Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/yPASmOkuWkLkroEMSNAYhNHQl9s.roa
File: yPASmOkuWkLkroEMSNAYhNHQl9s.roa (raw, json)
Hash identifier: CASWj5P2Uv4TyzU01wGZYQOdbJ/9V9hQXDiFD+SKoD4=
Subject key identifier: C8:F0:12:98:E9:2E:5A:42:E4:AE:81:0C:48:D0:18:84:D1:D0:97:DB
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018E56035F8042A1C402E2B8C1789C30905C
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/yPASmOkuWkLkroEMSNAYhNHQl9s.roa
Signing time: Tue 19 Mar 2024 09:20:45 +0000
ROA not before: Tue 19 Mar 2024 09:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 62.90.135.0/24 maxlen: 24
147.234.74.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.81.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
147.234.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 08:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:03:5f:80:42:a1:c4:02:e2:b8:c1:78:9c:30:90:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Mar 19 09:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f01298e92e5a42e4ae810c48d01884d1d097db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d3:db:b7:96:c3:7e:6c:76:ed:5e:84:23:00:
d7:28:a5:ba:ce:c8:f3:07:25:f7:7b:ad:74:f1:07:
a0:ec:4b:e0:20:55:c0:5e:60:4a:59:d2:52:9b:f9:
be:ca:28:d8:8e:dd:7e:94:f5:d8:34:75:cb:46:c3:
6c:15:a9:2c:f3:d7:44:05:3c:71:73:13:fa:f8:10:
e7:67:9a:79:67:f8:5d:b3:b9:b8:31:e1:59:75:75:
a5:be:3d:76:78:80:b7:e0:e0:5d:aa:48:fa:4c:23:
88:a1:06:e5:1e:ba:db:cd:f2:fb:39:34:16:d9:ff:
f6:a2:5f:d8:01:c3:a5:f5:b7:41:8d:b2:d3:fb:1d:
3a:35:4b:59:e5:ee:e8:6d:1e:bd:8a:c7:69:3b:d4:
a9:b9:b8:53:f4:74:83:21:8f:3d:9b:7a:26:4c:ea:
cb:21:b2:c1:58:e2:3d:f7:08:d1:be:dd:3b:7c:01:
0c:0d:b3:23:7b:26:bc:2b:79:43:54:ba:8b:b3:17:
15:80:d1:74:92:c1:c6:6f:f5:7e:19:53:ea:c0:2a:
13:57:d0:3d:f0:9d:c5:96:5b:f7:8a:45:4c:5b:b6:
32:b9:83:de:7e:2e:3d:f3:c7:8d:a3:4e:ad:6c:4b:
0d:a2:a5:dd:32:23:99:37:59:84:13:4c:83:a6:28:
ae:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F0:12:98:E9:2E:5A:42:E4:AE:81:0C:48:D0:18:84:D1:D0:97:DB
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/yPASmOkuWkLkroEMSNAYhNHQl9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.74.0/23
147.234.81.0/24
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
44:73:cf:a9:69:bc:92:94:16:83:df:7b:a6:d1:b8:2a:a2:2e:
9b:09:75:af:54:3c:b7:ae:98:8b:9b:d5:33:a9:f1:86:57:91:
29:75:d2:79:39:b5:b3:8b:6f:a9:60:12:d9:65:8b:28:4c:55:
79:db:33:b8:73:a7:86:60:29:ad:04:ac:95:25:15:26:64:2a:
66:92:ba:c4:4d:fb:ad:68:44:96:7b:ec:3a:5a:cd:3c:93:43:
01:f8:bf:81:84:30:a9:94:7e:7b:47:b5:c2:45:dc:f7:d2:a1:
65:fc:95:a0:96:a7:07:d4:7b:c5:0b:07:a3:ee:f2:19:7a:f1:
9b:57:00:7c:f4:47:79:a3:d8:56:e2:25:b3:eb:d6:5b:43:cc:
00:60:b3:ff:ab:2b:e5:9e:78:9e:d9:30:cc:25:72:79:ed:30:
c5:89:08:ab:fb:37:b8:51:74:79:93:28:40:9a:57:ea:a9:51:
70:30:b9:32:7a:f2:d1:c3:e5:9d:c0:ce:34:88:1f:7b:0d:f9:
64:51:4f:61:83:1d:99:48:67:16:97:7d:91:9d:b9:5d:4b:db:
e4:38:37:9b:85:54:ab:18:58:9a:90:23:b1:74:70:83:1a:4c:
83:43:16:1d:bd:23:24:21:9b:b5:87:79:d8:b0:7f:08:6b:b7:
ee:26:40:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5WA1+AQqHEAuK4wXicMJBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwMzE5MDkyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYwMTI5OGU5MmU1YTQyZTRhZTgxMGM0OGQwMTg4NGQxZDA5N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotPbt5bDfmx27V6EIwDXKKW6zsjz
ByX3e6108Qeg7EvgIFXAXmBKWdJSm/m+yijYjt1+lPXYNHXLRsNsFaks89dEBTxx
cxP6+BDnZ5p5Z/hds7m4MeFZdXWlvj12eIC34OBdqkj6TCOIoQblHrrbzfL7OTQW
2f/2ol/YAcOl9bdBjbLT+x06NUtZ5e7obR69isdpO9SpubhT9HSDIY89m3omTOrL
IbLBWOI99wjRvt07fAEMDbMjeya8K3lDVLqLsxcVgNF0ksHGb/V+GVPqwCoTV9A9
8J3Fllv3ikVMW7YyuYPefi4988eNo06tbEsNoqXdMiOZN1mEE0yDpiiuKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMjwEpjpLlpC5K6BDEjQGITR0JfbMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEveVBBU21Pa3VXa0xrcm9FTVNOQVloTkhRbDlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPlqHAwQB
k+pKAwQAk+pRAwQBk+pYMA0GCSqGSIb3DQEBCwUAA4IBAQBEc8+pabySlBaD33um
0bgqoi6bCXWvVDy3rpiLm9UzqfGGV5EpddJ5ObWzi2+pYBLZZYsoTFV52zO4c6eG
YCmtBKyVJRUmZCpmkrrETfutaESWe+w6Ws08k0MB+L+BhDCplH57R7XCRdz30qFl
/JWglqcH1HvFCwej7vIZevGbVwB89Ed5o9hW4iWz69ZbQ8wAYLP/qyvlnnie2TDM
JXJ57TDFiQir+ze4UXR5kyhAmlfqqVFwMLkyevLRw+WdwM40iB97DflkUU9hgx2Z
SGcWl32RnbldS9vkODebhVSrGFiakCOxdHCDGkyDQxYdvSMkIZu1h3nYsH8Ia7fu
JkAk
-----END CERTIFICATE-----
Generated at Wed May 1 11:31:44 2024 by rpki-client on console-ams.rpki-client.org