Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/Y04dtBW6p9X6clINZfnP0wlgVkA.roa
File: Y04dtBW6p9X6clINZfnP0wlgVkA.roa (raw, json)
Hash identifier: Z1OmOEercqDM//Vrj5po9/6phVqFg2OehZ/1C3JL7Ag=
Subject key identifier: 63:4E:1D:B4:15:BA:A7:D5:FA:72:52:0D:65:F9:CF:D3:09:60:56:40
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018BD731A716FFE3595A615EA44F581DAC61
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/Y04dtBW6p9X6clINZfnP0wlgVkA.roa
Signing time: Thu 16 Nov 2023 08:13:57 +0000
ROA not before: Thu 16 Nov 2023 08:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 89.237.173.0/24 maxlen: 24
78.138.192.0/18 maxlen: 18
78.138.240.0/24 maxlen: 24
212.24.226.0/24 maxlen: 24
212.24.227.0/24 maxlen: 24
212.24.232.0/23 maxlen: 23
89.237.139.0/24 maxlen: 24
212.24.230.0/24 maxlen: 24
212.24.228.0/24 maxlen: 24
89.237.162.0/24 maxlen: 24
89.237.167.0/24 maxlen: 24
2a00:f580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:31:a7:16:ff:e3:59:5a:61:5e:a4:4f:58:1d:ac:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Nov 16 08:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=634e1db415baa7d5fa72520d65f9cfd309605640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8b:d8:13:5a:7d:cf:ee:ef:18:b2:5b:98:b9:
14:cc:74:24:70:7c:de:03:07:cf:9f:41:66:65:a9:
4b:7a:c0:83:96:35:cd:4c:90:60:09:bc:ac:50:7e:
33:4f:ea:f7:e1:0b:5b:9d:d9:70:8b:71:14:55:74:
09:c9:98:3f:b9:79:ae:1a:48:1e:93:ca:a7:3e:21:
22:36:df:00:d8:4d:75:ed:54:d4:7b:7e:c8:ac:06:
69:36:d1:5a:f5:86:24:d2:c8:82:05:ad:1d:93:87:
6c:b2:8d:ee:fb:eb:ba:07:c3:5c:ae:da:5a:65:3b:
a6:f2:dc:0c:ef:ee:56:3b:a9:38:6e:32:a8:06:a5:
6a:54:78:92:ca:86:11:ec:a3:29:f4:f0:fe:80:d7:
2e:85:1e:7c:1b:10:07:f0:ed:19:c9:b7:88:6a:a3:
f5:90:a5:7f:3b:b0:f7:57:63:69:e1:77:51:a4:a8:
b3:02:19:1d:e0:44:59:10:15:6d:f1:cc:82:5a:63:
a4:b2:e4:ac:ad:43:f8:55:61:c0:01:10:ac:c5:29:
42:69:56:a8:98:fe:59:31:a8:6d:b6:48:9b:b6:2e:
a0:a1:68:3e:4c:b4:6e:96:45:54:1b:e8:74:03:d3:
03:1c:b2:f6:ac:6a:14:bd:9b:9c:96:69:3a:f3:29:
67:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4E:1D:B4:15:BA:A7:D5:FA:72:52:0D:65:F9:CF:D3:09:60:56:40
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/Y04dtBW6p9X6clINZfnP0wlgVkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.192.0/18
89.237.139.0/24
89.237.162.0/24
89.237.167.0/24
89.237.173.0/24
212.24.226.0-212.24.228.255
212.24.230.0/24
212.24.232.0/23
IPv6:
2a00:f580::/32
Signature Algorithm: sha256WithRSAEncryption
25:3b:13:81:9f:26:51:5d:5f:e6:89:1c:5e:12:cb:f4:ea:fc:
50:64:75:90:20:60:a7:17:3d:93:c0:df:86:9c:75:dd:a6:c7:
00:34:73:71:bf:89:1b:33:32:76:54:4f:54:e9:94:2e:17:61:
be:56:d3:aa:5d:d9:ba:3a:76:5d:85:69:7a:3f:03:e3:14:f2:
38:73:fc:84:83:51:13:c1:38:f4:86:79:de:d6:ec:ca:77:dd:
1a:ef:ab:ef:59:5c:70:49:0d:c9:11:dd:fa:af:1d:8e:90:21:
0d:0d:a0:44:b1:76:ce:b8:af:ad:d3:12:e4:c3:79:ee:e2:98:
2f:4d:97:a3:b4:ef:c2:92:4e:c3:5b:c5:9f:e6:91:1e:1f:80:
b1:65:48:6d:f4:2b:b8:f5:d9:95:5a:e1:87:d0:65:1d:15:cf:
43:34:01:14:b5:11:b4:8c:4b:05:42:17:da:67:68:95:b1:a1:
9a:5e:de:03:ce:97:cd:b8:37:12:99:0e:00:53:2d:3f:65:26:
af:3a:38:7c:3d:68:c3:82:5b:aa:57:57:c8:10:ba:05:87:2b:
9a:4b:93:78:a6:be:3b:2b:81:ec:9c:53:38:34:c9:ae:c8:31:
0a:3e:e9:95:ed:25:c1:ca:ea:4d:15:a3:f6:02:c9:5a:f1:06:
c3:6d:92:af
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYvXMacW/+NZWmFepE9YHaxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjMxMTE2MDgxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRlMWRiNDE1YmFhN2Q1ZmE3MjUyMGQ2NWY5Y2ZkMzA5NjA1NjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIvYE1p9z+7vGLJbmLkUzHQkcHze
AwfPn0FmZalLesCDljXNTJBgCbysUH4zT+r34Qtbndlwi3EUVXQJyZg/uXmuGkge
k8qnPiEiNt8A2E117VTUe37IrAZpNtFa9YYk0siCBa0dk4dsso3u++u6B8Ncrtpa
ZTum8twM7+5WO6k4bjKoBqVqVHiSyoYR7KMp9PD+gNcuhR58GxAH8O0ZybeIaqP1
kKV/O7D3V2Np4XdRpKizAhkd4ERZEBVt8cyCWmOksuSsrUP4VWHAARCsxSlCaVao
mP5ZMahttkibti6goWg+TLRulkVUG+h0A9MDHLL2rGoUvZuclmk68ylniwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGNOHbQVuqfV+nJSDWX5z9MJYFZAMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvWTA0ZHRCVzZwOVg2Y2xJTlpmblAwd2xnVmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQGTorAAwQA
We2LAwQAWe2iAwQAWe2nAwQAWe2tMAwDBAHUGOIDBADUGOQDBADUGOYDBAHUGOgw
DQQCAAIwBwMFACoA9YAwDQYJKoZIhvcNAQELBQADggEBACU7E4GfJlFdX+aJHF4S
y/Tq/FBkdZAgYKcXPZPA34acdd2mxwA0c3G/iRszMnZUT1TplC4XYb5W06pd2bo6
dl2FaXo/A+MU8jhz/ISDURPBOPSGed7W7Mp33Rrvq+9ZXHBJDckR3fqvHY6QIQ0N
oESxds64r63TEuTDee7imC9Nl6O078KSTsNbxZ/mkR4fgLFlSG30K7j12ZVa4YfQ
ZR0Vz0M0ARS1EbSMSwVCF9pnaJWxoZpe3gPOl824NxKZDgBTLT9lJq86OHw9aMOC
W6pXV8gQugWHK5pLk3imvjsrgeycUzg0ya7IMQo+6ZXtJcHK6k0Vo/YCyVrxBsNt
kq8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:21 2024 by rpki-client on console-ams.rpki-client.org