Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ystsCxX49AHHrF_VCjB6sH8w8nY.roa
File: ystsCxX49AHHrF_VCjB6sH8w8nY.roa (raw, json)
Hash identifier: n0nMuOCjOeJLz/ydva4X3B3CqLWppl5ICMrRx0lmj+g=
Subject key identifier: CA:CB:6C:0B:15:F8:F4:01:C7:AC:5F:D5:0A:30:7A:B0:7F:30:F2:76
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018AD5EEBB00B15B76572602335DAE60D3E6
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ystsCxX49AHHrF_VCjB6sH8w8nY.roa
Signing time: Wed 27 Sep 2023 09:18:27 +0000
ROA not before: Wed 27 Sep 2023 09:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/14 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 20
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
193.207.128.0/17 maxlen: 22
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:ee:bb:00:b1:5b:76:57:26:02:33:5d:ae:60:d3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Sep 27 09:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cacb6c0b15f8f401c7ac5fd50a307ab07f30f276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:ff:73:a4:9e:b7:e3:f9:07:07:1c:ae:df:
aa:ce:a3:60:4f:ce:08:21:30:a8:a0:e5:cd:9b:a1:
6e:db:e4:85:74:f4:98:33:e5:0f:58:89:05:56:c9:
ca:19:ff:31:0f:a2:c0:87:bc:f7:f0:e2:34:c8:9d:
ca:33:da:94:a5:4a:df:f0:5f:d7:4c:75:63:1f:62:
c7:24:76:bc:01:dc:58:3b:10:e2:69:f0:23:7b:a5:
98:38:ca:26:72:9e:c4:80:1f:02:5d:3a:20:ff:19:
c8:25:cb:f5:20:90:99:24:bc:6e:6d:16:16:98:86:
d0:e7:c5:9e:c3:52:4b:a9:eb:62:18:21:9b:bc:49:
27:2a:87:ca:74:9c:5f:b8:7c:cf:39:dc:92:22:11:
c7:82:d0:f7:7a:8d:c7:f3:c4:0e:09:13:30:d8:19:
fd:52:bf:29:b9:68:f1:a7:ff:20:d7:a4:16:be:ef:
c1:50:95:53:79:d5:f2:d5:52:b0:17:1d:19:a0:83:
70:e1:94:7d:ce:c1:2b:db:cf:e7:9b:07:81:d3:d5:
53:c4:60:f5:26:53:6d:ff:e8:69:6a:44:18:ea:f2:
32:17:e9:3b:69:98:78:6c:7a:35:a6:cc:dd:37:c2:
65:9f:f0:9b:60:76:40:0e:d4:5d:f0:1b:1c:be:d5:
c3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CB:6C:0B:15:F8:F4:01:C7:AC:5F:D5:0A:30:7A:B0:7F:30:F2:76
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/ystsCxX49AHHrF_VCjB6sH8w8nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/14
94.32.0.0/14
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
19:59:bb:cc:ec:23:dd:0a:64:54:3d:c3:27:9a:c6:27:a9:5a:
f8:a5:67:20:7f:0a:28:b1:f2:00:9f:08:82:d8:b0:fc:59:57:
5a:02:a6:03:15:49:15:96:1a:b5:ce:ad:04:fe:17:4d:e9:ea:
d3:70:bc:48:9b:d9:78:c1:4e:22:46:07:93:fb:4c:1f:b0:bb:
85:7e:b1:a9:6c:be:34:a4:fa:4c:2b:ea:15:f8:b0:59:a7:38:
51:50:0f:f5:d9:60:38:32:4f:51:10:c0:36:0b:f6:bd:de:0b:
4a:58:47:3b:6a:8c:45:4a:f1:de:32:d4:7b:3b:9a:2d:f0:c1:
b4:fa:fb:e2:32:39:6d:19:7b:2e:06:a1:7e:2e:02:a3:02:eb:
d7:36:44:7b:c5:8c:3a:83:2a:ad:33:28:2a:5e:ac:de:87:23:
7c:ff:b2:5c:70:dd:bf:07:19:ff:43:8f:12:f0:2e:37:85:ff:
69:42:d1:3e:f3:09:5a:0d:6b:cf:2c:c2:35:41:0b:50:c9:fc:
ed:7c:29:a0:79:60:24:b4:56:c3:5e:6e:e3:e8:72:61:39:52:
8a:f5:7f:49:3b:71:f7:13:b7:04:cc:bd:54:52:6c:b7:87:e2:
34:94:fd:c2:36:d5:64:17:63:a7:4b:ca:a4:3e:2e:27:c2:1f:
7a:ac:b4:ec
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYrV7rsAsVt2VyYCM12uYNPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjMwOTI3MDkxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNiNmMwYjE1ZjhmNDAxYzdhYzVmZDUwYTMwN2FiMDdmMzBmMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdf/c6Set+P5Bwccrt+qzqNgT84I
ITCooOXNm6Fu2+SFdPSYM+UPWIkFVsnKGf8xD6LAh7z38OI0yJ3KM9qUpUrf8F/X
THVjH2LHJHa8AdxYOxDiafAje6WYOMomcp7EgB8CXTog/xnIJcv1IJCZJLxubRYW
mIbQ58Wew1JLqetiGCGbvEknKofKdJxfuHzPOdySIhHHgtD3eo3H88QOCRMw2Bn9
Ur8puWjxp/8g16QWvu/BUJVTedXy1VKwFx0ZoINw4ZR9zsEr28/nmweB09VTxGD1
JlNt/+hpakQY6vIyF+k7aZh4bHo1pszdN8Jln/CbYHZADtRd8BscvtXDjwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFMrLbAsV+PQBx6xf1QowerB/MPJ2MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEveXN0c0N4WDQ5QUhIckZfVkNqQjZzSDh3OG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBUlQDAwJU
3AMDAl4gAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgDAwTBwAMEBcOC4AME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQAZWbvM7CPdCmRUPcMnmsYnqVr4pWcgfwoosfIAnwiC2LD8WVdaAqYD
FUkVlhq1zq0E/hdN6erTcLxIm9l4wU4iRgeT+0wfsLuFfrGpbL40pPpMK+oV+LBZ
pzhRUA/12WA4Mk9REMA2C/a93gtKWEc7aoxFSvHeMtR7O5ot8MG0+vviMjltGXsu
BqF+LgKjAuvXNkR7xYw6gyqtMygqXqzehyN8/7JccN2/Bxn/Q48S8C43hf9pQtE+
8wlaDWvPLMI1QQtQyfztfCmgeWAktFbDXm7j6HJhOVKK9X9JO3H3E7cEzL1UUmy3
h+I0lP3CNtVkF2OnS8qkPi4nwh96rLTs
-----END CERTIFICATE-----
Generated at Wed Sep 27 11:06:43 2023 by rpki-client on console-fra.rpki-client.org