Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/ycrLsDw2enNh3zcBnaMu9DAFFX4.roa
File: ycrLsDw2enNh3zcBnaMu9DAFFX4.roa (raw, json)
Hash identifier: GQdIgqFNRl9+/T4PP4Gefg6T0Q7+S2YE3fbW2XwlaSc=
Subject key identifier: C9:CA:CB:B0:3C:36:7A:73:61:DF:37:01:9D:A3:2E:F4:30:05:15:7E
Certificate issuer: /CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Certificate serial: 01856B4A020C35B3A72C7136800FF55F0B2B
Authority key identifier: 9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/ycrLsDw2enNh3zcBnaMu9DAFFX4.roa
Signing time: Sun 01 Jan 2023 03:04:50 +0000
ROA not before: Sun 01 Jan 2023 03:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43510
IP address blocks: 109.239.4.0/24 maxlen: 24
109.239.0.0/23 maxlen: 23
109.239.0.0/20 maxlen: 20
109.239.3.0/24 maxlen: 24
109.239.2.0/24 maxlen: 24
109.239.5.0/24 maxlen: 24
109.239.11.0/24 maxlen: 24
109.239.7.0/24 maxlen: 24
109.239.6.0/24 maxlen: 24
109.239.8.0/24 maxlen: 24
109.239.10.0/24 maxlen: 24
109.239.9.0/24 maxlen: 24
109.239.12.0/24 maxlen: 24
109.239.13.0/24 maxlen: 24
109.239.15.0/24 maxlen: 24
109.239.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:02:0c:35:b3:a7:2c:71:36:80:0f:f5:5f:0b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Validity
Not Before: Jan 1 03:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9cacbb03c367a7361df37019da32ef43005157e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f4:65:84:af:ff:a1:32:99:04:96:c4:b0:83:
e0:1f:c2:95:45:44:19:45:fc:ee:7d:fc:aa:ee:68:
22:86:27:5d:76:f7:ac:8d:c1:a3:4e:37:54:e1:35:
e4:c6:68:4d:da:9e:06:62:01:a7:c5:cd:68:91:90:
f2:a3:24:33:87:56:58:de:a6:5c:97:ab:fc:13:b7:
a0:1c:75:79:1d:c9:68:77:7f:65:90:c2:5f:6a:63:
19:f2:d4:b2:69:dc:64:99:a4:e2:69:8f:7c:d4:23:
4c:ed:5c:de:01:ed:ad:2a:d8:07:72:94:35:9d:c3:
02:85:9f:76:c1:f4:8e:af:ec:e0:43:4b:4f:b7:df:
31:44:aa:59:dd:34:fc:6e:56:a8:e4:d2:ae:5c:7d:
f8:c1:f1:87:3e:8e:3c:23:09:e7:7d:5f:8c:69:24:
99:63:f8:9f:64:f2:00:5e:08:2d:34:12:f2:80:d1:
18:a5:96:94:95:29:0f:ba:9b:80:80:c1:83:3b:25:
d4:20:61:4d:62:47:20:8a:d2:f4:4a:8a:85:76:bb:
fd:38:3f:1e:f5:fd:f7:20:af:65:f4:1a:24:be:37:
4f:32:35:08:5e:57:fe:c6:bc:76:de:ec:ef:09:3c:
d8:62:dd:e4:2d:ea:95:35:c8:6c:ba:19:7b:09:6a:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CA:CB:B0:3C:36:7A:73:61:DF:37:01:9D:A3:2E:F4:30:05:15:7E
X509v3 Authority Key Identifier:
keyid:9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/ycrLsDw2enNh3zcBnaMu9DAFFX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.239.0.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:45:d9:74:eb:6a:23:02:ed:da:a1:1f:f4:d2:c2:16:1f:31:
c0:4c:96:71:c0:1d:3f:35:f3:46:55:96:3a:53:bf:a0:29:14:
af:3f:e1:42:11:4c:a3:58:2b:91:3b:7d:a8:77:7f:6d:74:a4:
3d:63:41:2d:a0:da:e8:ac:fa:db:43:87:a3:ae:78:27:55:d0:
64:6c:98:7c:48:dc:e9:e5:9a:13:b6:4d:d0:9c:e9:52:83:2f:
8c:be:e1:65:92:c1:8c:73:f4:fd:dc:44:16:72:9e:c9:d2:48:
5a:17:4e:5a:6b:8c:7a:54:dd:da:85:0e:05:3b:93:25:5f:c2:
a0:80:04:fe:0e:d0:de:e9:d3:c1:e2:6d:c1:f0:cd:47:d3:52:
d0:92:fb:48:e3:48:8a:8a:c6:cc:e5:51:df:aa:56:2d:1c:6c:
a0:e3:dc:95:24:3a:f0:a5:32:f3:56:16:13:4b:a9:e5:5d:d4:
6a:c6:73:83:2c:b7:a6:de:b9:8c:21:9e:a1:bc:05:5d:e7:9c:
55:6d:e3:72:e4:ed:47:f6:f2:36:30:75:07:64:31:8e:ad:a1:
fc:90:7d:64:76:c8:68:03:c7:9f:4e:6b:47:31:60:de:b8:2e:
3c:00:50:6c:00:1c:ae:41:a0:98:fd:53:b0:75:f0:4d:8e:81:
4c:b1:a8:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrSgIMNbOnLHE2gA/1XwsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYjJmOTk3NWE5MWU3MTM3OWRhMTAwZWM4NGJkNDRhMGEy
ODBkOWIwHhcNMjMwMTAxMDMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWNhY2JiMDNjMzY3YTczNjFkZjM3MDE5ZGEzMmVmNDMwMDUxNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/RlhK//oTKZBJbEsIPgH8KVRUQZ
Rfzuffyq7mgihidddvesjcGjTjdU4TXkxmhN2p4GYgGnxc1okZDyoyQzh1ZY3qZc
l6v8E7egHHV5Hclod39lkMJfamMZ8tSyadxkmaTiaY981CNM7VzeAe2tKtgHcpQ1
ncMChZ92wfSOr+zgQ0tPt98xRKpZ3TT8blao5NKuXH34wfGHPo48IwnnfV+MaSSZ
Y/ifZPIAXggtNBLygNEYpZaUlSkPupuAgMGDOyXUIGFNYkcgitL0SoqFdrv9OD8e
9f33IK9l9BokvjdPMjUIXlf+xrx23uzvCTzYYt3kLeqVNchsuhl7CWqQQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnKy7A8NnpzYd83AZ2jLvQwBRV+MB8GA1UdIwQY
MBaAFJqy+ZdakecTedoQDshL1EoKKA2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzkt
MTVmZTA2ZmZmOGJjLzEveWNyTHNEdzJlbk5oM3pjQm5hTXU5REFGRlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzktMTVmZTA2ZmZmOGJj
LzEvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbe8AMA0G
CSqGSIb3DQEBCwUAA4IBAQAfRdl062ojAu3aoR/00sIWHzHATJZxwB0/NfNGVZY6
U7+gKRSvP+FCEUyjWCuRO32od39tdKQ9Y0EtoNrorPrbQ4ejrngnVdBkbJh8SNzp
5ZoTtk3QnOlSgy+MvuFlksGMc/T93EQWcp7J0khaF05aa4x6VN3ahQ4FO5MlX8Kg
gAT+DtDe6dPB4m3B8M1H01LQkvtI40iKisbM5VHfqlYtHGyg49yVJDrwpTLzVhYT
S6nlXdRqxnODLLem3rmMIZ6hvAVd55xVbeNy5O1H9vI2MHUHZDGOraH8kH1kdsho
A8efTmtHMWDeuC48AFBsAByuQaCY/VOwdfBNjoFMsajM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:20 2024 by rpki-client on console-ams.rpki-client.org