Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa
File: YfeZUvGguOpdOnkUHpG4L1G4qh8.roa (raw, json)
Hash identifier: koZGHeT0LgGBHfgB5+Q9Pyy4Q/cpKn5CG8x+KrLEH7I=
Subject key identifier: 61:F7:99:52:F1:A0:B8:EA:5D:3A:79:14:1E:91:B8:2F:51:B8:AA:1F
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018D46AA907B4FCAA53D0F63ECA9C1A2A025
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa
Signing time: Fri 26 Jan 2024 16:46:39 +0000
ROA not before: Fri 26 Jan 2024 16:46:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 46.22.128.0/20 maxlen: 20
78.153.192.0/19 maxlen: 24
81.17.240.0/20 maxlen: 24
91.197.234.0/23 maxlen: 23
176.52.222.0/23 maxlen: 23
185.2.64.0/22 maxlen: 22
185.209.164.0/22 maxlen: 22
200.69.8.0/21 maxlen: 21
2a01:a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Feb 2024 16:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:aa:90:7b:4f:ca:a5:3d:0f:63:ec:a9:c1:a2:a0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 26 16:46:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f79952f1a0b8ea5d3a79141e91b82f51b8aa1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0e:5b:d9:e1:dc:e6:e9:c3:20:b6:2d:07:4b:
a7:54:ec:fb:f4:53:58:2c:e2:8a:5b:c0:81:9b:c0:
16:e4:89:fb:8b:e2:2b:ea:ab:df:1b:54:0e:a2:09:
8f:f6:c1:14:4e:d1:f6:57:d6:2d:f1:f6:42:0d:1a:
b6:a2:0e:9f:48:61:9f:e6:5f:6f:f5:61:d7:12:e7:
fc:b7:7c:4d:c6:d7:b2:02:d0:c4:c2:0b:34:a1:17:
33:6a:0e:89:96:c3:f2:36:07:37:78:9d:af:0c:aa:
c5:45:ed:b4:24:db:13:15:56:37:f0:ed:fb:f8:2d:
95:65:5e:d8:2b:5d:3f:4c:22:d0:4d:1b:e5:12:87:
45:cb:e6:ce:71:1b:63:cf:bb:66:08:23:14:6c:12:
88:28:d3:32:58:19:ad:d3:27:59:85:63:e1:aa:66:
16:ff:df:1f:b5:a8:13:cd:f7:5d:e6:70:5f:eb:db:
b9:59:e8:c8:06:c8:cc:45:3c:06:9a:4a:16:f3:73:
1b:3f:4e:65:ba:8b:66:1a:15:2b:66:ee:45:a1:d2:
a8:4c:79:20:f3:47:56:cf:cb:12:27:50:85:99:55:
cd:df:6b:ad:30:21:9a:de:e9:3f:5f:4b:7d:ab:3a:
a6:77:d1:41:32:26:f6:e7:82:61:54:72:d9:ea:55:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F7:99:52:F1:A0:B8:EA:5D:3A:79:14:1E:91:B8:2F:51:B8:AA:1F
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/YfeZUvGguOpdOnkUHpG4L1G4qh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
91.197.234.0/23
176.52.222.0/23
185.2.64.0/22
185.209.164.0/22
200.69.8.0/21
IPv6:
2a01:a8::/32
Signature Algorithm: sha256WithRSAEncryption
99:d2:4d:31:fc:a7:e7:dd:ab:c1:25:e9:42:ac:0d:67:b5:bc:
76:30:2c:8a:af:66:19:db:82:60:2f:8b:60:76:49:9c:33:5e:
5a:be:08:0c:6e:39:b3:ae:45:bf:1a:40:3a:0f:1f:1a:fb:a3:
43:61:77:9f:4e:70:d3:e4:17:7d:51:18:60:c2:73:a2:93:6c:
6b:f6:6d:ad:3f:51:46:65:1e:26:e4:ee:74:b7:c7:11:16:c1:
bc:c5:b7:fd:be:7a:9e:fd:2b:17:62:5f:c2:05:40:f4:4f:eb:
58:f1:0c:fd:ca:d1:d3:1e:0f:28:06:cc:64:63:6e:a9:94:f0:
ae:b8:7c:19:c9:63:85:71:15:cb:af:7c:4b:21:14:84:b1:7f:
e3:5f:52:5c:90:b1:c8:84:9a:d8:16:b6:14:09:3d:f3:75:81:
83:d9:6d:77:ab:3e:01:4a:4b:75:89:7a:3a:8f:47:00:b2:a8:
39:67:ad:6a:93:1d:2c:4f:2a:69:a7:47:a9:a7:c7:8f:40:4d:
58:b0:32:18:79:c7:1c:6d:50:5f:b3:0d:c6:33:1b:5d:c9:ed:
37:92:36:89:3f:11:c0:19:d6:47:fa:75:64:48:16:75:47:82:
ee:bb:e5:79:ec:07:6f:4c:9f:03:be:f7:88:8e:48:93:bb:db:
cc:81:5c:59
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY1GqpB7T8qlPQ9j7KnBoqAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTI2MTY0NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY3OTk1MmYxYTBiOGVhNWQzYTc5MTQxZTkxYjgyZjUxYjhhYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg5b2eHc5unDILYtB0unVOz79FNY
LOKKW8CBm8AW5In7i+Ir6qvfG1QOogmP9sEUTtH2V9Yt8fZCDRq2og6fSGGf5l9v
9WHXEuf8t3xNxteyAtDEwgs0oRczag6JlsPyNgc3eJ2vDKrFRe20JNsTFVY38O37
+C2VZV7YK10/TCLQTRvlEodFy+bOcRtjz7tmCCMUbBKIKNMyWBmt0ydZhWPhqmYW
/98ftagTzfdd5nBf69u5WejIBsjMRTwGmkoW83MbP05luotmGhUrZu5FodKoTHkg
80dWz8sSJ1CFmVXN32utMCGa3uk/X0t9qzqmd9FBMib254JhVHLZ6lVnhwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGH3mVLxoLjqXTp5FB6RuC9RuKofMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvWWZlWlV2R2d1T3BkT25rVUhwRzRMMUc0cWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCudGkAwQDyEUIMA0EAgACMAcD
BQAqAQCoMA0GCSqGSIb3DQEBCwUAA4IBAQCZ0k0x/Kfn3avBJelCrA1ntbx2MCyK
r2YZ24JgL4tgdkmcM15avggMbjmzrkW/GkA6Dx8a+6NDYXefTnDT5Bd9URhgwnOi
k2xr9m2tP1FGZR4m5O50t8cRFsG8xbf9vnqe/SsXYl/CBUD0T+tY8Qz9ytHTHg8o
BsxkY26plPCuuHwZyWOFcRXLr3xLIRSEsX/jX1JckLHIhJrYFrYUCT3zdYGD2W13
qz4BSkt1iXo6j0cAsqg5Z61qkx0sTyppp0epp8ePQE1YsDIYecccbVBfsw3GMxtd
ye03kjaJPxHAGdZH+nVkSBZ1R4Luu+V57AdvTJ8DvveIjkiTu9vMgVxZ
-----END CERTIFICATE-----
Generated at Fri Feb 2 20:33:31 2024 by rpki-client on console-fra.rpki-client.org