Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YzH_4-6Z0xOsf_fkbhYZDH63m6s.roa
File: YzH_4-6Z0xOsf_fkbhYZDH63m6s.roa (raw, json)
Hash identifier: BkieUYjXDo3CeHEIVugRRa6DLoEGyqGcPJUVPfJT9+g=
Subject key identifier: 63:31:FF:E3:EE:99:D3:13:AC:7F:F7:E4:6E:16:19:0C:7E:B7:9B:AB
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018CC348F5A3EDE928F736C7DCF2239D3C01
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YzH_4-6Z0xOsf_fkbhYZDH63m6s.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40980
IP address blocks: 144.208.192.0/21 maxlen: 22
144.208.200.0/22 maxlen: 22
185.50.234.0/24 maxlen: 24
2a01:aea0:dd5::/48 maxlen: 48
2a01:aea0:df5::/48 maxlen: 48
2a01:aea0:df3::/48 maxlen: 48
2a01:aea0:dd3::/48 maxlen: 48
2a01:aea0:df4::/48 maxlen: 48
2a01:aea0:dd4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Jun 2024 07:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f5:a3:ed:e9:28:f7:36:c7:dc:f2:23:9d:3c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6331ffe3ee99d313ac7ff7e46e16190c7eb79bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ce:4d:a1:9a:b3:6a:a0:bc:ae:51:6c:25:62:
08:82:02:e8:cb:93:e4:8a:77:3b:5f:c1:9d:51:35:
b7:9c:23:3c:9b:5e:21:90:07:02:03:c1:1a:67:03:
9e:1a:8d:83:74:79:19:56:85:2c:15:d7:1e:1e:5d:
23:3a:41:af:0b:3d:ae:69:61:a2:54:81:c1:a8:f7:
b4:7b:67:6c:9d:b8:5d:41:3c:4f:46:c5:04:49:bb:
ad:04:27:cc:8c:1d:d8:46:41:6e:21:86:8b:8f:eb:
a2:67:99:c4:92:45:31:5f:6e:24:0c:1c:d5:45:00:
93:28:be:df:c2:91:00:56:ff:8a:85:40:a2:53:36:
2c:0f:7f:0a:2f:29:c1:84:1a:59:a6:c8:fc:7d:79:
2a:b3:82:c3:76:10:26:60:0c:16:fb:2d:6e:c8:a7:
0e:10:0d:6c:94:3b:0c:ff:68:b1:69:ec:7e:45:ba:
5d:18:13:b7:da:a3:62:f0:7e:5d:6b:15:9f:78:14:
31:25:2a:61:20:88:e2:1e:25:7a:22:16:2c:a2:e7:
36:5f:f4:93:68:e4:ee:51:2c:70:26:9f:97:5f:c6:
b1:d6:0a:c9:b1:22:c1:7b:9a:19:19:c4:a7:9f:6f:
99:d5:ae:0d:bd:9a:13:49:ad:47:7d:b5:9d:ae:52:
2c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:31:FF:E3:EE:99:D3:13:AC:7F:F7:E4:6E:16:19:0C:7E:B7:9B:AB
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/YzH_4-6Z0xOsf_fkbhYZDH63m6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.192.0-144.208.203.255
185.50.234.0/24
IPv6:
2a01:aea0:dd3::-2a01:aea0:dd5:ffff:ffff:ffff:ffff:ffff
2a01:aea0:df3::-2a01:aea0:df5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:fb:e0:5a:01:21:d1:a6:bd:0e:07:45:52:e7:d1:44:17:81:
5a:56:7a:09:64:25:7a:4f:0f:10:c5:e9:81:56:4f:77:92:66:
4a:bc:3c:8f:20:00:61:1f:07:6d:a1:1a:f1:1e:a2:2f:d2:d4:
5b:19:9f:29:80:52:7c:e1:fb:49:e5:67:cb:fc:36:1d:d6:d1:
83:b5:c7:dc:d5:c0:c9:16:13:7b:06:85:f4:c4:67:8d:ab:f0:
7f:90:85:cb:c0:89:f8:2a:41:33:7b:e9:97:85:cf:e4:12:3e:
46:f8:a0:c6:0c:f7:3c:74:51:94:e7:f8:3a:9c:43:27:91:56:
a9:c1:1a:4a:a1:59:27:e5:0f:b9:8d:ae:6f:64:cd:15:6d:23:
90:20:6f:52:f1:ac:d5:ad:0d:1c:a4:f6:15:d8:d9:be:0a:8d:
38:c5:07:86:a6:49:b1:ef:47:a3:30:60:27:59:b7:be:1b:c0:
1b:f4:b3:25:25:af:1e:5b:76:93:1b:53:de:7b:50:bb:25:c8:
80:a4:2f:ff:c3:01:3d:41:6d:5b:b0:6f:c2:e0:93:33:82:b5:
3a:60:33:04:8e:bf:17:69:a8:af:72:e0:ea:db:47:4a:77:d7:
fd:e5:77:67:27:37:90:d0:3a:44:2b:e5:cd:b0:29:32:86:8b:
1c:e5:27:bb
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzDSPWj7eko9zbH3PIjnTwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMxZmZlM2VlOTlkMzEzYWM3ZmY3ZTQ2ZTE2MTkwYzdlYjc5YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM5NoZqzaqC8rlFsJWIIggLoy5Pk
inc7X8GdUTW3nCM8m14hkAcCA8EaZwOeGo2DdHkZVoUsFdceHl0jOkGvCz2uaWGi
VIHBqPe0e2dsnbhdQTxPRsUESbutBCfMjB3YRkFuIYaLj+uiZ5nEkkUxX24kDBzV
RQCTKL7fwpEAVv+KhUCiUzYsD38KLynBhBpZpsj8fXkqs4LDdhAmYAwW+y1uyKcO
EA1slDsM/2ixaex+RbpdGBO32qNi8H5daxWfeBQxJSphIIjiHiV6IhYsouc2X/ST
aOTuUSxwJp+XX8ax1grJsSLBe5oZGcSnn2+Z1a4NvZoTSa1HfbWdrlIszQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGMx/+PumdMTrH/35G4WGQx+t5urMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvWXpIXzQtNloweE9zZl9ma2JoWVpESDYzbTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAaBAIAATAUMAwDBAaQ0MAD
BAKQ0MgDBAC5MuowLgQCAAIwKDASAwcAKgGuoA3TAwcBKgGuoA3UMBIDBwAqAa6g
DfMDBwEqAa6gDfQwDQYJKoZIhvcNAQELBQADggEBAAT74FoBIdGmvQ4HRVLn0UQX
gVpWeglkJXpPDxDF6YFWT3eSZkq8PI8gAGEfB22hGvEeoi/S1FsZnymAUnzh+0nl
Z8v8Nh3W0YO1x9zVwMkWE3sGhfTEZ42r8H+QhcvAifgqQTN76ZeFz+QSPkb4oMYM
9zx0UZTn+DqcQyeRVqnBGkqhWSflD7mNrm9kzRVtI5Agb1LxrNWtDRyk9hXY2b4K
jTjFB4amSbHvR6MwYCdZt74bwBv0syUlrx5bdpMbU957ULslyICkL//DAT1BbVuw
b8LgkzOCtTpgMwSOvxdpqK9y4OrbR0p31/3ld2cnN5DQOkQr5c2wKTKGixzlJ7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:50 2024 by rpki-client on console-ams.rpki-client.org