Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/YZPOLOTj9dJFg9DawLaTh37uzig.roa
File: YZPOLOTj9dJFg9DawLaTh37uzig.roa (raw, json)
Hash identifier: ME4NJnqtuMOowVNeDum67qBQn3Unvz0J3pCCQ2hfsrQ=
Subject key identifier: 61:93:CE:2C:E4:E3:F5:D2:45:83:D0:DA:C0:B6:93:87:7E:EE:CE:28
Certificate issuer: /CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Certificate serial: 0189AB0A9B9A5B7C2AB087A386C3D27543A6
Authority key identifier: 99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/YZPOLOTj9dJFg9DawLaTh37uzig.roa
Signing time: Mon 31 Jul 2023 08:22:26 +0000
ROA not before: Mon 31 Jul 2023 08:22:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199483
IP address blocks: 185.167.0.0/22 maxlen: 24
185.221.88.0/22 maxlen: 24
185.15.24.0/22 maxlen: 24
193.164.151.0/24 maxlen: 24
31.14.0.0/22 maxlen: 24
91.209.103.0/24 maxlen: 24
2a02:f840::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:0a:9b:9a:5b:7c:2a:b0:87:a3:86:c3:d2:75:43:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9907c7b89656dd339cb98fb7c2b0371c5926a641
Validity
Not Before: Jul 31 08:22:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6193ce2ce4e3f5d24583d0dac0b693877eeece28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e3:8a:e7:6b:6f:f4:ab:f7:87:53:f8:ca:d8:
46:1c:71:5f:a9:70:05:6c:f6:3b:79:fe:96:7c:11:
56:91:36:fb:7d:94:9b:c3:61:25:01:70:4e:a0:c1:
81:a2:1d:a9:a1:87:69:79:f8:ba:f4:3b:fc:8c:b7:
60:2a:23:ba:cb:70:07:f4:13:38:75:42:92:16:10:
cd:f7:3e:1c:9f:97:e1:c7:be:33:5f:70:cc:e7:18:
a5:61:74:05:14:35:fb:ef:da:02:20:1e:12:57:56:
5d:5f:f8:64:4f:3c:2e:0d:cc:ae:a2:21:32:11:be:
91:a8:8d:51:81:09:bb:5b:3e:34:a1:74:b7:d3:dd:
ee:56:9f:92:81:b5:96:ec:dd:a4:77:97:cd:69:58:
1b:21:44:38:e6:ef:20:5f:0d:b2:45:b1:5c:d0:a8:
27:51:9c:46:9f:39:27:02:12:67:1b:c0:83:10:a3:
19:08:19:11:69:4e:48:a5:e1:d2:a6:1b:83:1a:7f:
d1:53:39:ca:e0:7d:0e:18:7a:a6:79:f8:32:42:58:
a1:20:60:e8:d5:4d:6b:02:ea:7a:c7:f6:ce:d8:6f:
1c:64:16:14:d9:dc:4f:1f:76:05:51:b9:42:10:29:
4d:21:31:18:0f:5c:aa:7d:3f:00:89:bd:68:81:fb:
58:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:93:CE:2C:E4:E3:F5:D2:45:83:D0:DA:C0:B6:93:87:7E:EE:CE:28
X509v3 Authority Key Identifier:
keyid:99:07:C7:B8:96:56:DD:33:9C:B9:8F:B7:C2:B0:37:1C:59:26:A6:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mQfHuJZW3TOcuY-3wrA3HFkmpkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/YZPOLOTj9dJFg9DawLaTh37uzig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/7dd289-6cb5-4371-846c-93dec735f717/1/mQfHuJZW3TOcuY-3wrA3HFkmpkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.0.0/22
91.209.103.0/24
185.15.24.0/22
185.167.0.0/22
185.221.88.0/22
193.164.151.0/24
IPv6:
2a02:f840::/29
Signature Algorithm: sha256WithRSAEncryption
1d:2c:23:2f:a2:f5:3f:be:9e:ac:df:e2:ac:d4:37:c8:22:be:
6d:76:16:0c:3c:d4:1f:7b:96:3c:32:3d:04:f0:fd:6d:a4:92:
4b:fb:86:eb:73:06:92:d6:4f:1c:5a:15:24:b7:63:75:c7:c2:
3b:e6:bf:31:85:d2:a1:b5:30:1b:d0:0d:0d:67:72:bf:61:9c:
c8:3b:ae:18:15:5b:83:d6:74:98:cb:ef:d6:09:84:b1:b2:e9:
30:3e:7e:62:97:a2:27:b5:f1:de:13:85:a1:16:27:eb:14:47:
c4:ec:93:b2:b1:69:25:7d:b0:7a:7f:ed:97:c7:20:2d:96:91:
97:ef:01:07:b5:cd:49:bd:e5:08:19:38:a7:46:74:84:49:71:
cf:48:1f:fc:4b:27:8f:c1:40:c1:68:6e:11:c7:ce:d6:bb:b6:
f3:fa:27:12:b4:74:50:70:37:c5:c6:1e:40:59:be:a2:e1:e1:
2e:f1:ea:62:9f:fe:75:4d:9c:59:df:93:8a:cb:88:29:17:f5:
ce:6c:0f:78:09:43:6a:75:de:57:d3:c9:3d:0b:99:4b:b1:bb:
d5:4b:65:9b:c0:3f:1f:c0:46:fe:bd:3a:a9:5e:14:cc:9a:99:
81:e2:6e:62:03:38:e2:56:99:28:80:d4:3f:78:c1:b8:ed:25:
f9:ef:1f:a2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYmrCpuaW3wqsIejhsPSdUOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MDdjN2I4OTY1NmRkMzM5Y2I5OGZiN2MyYjAzNzFjNTky
NmE2NDEwHhcNMjMwNzMxMDgyMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTkzY2UyY2U0ZTNmNWQyNDU4M2QwZGFjMGI2OTM4NzdlZWVjZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+OK52tv9Kv3h1P4ythGHHFfqXAF
bPY7ef6WfBFWkTb7fZSbw2ElAXBOoMGBoh2poYdpefi69Dv8jLdgKiO6y3AH9BM4
dUKSFhDN9z4cn5fhx74zX3DM5xilYXQFFDX779oCIB4SV1ZdX/hkTzwuDcyuoiEy
Eb6RqI1RgQm7Wz40oXS3093uVp+SgbWW7N2kd5fNaVgbIUQ45u8gXw2yRbFc0Kgn
UZxGnzknAhJnG8CDEKMZCBkRaU5IpeHSphuDGn/RUznK4H0OGHqmefgyQlihIGDo
1U1rAup6x/bO2G8cZBYU2dxPH3YFUblCEClNITEYD1yqfT8Aib1ogftY4wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGGTzizk4/XSRYPQ2sC2k4d+7s4oMB8GA1UdIwQY
MBaAFJkHx7iWVt0znLmPt8KwNxxZJqZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVFmSHVKWlczVE9jdVktM3dyQTNIRmttcGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83ZGQyODktNmNiNS00MzcxLTg0NmMt
OTNkZWM3MzVmNzE3LzEvWVpQT0xPVGo5ZEpGZzlEYXdMYVRoMzd1emlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS83ZGQyODktNmNiNS00MzcxLTg0NmMtOTNkZWM3MzVmNzE3
LzEvbVFmSHVKWlczVE9jdVktM3dyQTNIRmttcGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCHw4AAwQA
W9FnAwQCuQ8YAwQCuacAAwQCud1YAwQAwaSXMA0EAgACMAcDBQMqAvhAMA0GCSqG
SIb3DQEBCwUAA4IBAQAdLCMvovU/vp6s3+Ks1DfIIr5tdhYMPNQfe5Y8Mj0E8P1t
pJJL+4brcwaS1k8cWhUkt2N1x8I75r8xhdKhtTAb0A0NZ3K/YZzIO64YFVuD1nSY
y+/WCYSxsukwPn5il6IntfHeE4WhFifrFEfE7JOysWklfbB6f+2XxyAtlpGX7wEH
tc1JveUIGTinRnSESXHPSB/8SyePwUDBaG4Rx87Wu7bz+icStHRQcDfFxh5AWb6i
4eEu8epin/51TZxZ35OKy4gpF/XObA94CUNqdd5X08k9C5lLsbvVS2WbwD8fwEb+
vTqpXhTMmpmB4m5iAzjiVpkogNQ/eMG47SX57x+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org