Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/cYF5Cks6wlN7LaGevT4ghVM8u6I.roa
File: cYF5Cks6wlN7LaGevT4ghVM8u6I.roa (raw, json)
Hash identifier: fT/3d2TJB/lZFJ+onFUXimAmZYdXh9C6lqx2QWqOBoA=
Subject key identifier: 71:81:79:0A:4B:3A:C2:53:7B:2D:A1:9E:BD:3E:20:85:53:3C:BB:A2
Certificate issuer: /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial: 018572B44333A9E90110124B936446919F84
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/cYF5Cks6wlN7LaGevT4ghVM8u6I.roa
Signing time: Mon 02 Jan 2023 13:38:14 +0000
ROA not before: Mon 02 Jan 2023 13:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23921
IP address blocks: 156.114.16.0/24 maxlen: 24
156.114.17.0/24 maxlen: 24
156.114.16.0/23 maxlen: 23
156.114.18.0/24 maxlen: 24
156.114.19.0/24 maxlen: 24
156.114.18.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:43:33:a9:e9:01:10:12:4b:93:64:46:91:9f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Validity
Not Before: Jan 2 13:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7181790a4b3ac2537b2da19ebd3e2085533cbba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:72:5c:82:6a:5d:e7:bd:bc:c0:d4:6d:76:
b0:9a:73:d2:37:af:77:73:de:ba:3d:ae:d8:0b:40:
a8:00:a0:b0:82:2b:3e:61:6a:db:25:64:19:93:2b:
06:eb:75:13:19:5a:ca:0d:2c:15:96:2f:1b:29:11:
26:58:96:8e:bd:f7:61:23:35:64:42:65:75:16:f7:
9c:f5:12:4a:a5:d5:e2:c0:17:5c:44:9b:55:36:70:
dc:af:12:fd:08:a5:f0:db:d8:a8:69:dc:c1:6d:1e:
13:86:8d:42:0a:cb:3d:ef:05:7d:3e:1a:30:25:78:
1e:53:8e:20:c3:14:9f:67:d3:26:94:6b:34:c0:78:
3f:5f:4a:14:e7:4d:3c:ac:20:aa:28:c1:5a:ac:d0:
1f:73:16:c5:c2:57:2a:2f:a2:75:de:ff:65:cb:ca:
96:c0:bb:b2:44:5d:8c:f7:51:f9:b7:01:5d:85:f8:
bd:4c:9f:2e:99:f7:0b:e5:05:bc:7f:cb:97:e9:9f:
8d:54:15:cf:dc:99:20:bf:23:34:7f:4e:34:2d:42:
ac:71:01:27:e7:49:89:9f:32:b1:b8:4c:bf:d4:70:
a6:25:65:3b:53:6d:89:b0:92:f8:a6:75:23:61:1a:
59:5d:53:61:73:90:14:ac:93:76:e8:22:c8:bb:e2:
a0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:81:79:0A:4B:3A:C2:53:7B:2D:A1:9E:BD:3E:20:85:53:3C:BB:A2
X509v3 Authority Key Identifier:
keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/cYF5Cks6wlN7LaGevT4ghVM8u6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.114.16.0/22
Signature Algorithm: sha256WithRSAEncryption
58:bb:26:29:52:63:bb:1b:fc:ba:0f:40:97:ba:06:33:32:0f:
bc:05:60:0e:30:d6:76:8d:d0:c9:16:37:2d:16:6d:e2:82:1a:
91:6c:6b:85:5a:96:2e:d9:0d:b4:eb:68:fa:11:b6:4c:e1:a6:
8e:c8:6b:c2:cb:dd:eb:d3:36:8a:c9:72:c2:24:59:ec:a3:c6:
37:dd:c1:85:75:2e:aa:6a:0d:28:e3:8e:fc:f4:8d:35:63:01:
30:c1:53:ef:bd:9a:34:e1:cd:bd:f9:ba:e4:e4:5e:2b:b5:41:
2d:6d:c5:50:8d:d5:f3:62:d9:d8:09:c1:26:49:47:e3:18:95:
3e:3a:13:86:cc:ae:52:26:44:2d:18:b3:2b:5a:c8:78:70:f9:
4e:9c:21:af:2d:f5:9b:33:ec:6a:11:ea:91:b0:4a:91:1c:6b:
ba:4e:97:70:bc:cc:4c:c1:44:e1:cd:45:cb:83:30:06:a9:50:
65:71:c0:d8:80:87:9f:d3:01:81:65:1c:ac:8e:2a:8f:f1:31:
f2:4e:02:a0:c7:b3:c7:b9:21:07:e6:b9:57:40:8b:26:e3:3f:
34:fe:f4:bd:0b:30:a1:7c:f0:24:7a:aa:16:08:64:d7:2d:b0:
ac:ea:77:c3:f1:3b:84:80:e4:de:dc:2d:d8:73:e7:16:7d:79:
b1:7b:3d:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytEMzqekBEBJLk2RGkZ+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjMwMTAyMTMzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTgxNzkwYTRiM2FjMjUzN2IyZGExOWViZDNlMjA4NTUzM2NiYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF1yXIJqXee9vMDUbXawmnPSN693
c966Pa7YC0CoAKCwgis+YWrbJWQZkysG63UTGVrKDSwVli8bKREmWJaOvfdhIzVk
QmV1Fvec9RJKpdXiwBdcRJtVNnDcrxL9CKXw29ioadzBbR4Tho1CCss97wV9Phow
JXgeU44gwxSfZ9MmlGs0wHg/X0oU5008rCCqKMFarNAfcxbFwlcqL6J13v9ly8qW
wLuyRF2M91H5twFdhfi9TJ8umfcL5QW8f8uX6Z+NVBXP3JkgvyM0f040LUKscQEn
50mJnzKxuEy/1HCmJWU7U22JsJL4pnUjYRpZXVNhc5AUrJN26CLIu+Kg+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGBeQpLOsJTey2hnr0+IIVTPLuiMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvY1lGNUNrczZ3bE43TGFHZXZUNGdoVk04dTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnHIQMA0G
CSqGSIb3DQEBCwUAA4IBAQBYuyYpUmO7G/y6D0CXugYzMg+8BWAOMNZ2jdDJFjct
Fm3ighqRbGuFWpYu2Q2062j6EbZM4aaOyGvCy93r0zaKyXLCJFnso8Y33cGFdS6q
ag0o44789I01YwEwwVPvvZo04c29+brk5F4rtUEtbcVQjdXzYtnYCcEmSUfjGJU+
OhOGzK5SJkQtGLMrWsh4cPlOnCGvLfWbM+xqEeqRsEqRHGu6TpdwvMxMwUThzUXL
gzAGqVBlccDYgIef0wGBZRysjiqP8THyTgKgx7PHuSEH5rlXQIsm4z80/vS9CzCh
fPAkeqoWCGTXLbCs6nfD8TuEgOTe3C3Yc+cWfXmxez2B
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:22 2024 by rpki-client on console-fra.rpki-client.org