Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/Yk_ieJJcAsghJzu_hSgeH90nIIM.roa
File: Yk_ieJJcAsghJzu_hSgeH90nIIM.roa (raw, json)
Hash identifier: a53SM7Da6Tse+WBGz/lN5nBoKEOwtCI+2FJpvZqTE6k=
Subject key identifier: 62:4F:E2:78:92:5C:02:C8:21:27:3B:BF:85:28:1E:1F:DD:27:20:83
Certificate issuer: /CN=39b8b4f04973f37cc69fb7c23468f953f149420e
Certificate serial: 0185715E8F4A0F2000D5F41E375DD606BE09
Authority key identifier: 39:B8:B4:F0:49:73:F3:7C:C6:9F:B7:C2:34:68:F9:53:F1:49:42:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Obi08Elz83zGn7fCNGj5U_FJQg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/Yk_ieJJcAsghJzu_hSgeH90nIIM.roa
Signing time: Mon 02 Jan 2023 07:25:00 +0000
ROA not before: Mon 02 Jan 2023 07:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25377
IP address blocks: 193.177.16.0/20 maxlen: 20
193.177.32.0/19 maxlen: 19
193.177.64.0/18 maxlen: 18
193.177.4.0/22 maxlen: 22
193.177.2.0/23 maxlen: 23
193.177.1.0/24 maxlen: 24
193.177.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:8f:4a:0f:20:00:d5:f4:1e:37:5d:d6:06:be:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39b8b4f04973f37cc69fb7c23468f953f149420e
Validity
Not Before: Jan 2 07:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=624fe278925c02c821273bbf85281e1fdd272083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:6b:01:c4:ef:cf:77:7d:f1:d1:f4:32:24:
41:6f:c9:66:e0:23:96:ff:16:ac:52:bf:98:86:bc:
2e:9c:d9:1d:ac:04:a2:20:58:27:26:70:c7:c4:c3:
7d:5b:02:21:16:d1:ba:dd:70:c4:2d:d6:e0:0c:c6:
ad:eb:20:f1:2d:a3:bf:20:a2:cf:ff:68:78:b5:c6:
a1:a0:71:09:36:97:36:08:f6:4d:ea:eb:05:64:34:
fb:b4:af:dc:13:89:23:84:55:34:b3:30:92:57:b5:
08:c2:7b:0e:9f:45:65:78:14:ba:f2:8b:1a:c0:51:
cd:6b:04:0b:5e:01:2d:66:88:d8:96:93:ad:a9:c0:
20:0d:3c:8e:a1:c2:8f:9b:ad:87:cd:7e:f6:98:59:
9c:25:cb:28:64:4e:58:c6:1b:2e:bb:dc:59:8a:9c:
e1:57:3f:1d:1b:77:18:9d:54:dc:4d:1f:7d:88:ee:
68:6e:ba:93:df:21:28:3c:1f:e1:19:4b:3e:99:24:
3a:75:ba:d7:3c:2c:88:74:96:78:01:e1:6e:8d:b6:
b8:79:c1:6f:3a:6d:66:95:b5:84:75:a0:ec:a1:f2:
4f:eb:d7:84:45:fb:54:ed:3f:25:65:1e:a8:d3:35:
92:a8:eb:68:0d:f0:37:4e:40:df:de:72:b2:be:88:
f8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4F:E2:78:92:5C:02:C8:21:27:3B:BF:85:28:1E:1F:DD:27:20:83
X509v3 Authority Key Identifier:
keyid:39:B8:B4:F0:49:73:F3:7C:C6:9F:B7:C2:34:68:F9:53:F1:49:42:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Obi08Elz83zGn7fCNGj5U_FJQg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/Yk_ieJJcAsghJzu_hSgeH90nIIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/Obi08Elz83zGn7fCNGj5U_FJQg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.1.0-193.177.127.255
Signature Algorithm: sha256WithRSAEncryption
6a:d0:cc:0d:92:44:f0:c6:83:09:36:ba:74:f2:01:46:b8:29:
52:8c:d9:e9:f9:da:20:fb:d2:3a:01:e1:07:a3:74:59:c4:db:
ea:bc:60:b1:2b:35:db:e9:73:0c:ea:8a:10:d1:a7:c4:ce:8e:
95:63:65:8a:ab:63:96:4e:79:8a:83:8a:e3:0f:85:6e:86:b8:
90:f7:61:1b:ea:ae:ff:95:df:37:79:d7:f2:cd:86:16:f1:d2:
c1:9c:be:05:eb:7f:93:66:0c:0a:2f:55:b5:ae:91:8f:a3:09:
7d:7e:7d:7b:a3:7a:27:e3:77:6f:63:a9:34:01:62:71:d9:b0:
8e:3c:19:e7:5b:c2:60:fb:77:e1:f8:a5:5a:3c:82:7a:c5:b3:
aa:05:cb:ca:9c:57:5a:3d:a9:3d:4a:a5:45:f4:c0:50:e4:c5:
30:b7:e4:b6:95:c3:c2:14:09:9e:b5:65:11:0f:69:97:55:00:
69:1d:76:04:9e:f0:1c:53:22:44:cf:c0:70:9c:c4:5e:fc:39:
0b:6d:79:4b:7f:d2:f6:e9:22:78:03:f0:e2:ba:7d:84:92:d8:
e3:65:8c:45:5d:9c:3f:05:74:74:ce:10:06:48:80:bb:c4:8b:
2e:69:a1:4e:61:4a:44:33:11:c5:62:3b:ae:42:06:fa:1c:06:
4a:45:ef:3f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxXo9KDyAA1fQeN13WBr4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YjhiNGYwNDk3M2YzN2NjNjlmYjdjMjM0NjhmOTUzZjE0
OTQyMGUwHhcNMjMwMTAyMDcyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRmZTI3ODkyNWMwMmM4MjEyNzNiYmY4NTI4MWUxZmRkMjcyMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiVrAcTvz3d98dH0MiRBb8lm4COW
/xasUr+YhrwunNkdrASiIFgnJnDHxMN9WwIhFtG63XDELdbgDMat6yDxLaO/IKLP
/2h4tcahoHEJNpc2CPZN6usFZDT7tK/cE4kjhFU0szCSV7UIwnsOn0VleBS68osa
wFHNawQLXgEtZojYlpOtqcAgDTyOocKPm62HzX72mFmcJcsoZE5Yxhsuu9xZipzh
Vz8dG3cYnVTcTR99iO5obrqT3yEoPB/hGUs+mSQ6dbrXPCyIdJZ4AeFujba4ecFv
Om1mlbWEdaDsofJP69eERftU7T8lZR6o0zWSqOtoDfA3TkDf3nKyvoj4FQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGJP4niSXALIISc7v4UoHh/dJyCDMB8GA1UdIwQY
MBaAFDm4tPBJc/N8xp+3wjRo+VPxSUIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2JpMDhFbHo4M3pHbjdmQ05HajVVX0ZKUWc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84YWNjNGItZTBhMi00ZDIxLWI4NjQt
OTkwMzA3ZDIwM2M4LzEvWWtfaWVKSmNBc2doSnp1X2hTZ2VIOTBuSUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84YWNjNGItZTBhMi00ZDIxLWI4NjQtOTkwMzA3ZDIwM2M4
LzEvT2JpMDhFbHo4M3pHbjdmQ05HajVVX0ZKUWc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADBsQED
BAfBsQAwDQYJKoZIhvcNAQELBQADggEBAGrQzA2SRPDGgwk2unTyAUa4KVKM2en5
2iD70joB4QejdFnE2+q8YLErNdvpcwzqihDRp8TOjpVjZYqrY5ZOeYqDiuMPhW6G
uJD3YRvqrv+V3zd51/LNhhbx0sGcvgXrf5NmDAovVbWukY+jCX1+fXujeifjd29j
qTQBYnHZsI48GedbwmD7d+H4pVo8gnrFs6oFy8qcV1o9qT1KpUX0wFDkxTC35LaV
w8IUCZ61ZREPaZdVAGkddgSe8BxTIkTPwHCcxF78OQtteUt/0vbpIngD8OK6fYSS
2ONljEVdnD8FdHTOEAZIgLvEiy5poU5hSkQzEcViO65CBvocBkpF7z8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org