Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/yhnwGsQ8UHFC8_bYXAhM0-Yj4vg.roa
File: yhnwGsQ8UHFC8_bYXAhM0-Yj4vg.roa (raw, json)
Hash identifier: JGCHLvdHfIgXbxVqOANxTWfKH43S1IPxlDWXiFAiWFY=
Subject key identifier: CA:19:F0:1A:C4:3C:50:71:42:F3:F6:D8:5C:08:4C:D3:E6:23:E2:F8
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 01936C10F1D69652B4E00D23FA728FDC0DE4
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/yhnwGsQ8UHFC8_bYXAhM0-Yj4vg.roa
Signing time: Wed 27 Nov 2024 05:21:09 +0000
ROA not before: Wed 27 Nov 2024 05:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39013
IP address blocks: 151.237.66.0/24 maxlen: 24
151.237.80.0/22 maxlen: 22
151.237.80.0/23 maxlen: 23
151.237.82.0/23 maxlen: 23
151.237.88.0/23 maxlen: 23
151.237.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 05:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:10:f1:d6:96:52:b4:e0:0d:23:fa:72:8f:dc:0d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Nov 27 05:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca19f01ac43c507142f3f6d85c084cd3e623e2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:3b:73:f8:93:b9:f8:90:67:76:76:25:a1:
9c:97:e0:32:2f:72:9d:0c:65:df:bf:6c:99:83:32:
e6:7c:4a:46:9b:3c:a2:a2:0c:2f:55:62:75:a2:5e:
ef:5e:b7:68:4a:6a:33:94:84:6e:1b:91:db:21:3d:
b5:29:19:c0:3e:da:4f:ca:8f:21:95:0a:37:d9:1b:
cc:9f:ab:9f:a9:89:03:75:47:ad:4a:28:83:68:f2:
fe:7d:55:a1:ab:85:d6:64:ca:f0:28:c5:6c:46:e9:
78:91:38:34:f3:b2:22:46:c4:ba:e9:bb:ac:41:98:
f5:87:de:22:a7:3d:53:c8:a2:32:ce:da:7a:f5:71:
79:6c:e7:73:3e:fe:fb:de:6f:de:0a:a8:cf:5c:32:
0f:63:c1:ff:3e:34:eb:9b:14:96:af:8c:f1:1a:4a:
fd:97:11:07:6e:cd:25:47:a1:a9:10:ff:34:0f:46:
01:33:fa:64:8d:28:d3:31:7e:6f:1c:4d:24:24:e4:
54:ae:db:8f:d5:38:bc:40:8e:79:8b:ee:ee:fb:a5:
50:05:0a:e3:53:36:9c:5f:22:e5:68:38:d1:21:bd:
15:1c:bd:37:dc:a7:df:91:af:22:d9:1e:79:b3:6f:
c9:02:2c:fe:98:1a:f4:f8:1c:ff:bc:da:e1:7d:bb:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:19:F0:1A:C4:3C:50:71:42:F3:F6:D8:5C:08:4C:D3:E6:23:E2:F8
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/yhnwGsQ8UHFC8_bYXAhM0-Yj4vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.66.0/24
151.237.80.0/22
151.237.88.0-151.237.90.255
Signature Algorithm: sha256WithRSAEncryption
36:dd:75:50:70:0b:c1:a0:96:94:e0:55:f2:95:ab:d3:6e:92:
a7:65:5a:dc:16:9a:bf:b8:6a:70:d3:e1:d8:10:b3:c3:97:89:
76:38:f3:08:12:28:27:89:74:2b:dd:f0:de:da:12:de:78:db:
a1:fe:5b:c4:d8:d5:16:3f:51:2d:e4:e1:ca:38:7c:31:ad:81:
19:83:5c:fe:69:68:89:ba:ff:72:e1:10:c6:0e:e9:b0:b5:cb:
38:07:0d:fc:2e:1f:ea:bb:e3:6e:d8:fa:d1:92:b2:16:d1:fc:
e6:ac:a3:3c:de:2b:42:1f:fc:d3:c2:aa:c7:c5:d8:62:ea:13:
5b:8c:cf:ee:b8:67:63:16:c1:a4:79:32:50:6b:24:20:c5:4d:
35:eb:7c:d0:f4:0f:bb:c4:0e:92:58:ed:e4:fc:1c:7f:d6:fc:
02:d2:f0:c5:c6:ed:60:12:82:ba:38:8a:35:00:48:b4:2d:c6:
f6:ff:62:aa:34:2d:61:76:aa:06:1a:b6:0a:83:53:14:19:c0:
df:e2:df:58:c2:39:40:22:a7:11:8f:b1:76:9e:e1:d1:91:4a:
df:43:08:c2:7d:4d:c4:28:b0:32:5f:0c:34:5d:ae:97:ec:cb:
0e:91:18:74:c2:73:ca:fc:09:da:8d:7e:75:9f:72:18:ea:62:
4f:09:37:78
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNsEPHWllK04A0j+nKP3A3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNjIyZmRlYzhmYWRmY2E1OGU3NTc1YzI5ZjEwZTczYWU3
NzU3MTUwHhcNMjQxMTI3MDUyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTE5ZjAxYWM0M2M1MDcxNDJmM2Y2ZDg1YzA4NGNkM2U2MjNlMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUY7c/iTufiQZ3Z2JaGcl+AyL3Kd
DGXfv2yZgzLmfEpGmzyiogwvVWJ1ol7vXrdoSmozlIRuG5HbIT21KRnAPtpPyo8h
lQo32RvMn6ufqYkDdUetSiiDaPL+fVWhq4XWZMrwKMVsRul4kTg087IiRsS66bus
QZj1h94ipz1TyKIyztp69XF5bOdzPv773m/eCqjPXDIPY8H/PjTrmxSWr4zxGkr9
lxEHbs0lR6GpEP80D0YBM/pkjSjTMX5vHE0kJORUrtuP1Ti8QI55i+7u+6VQBQrj
UzacXyLlaDjRIb0VHL033Kffka8i2R55s2/JAiz+mBr0+Bz/vNrhfbtxFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMoZ8BrEPFBxQvP22FwITNPmI+L4MB8GA1UdIwQY
MBaAFNJiL97I+t/KWOdXXCnxDnOud1cVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWIt
ZjA1YWEyMjlkNjM4LzEveWhud0dzUThVSEZDOF9iWVhBaE0wLVlqNHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NWYwMmUtZjFhYy00NGZiLTkyZWItZjA1YWEyMjlkNjM4
LzEvMG1JdjNzajYzOHBZNTFkY0tmRU9jNjUzVnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAl+1CAwQC
l+1QMAwDBAOX7VgDBACX7VowDQYJKoZIhvcNAQELBQADggEBADbddVBwC8GglpTg
VfKVq9NukqdlWtwWmr+4anDT4dgQs8OXiXY48wgSKCeJdCvd8N7aEt5426H+W8TY
1RY/US3k4co4fDGtgRmDXP5paIm6/3LhEMYO6bC1yzgHDfwuH+q7427Y+tGSshbR
/OasozzeK0If/NPCqsfF2GLqE1uMz+64Z2MWwaR5MlBrJCDFTTXrfND0D7vEDpJY
7eT8HH/W/ALS8MXG7WASgro4ijUASLQtxvb/Yqo0LWF2qgYatgqDUxQZwN/i31jC
OUAipxGPsXae4dGRSt9DCMJ9TcQosDJfDDRdrpfsyw6RGHTCc8r8CdqNfnWfchjq
Yk8JN3g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:41:57 2025 by rpki-client