77:4c:4a:a0:32:77:13:e2:8e:cb:df:bb:
c0:48:24:6c:41:d0:a9:a9:ef:e4:d4:30:8b:84:29:
8b:ee:0a:33:b9:69:c5:40:9a:f1:30:fd:ef:3b:e5:
3a:79:e1:99:72:78:0c:90:61:94:a0:ed:ce:e9:72:
35:a4:43:5c:b4:43:cf:88:7a:38:ea:08:b0:2b:14:
6d:50:bc:6d:ff:ce:7b:39:59:b3:2f:2d:1d:c8:62:
66:ce:ce:39:36:bf:7f:85:69:96:09:23:dc:4f:8b:
6e:61:6c:8c:75:b4:62:9f:52:7b:5f:16:a9:36:bd:
db:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C9:8B:BE:1A:4E:C5:C9:81:35:E0:91:33:56:13:6E:F4:4F:1B:4D
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/ysmLvhpOxcmBNeCRM1YTbvRPG00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
91.230.239.0/24
185.126.152.0/23
185.208.212.0/22
194.247.61.0/24
IPv6:
2a00:1b18::/29
Signature Algorithm: sha256WithRSAEncryption
26:61:71:9c:2c:0c:c4:fe:cf:d3:c7:f4:88:c3:ef:d6:46:84:
55:8a:78:b4:36:f3:4c:bf:2f:6a:f9:10:33:e2:55:85:38:ee:
8a:3a:f7:91:b4:b8:7d:83:5c:0f:cf:c9:b9:37:4e:9c:80:f7:
49:f6:89:b6:ca:85:1c:34:ba:71:fd:2c:bd:4a:d2:b5:96:e9:
45:ca:40:a7:52:56:71:c8:59:da:58:5f:8e:02:8a:0a:01:56:
29:ad:82:71:8e:54:60:cc:15:23:81:64:08:15:af:e8:80:12:
c3:ac:37:91:72:15:d5:62:d1:fe:b4:7d:2b:e8:41:b5:b0:03:
0b:ca:23:b8:06:37:ff:c2:c4:ba:eb:44:df:90:05:0a:98:5c:
3e:68:8a:b4:b2:fd:57:e2:7a:3d:d8:b0:b1:b5:68:0a:81:cf:
24:3e:d9:1b:17:f2:dc:96:0b:53:07:69:d5:28:54:2a:74:8c:
39:cc:21:47:1e:3f:89:4f:4d:fc:d9:e3:e5:e4:54:6f:05:0b:
5c:64:84:b6:69:d5:4b:ee:ac:9c:d1:af:1f:b5:0c:4c:ed:b3:
39:97:bb:89:08:9a:e6:d9:eb:f3:67:8d:96:6e:2e:b8:e4:f0:
60:49:41:0a:c9:0b:31:72:a8:77:8a:0b:ad:25:c8:29:a9:58:
dd:0e:2c:db
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYs9CfvLZv228z1V+0Qy2pvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjMxMDE3MDk0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM5OGJiZTFhNGVjNWM5ODEzNWUwOTEzMzU2MTM2ZWY0NGYxYjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjozKq2jQ1RwXC8njG3s9fsljmQWz
bOQ2LRQDpZ3qIsP1A5PvdLIRv+3Wz77IGjvPuGpiEKWAVxwvJpUCg78+lEGu2abI
F9SJj3MpcPZ3FaU5WZdMBC1DfsmF9ShUtijivbQGSwPdn2/v3hsne+bvzVbmlZCT
xk633Ue3+eVd4lEgUhgSJ36NrBZ3TEqgMncT4o7L37vASCRsQdCpqe/k1DCLhCmL
7gozuWnFQJrxMP3vO+U6eeGZcngMkGGUoO3O6XI1pENctEPPiHo46giwKxRtULxt
/857OVmzLy0dyGJmzs45Nr9/hWmWCSPcT4tuYWyMdbRin1J7XxapNr3bsQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMrJi74aTsXJgTXgkTNWE270TxtNMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEveXNtTHZocE94Y21CTmVDUk0xWVRidlJQRzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLh54AwQD
PkWYAwQAW9/rAwQAW+bvAwQBuX6YAwQCudDUAwQAwvc9MA0EAgACMAcDBQMqABsY
MA0GCSqGSIb3DQEBCwUAA4IBAQAmYXGcLAzE/s/Tx/SIw+/WRoRVini0NvNMvy9q
+RAz4lWFOO6KOveRtLh9g1wPz8m5N06cgPdJ9om2yoUcNLpx/Sy9StK1lulFykCn
UlZxyFnaWF+OAooKAVYprYJxjlRgzBUjgWQIFa/ogBLDrDeRchXVYtH+tH0r6EG1
sAMLyiO4Bjf/wsS660TfkAUKmFw+aIq0sv1X4no92LCxtWgKgc8kPtkbF/LclgtT
B2nVKFQqdIw5zCFHHj+JT0382ePl5FRvBQtcZIS2adVL7qyc0a8ftQxM7bM5l7uJ
CJrm2evzZ42Wbi645PBgSUEKyQsxcqh3igutJcgpqVjdDizb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org