Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/YZzZL-YgCa3JZSVTiusMZXCl_XA.roa
File: YZzZL-YgCa3JZSVTiusMZXCl_XA.roa (raw, json)
Hash identifier: sFr5lr+66O1xxN4oobwu7Sp1ch9bauPV/4Db0DFrc24=
Subject key identifier: 61:9C:D9:2F:E6:20:09:AD:C9:65:25:53:8A:EB:0C:65:70:A5:FD:70
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018B4C46477E49BBA6C858CA20E429EA9CB8
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/YZzZL-YgCa3JZSVTiusMZXCl_XA.roa
Signing time: Fri 20 Oct 2023 08:49:16 +0000
ROA not before: Fri 20 Oct 2023 08:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 43.251.163.0/24 maxlen: 24
43.251.162.0/24 maxlen: 24
37.114.61.0/24 maxlen: 24
37.114.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:46:47:7e:49:bb:a6:c8:58:ca:20:e4:29:ea:9c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Oct 20 08:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=619cd92fe62009adc96525538aeb0c6570a5fd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2c:a7:ec:df:92:ed:34:fa:fe:e4:b5:63:44:
c3:51:97:77:4b:28:6e:2c:a1:ec:10:b0:00:1c:00:
07:95:b5:74:cd:66:a3:ae:2b:fe:af:90:46:7d:6b:
b6:e1:71:ee:f0:15:35:04:55:87:8c:c3:e1:84:30:
33:83:4b:67:0e:b7:dd:40:35:ef:6d:21:64:23:6c:
2c:2e:c5:17:73:fa:da:74:5b:4e:95:46:a1:3e:75:
77:62:2d:f2:9c:68:fb:e3:5f:40:ae:63:47:5b:87:
c7:99:e5:5d:09:aa:fd:4f:0c:07:3e:51:5d:41:39:
df:a6:0a:fe:06:87:0a:08:de:bd:b7:b5:dd:65:65:
09:2e:dd:7f:2d:ec:6c:eb:e4:e9:03:7b:ac:9f:01:
23:dd:d6:b1:23:bc:e2:f3:f5:fc:33:15:c3:e2:c6:
00:f1:82:d6:4e:60:4d:88:6c:4c:aa:39:8b:33:71:
3f:ba:2e:4e:58:d7:9e:23:2d:0e:4b:6c:4c:e1:56:
05:c5:f3:3f:57:8a:d6:e3:d5:d0:d6:93:d7:0b:5c:
4b:69:ec:ba:6c:04:a4:db:f4:4c:23:3a:50:13:37:
48:ca:78:62:20:a5:a6:8e:de:33:a5:ee:10:25:fb:
eb:5d:7c:2f:0b:b8:ac:b7:23:b1:5d:a2:3e:78:a1:
2b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9C:D9:2F:E6:20:09:AD:C9:65:25:53:8A:EB:0C:65:70:A5:FD:70
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/YZzZL-YgCa3JZSVTiusMZXCl_XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.60.0/23
43.251.162.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:71:af:c9:f3:39:9a:56:c2:c7:41:5d:33:4e:a3:d6:7e:1e:
1c:75:d0:21:b6:c2:b9:7f:44:83:02:dd:dc:39:78:b5:1d:64:
58:e5:01:a3:86:44:62:ce:90:97:8b:ce:ad:23:0f:43:6d:ce:
64:90:bf:79:da:93:76:68:b5:87:f2:da:bd:44:24:a5:04:b8:
9c:7f:e7:ac:2f:f6:c0:21:7d:30:52:29:81:c9:62:04:54:fa:
ad:41:2c:60:6e:b7:2c:31:e1:9f:fb:59:be:91:bd:68:08:b4:
43:6c:b3:a0:ef:af:a4:9e:af:54:e0:f7:a0:00:5e:3c:07:b4:
0a:a0:cb:e2:4d:1c:fe:80:e1:a7:2c:84:90:03:a0:ee:a3:9a:
c6:63:10:f4:70:5f:eb:5c:21:3a:5c:5d:ec:be:71:e2:59:36:
30:5d:b6:f8:46:3a:92:f8:73:89:8a:f2:bb:3b:62:f6:36:1b:
7d:02:ab:7f:3c:d5:8c:11:2f:2c:00:41:c2:64:d7:45:69:99:
9b:76:cf:0e:3f:06:ca:e9:bb:5a:22:40:c0:67:1a:06:fc:aa:
49:6e:51:66:bb:19:24:88:57:8e:5b:0f:ac:8e:8f:23:51:5c:
67:50:43:5d:4e:b1:34:4e:7c:8f:4f:28:a3:91:03:c0:6b:34:
bb:f6:33:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtMRkd+SbumyFjKIOQp6py4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMxMDIwMDg0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTljZDkyZmU2MjAwOWFkYzk2NTI1NTM4YWViMGM2NTcwYTVmZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSyn7N+S7TT6/uS1Y0TDUZd3Syhu
LKHsELAAHAAHlbV0zWajriv+r5BGfWu24XHu8BU1BFWHjMPhhDAzg0tnDrfdQDXv
bSFkI2wsLsUXc/radFtOlUahPnV3Yi3ynGj7419ArmNHW4fHmeVdCar9TwwHPlFd
QTnfpgr+BocKCN69t7XdZWUJLt1/Lexs6+TpA3usnwEj3daxI7zi8/X8MxXD4sYA
8YLWTmBNiGxMqjmLM3E/ui5OWNeeIy0OS2xM4VYFxfM/V4rW49XQ1pPXC1xLaey6
bASk2/RMIzpQEzdIynhiIKWmjt4zpe4QJfvrXXwvC7istyOxXaI+eKErdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGGc2S/mIAmtyWUlU4rrDGVwpf1wMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvWVp6WkwtWWdDYTNKWlNWVGl1c01aWENsX1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJXI8AwQB
K/uiMA0GCSqGSIb3DQEBCwUAA4IBAQBNca/J8zmaVsLHQV0zTqPWfh4cddAhtsK5
f0SDAt3cOXi1HWRY5QGjhkRizpCXi86tIw9Dbc5kkL952pN2aLWH8tq9RCSlBLic
f+esL/bAIX0wUimByWIEVPqtQSxgbrcsMeGf+1m+kb1oCLRDbLOg76+knq9U4Peg
AF48B7QKoMviTRz+gOGnLISQA6Duo5rGYxD0cF/rXCE6XF3svnHiWTYwXbb4RjqS
+HOJivK7O2L2Nht9Aqt/PNWMES8sAEHCZNdFaZmbds8OPwbK6btaIkDAZxoG/KpJ
blFmuxkkiFeOWw+sjo8jUVxnUENdTrE0TnyPTyijkQPAazS79jNl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org