Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/yABts4yKPRnbR_pWhkzwRRhbAVo.roa
File: yABts4yKPRnbR_pWhkzwRRhbAVo.roa (raw, json)
Hash identifier: p8P6cR3zys3xQPApgcpqIHM4OhIXerb+tR1TFXXddtI=
Subject key identifier: C8:00:6D:B3:8C:8A:3D:19:DB:47:FA:56:86:4C:F0:45:18:5B:01:5A
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 018CF885F03E2B2CCA53331C85A54BEF2E49
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/yABts4yKPRnbR_pWhkzwRRhbAVo.roa
Signing time: Thu 11 Jan 2024 12:36:16 +0000
ROA not before: Thu 11 Jan 2024 12:36:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.166.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.172.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/24 maxlen: 24
151.236.176.0/24 maxlen: 24
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.173.0/24 maxlen: 24
151.236.174.0/24 maxlen: 24
151.236.175.0/24 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.180.0/24 maxlen: 24
151.236.181.0/24 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.190.0/24 maxlen: 24
151.236.191.0/24 maxlen: 24
151.236.188.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
198.176.117.0/24 maxlen: 24
45.153.119.0/24 maxlen: 24
45.153.117.0/24 maxlen: 24
45.153.118.0/24 maxlen: 24
45.153.116.0/24 maxlen: 24
198.160.168.0/24 maxlen: 24
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:85:f0:3e:2b:2c:ca:53:33:1c:85:a5:4b:ef:2e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Jan 11 12:36:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8006db38c8a3d19db47fa56864cf045185b015a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b4:45:34:73:8c:c7:d3:77:29:09:8e:72:ce:
35:30:24:82:24:d3:4c:53:97:00:a0:8e:95:6a:e4:
1b:99:d6:fd:ba:da:37:28:ff:1a:e0:99:33:dd:4d:
5e:15:43:5b:67:28:84:73:88:e2:48:23:b7:b4:42:
7a:c1:81:9a:27:82:5e:33:50:6e:25:ad:89:c2:25:
50:90:17:c9:a2:d7:ca:d1:d2:d1:9d:f2:5f:88:0c:
b5:d9:d3:4f:cc:a6:b8:bb:02:2c:e7:1b:87:4d:51:
6d:27:e3:d2:3f:8a:cf:e9:93:75:ea:61:c5:59:b4:
1f:1d:c6:02:f4:3b:01:02:85:cc:03:e2:ad:68:88:
61:80:eb:aa:11:c4:de:5e:a8:69:2a:71:dd:04:b6:
fe:b5:02:a9:cc:fc:19:6f:2c:cc:d2:94:cc:3c:27:
a6:49:10:d7:3d:8b:c7:bd:22:ea:a8:8e:89:db:b9:
bc:0d:fc:d9:45:77:e2:81:d0:03:0c:04:fd:29:14:
e0:bb:a9:bf:a8:f8:f4:59:09:7b:4e:19:60:7a:2d:
df:65:54:ad:ad:4b:1c:fb:f4:73:a8:ec:37:1f:34:
f8:82:6f:27:8b:21:a2:69:5e:d0:a8:a7:8e:8d:86:
bc:1f:97:9e:3d:e4:ff:e3:1b:d8:d3:a3:b1:40:ce:
09:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:00:6D:B3:8C:8A:3D:19:DB:47:FA:56:86:4C:F0:45:18:5B:01:5A
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/yABts4yKPRnbR_pWhkzwRRhbAVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.169.255
151.236.172.0-151.236.176.255
151.236.178.0-151.236.183.255
151.236.188.0/22
198.160.168.0/24
198.176.117.0/24
IPv6:
2a10:2200:b::-2a10:2200:c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:9c:11:50:dc:77:91:65:08:5c:e0:f6:8c:e2:0e:ae:22:f5:
6d:3e:c3:c8:e9:27:2f:3c:f5:0f:34:19:c7:05:93:c7:e4:dd:
35:c3:89:b2:8b:ab:69:33:ac:27:19:75:5d:05:42:06:5d:d5:
46:5c:eb:b4:61:25:04:b9:7d:2b:a8:42:03:36:5d:77:95:ba:
58:c0:91:32:cb:85:50:2e:c6:9f:65:91:3f:77:fd:f4:8f:94:
5e:b3:43:c7:83:54:b5:b7:5d:d0:c9:74:02:5b:a8:ac:e9:5f:
6c:d4:50:6b:b9:a9:66:74:13:a6:f3:32:41:81:f5:f5:d2:b8:
7e:e7:e3:4d:d2:4e:1e:c3:d2:4b:43:ee:19:61:a1:ba:f6:ff:
3b:db:a7:23:4c:72:83:61:78:d2:98:a2:a4:61:ab:46:86:a4:
4e:e7:64:e5:93:b5:aa:67:f2:ab:6e:a6:78:7e:e5:6f:f9:67:
c2:29:83:bd:86:c7:41:eb:dc:9c:c6:ca:f9:48:89:56:f3:dc:
2b:39:41:6c:f9:c2:82:80:ad:83:05:ec:35:c9:b9:7f:90:28:
3d:7d:72:a5:3e:19:7d:97:0f:83:1b:33:cc:88:63:89:3d:6b:
c7:27:fa:cf:b4:85:72:e7:75:d7:82:a5:15:b7:ed:c6:e0:af:
40:20:60:f2
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYz4hfA+KyzKUzMchaVL7y5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjQwMTExMTIzNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODAwNmRiMzhjOGEzZDE5ZGI0N2ZhNTY4NjRjZjA0NTE4NWIwMTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17RFNHOMx9N3KQmOcs41MCSCJNNM
U5cAoI6VauQbmdb9uto3KP8a4Jkz3U1eFUNbZyiEc4jiSCO3tEJ6wYGaJ4JeM1Bu
Ja2JwiVQkBfJotfK0dLRnfJfiAy12dNPzKa4uwIs5xuHTVFtJ+PSP4rP6ZN16mHF
WbQfHcYC9DsBAoXMA+KtaIhhgOuqEcTeXqhpKnHdBLb+tQKpzPwZbyzM0pTMPCem
SRDXPYvHvSLqqI6J27m8DfzZRXfigdADDAT9KRTgu6m/qPj0WQl7Thlgei3fZVSt
rUsc+/RzqOw3HzT4gm8niyGiaV7QqKeOjYa8H5eePeT/4xvY06OxQM4JRQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFMgAbbOMij0Z20f6VoZM8EUYWwFaMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEveUFCdHM0eUtQUm5iUl9wV2hrendSUmhiQVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBIBAIAATBCAwQCLZl0MAwD
BAWX7KADBAGX7KgwDAMEApfsrAMEAJfssDAMAwQBl+yyAwQDl+ywAwQCl+y8AwQA
xqCoAwQAxrB1MBoEAgACMBQwEgMHACoQIgAACwMHACoQIgAADDANBgkqhkiG9w0B
AQsFAAOCAQEAIpwRUNx3kWUIXOD2jOIOriL1bT7DyOknLzz1DzQZxwWTx+TdNcOJ
souraTOsJxl1XQVCBl3VRlzrtGElBLl9K6hCAzZdd5W6WMCRMsuFUC7Gn2WRP3f9
9I+UXrNDx4NUtbdd0Ml0AluorOlfbNRQa7mpZnQTpvMyQYH19dK4fufjTdJOHsPS
S0PuGWGhuvb/O9unI0xyg2F40piipGGrRoakTudk5ZO1qmfyq26meH7lb/lnwimD
vYbHQevcnMbK+UiJVvPcKzlBbPnCgoCtgwXsNcm5f5AoPX1ypT4ZfZcPgxszzIhj
iT1rxyf6z7SFcud114KlFbftxuCvQCBg8g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:44 2025 by rpki-client