Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/ShyeTWvT_vD9k50Wm_UUTxapKUA.roa
File: ShyeTWvT_vD9k50Wm_UUTxapKUA.roa (raw, json)
Hash identifier: 1d1q2JO2SgSzfeLew066aWlz74h29x9eR/SUvozVa8E=
Subject key identifier: 4A:1C:9E:4D:6B:D3:FE:F0:FD:93:9D:16:9B:F5:14:4F:16:A9:29:40
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018FB87C92CA5D3092DB9E4BF2B3A604BF0F
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/ShyeTWvT_vD9k50Wm_UUTxapKUA.roa
Signing time: Mon 27 May 2024 05:18:42 +0000
ROA not before: Mon 27 May 2024 05:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.32.200.0/24 maxlen: 24
103.47.52.0/22 maxlen: 22
188.215.5.0/24 maxlen: 24
2a07:4a80::/29 maxlen: 29
2a0a:eb00::/29 maxlen: 29
2a0a:eb00::/30 maxlen: 30
2a0f:c840::/29 maxlen: 29
2a11:3bc0::/29 maxlen: 29
2a11:3bc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Thu 06 Jun 2024 07:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b8:7c:92:ca:5d:30:92:db:9e:4b:f2:b3:a6:04:bf:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: May 27 05:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a1c9e4d6bd3fef0fd939d169bf5144f16a92940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8c:74:27:30:15:9d:a7:44:98:bc:11:c5:31:
c4:f6:d5:30:c7:77:94:a7:f3:08:62:62:19:3b:ae:
dc:03:38:0c:66:be:e1:c4:13:a0:ce:cb:8c:d6:cd:
ff:33:77:81:9b:38:4c:54:a0:81:cc:58:e4:8d:3a:
a3:b1:a2:86:26:9f:c6:03:08:11:af:1b:c2:15:65:
4b:9d:7d:ce:4d:00:cb:38:c9:82:d8:76:6d:37:f4:
c4:c9:c9:58:df:d5:22:02:0b:72:38:80:6a:9f:26:
c7:44:f7:4a:dd:48:33:e6:6d:5c:ce:53:87:54:15:
e1:b0:2b:0e:00:23:fe:ec:68:7b:ed:bf:ee:d6:34:
a1:db:0e:32:b5:64:b5:e6:d1:ff:86:54:3a:25:f8:
ff:d8:14:d3:c9:b7:c9:c3:7f:61:bf:3b:f4:3c:3d:
17:f3:6b:a0:ea:6b:cf:00:15:43:61:a3:94:18:64:
14:cd:54:be:43:31:b5:c6:36:3a:3f:57:34:a7:ff:
17:4d:2b:7c:ea:df:16:a8:c0:9e:97:57:20:e5:6b:
ed:b4:1c:60:18:b1:2c:34:e4:56:3a:f3:e5:79:fe:
00:d4:13:f4:8e:fb:b7:ca:ce:c9:d3:f3:05:16:32:
af:a9:f9:dc:79:30:ed:2d:74:78:e3:f7:d1:83:fa:
f8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1C:9E:4D:6B:D3:FE:F0:FD:93:9D:16:9B:F5:14:4F:16:A9:29:40
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/ShyeTWvT_vD9k50Wm_UUTxapKUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.200.0/24
103.47.52.0/22
188.215.5.0/24
IPv6:
2a07:4a80::/29
2a0a:eb00::/29
2a0f:c840::/29
2a11:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:44:11:4d:7a:39:66:cd:05:a4:ed:d5:f7:35:55:42:9f:9f:
f6:38:b6:9b:5f:f0:e8:73:08:6f:d9:4e:b1:be:74:57:ab:f8:
e9:06:a0:29:45:4a:00:15:fb:60:7d:07:7d:26:ec:27:33:53:
27:0d:47:92:dd:80:ef:81:36:58:6d:e1:d6:e4:48:6c:cd:65:
64:2c:a1:df:05:bb:a8:85:08:89:8b:33:37:fc:5b:d6:a7:f0:
da:f4:b4:43:34:c8:80:88:5a:fc:fb:a2:b1:1a:55:12:b9:04:
af:9c:a0:7f:24:24:71:c4:10:87:ce:60:dc:c7:e9:9c:d5:11:
85:81:30:e1:82:ba:76:73:7d:02:a1:f0:54:23:cd:07:f7:71:
98:35:3c:a1:55:71:b0:d2:61:dd:be:4b:5c:91:39:0d:9d:1d:
93:3f:98:f2:ac:f7:a1:a1:08:9b:0f:09:91:29:c9:72:bf:a3:
ac:c5:9b:f6:e4:3c:4a:0d:ec:1f:cb:e2:ec:6a:77:70:89:e7:
7b:3e:31:f6:62:a0:f7:03:13:7d:c2:98:fd:a2:14:e6:0d:6a:
ad:c7:7a:b1:26:a8:48:88:d5:19:19:64:a5:cc:c7:33:d7:18:
af:4f:87:e3:99:75:35:00:ef:cd:83:0b:2d:8c:42:9e:a9:1e:
7e:da:5b:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY+4fJLKXTCS255L8rOmBL8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwNTI3MDUxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFjOWU0ZDZiZDNmZWYwZmQ5MzlkMTY5YmY1MTQ0ZjE2YTkyOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64x0JzAVnadEmLwRxTHE9tUwx3eU
p/MIYmIZO67cAzgMZr7hxBOgzsuM1s3/M3eBmzhMVKCBzFjkjTqjsaKGJp/GAwgR
rxvCFWVLnX3OTQDLOMmC2HZtN/TEyclY39UiAgtyOIBqnybHRPdK3Ugz5m1czlOH
VBXhsCsOACP+7Gh77b/u1jSh2w4ytWS15tH/hlQ6Jfj/2BTTybfJw39hvzv0PD0X
82ug6mvPABVDYaOUGGQUzVS+QzG1xjY6P1c0p/8XTSt86t8WqMCel1cg5WvttBxg
GLEsNORWOvPlef4A1BP0jvu3ys7J0/MFFjKvqfnceTDtLXR44/fRg/r4/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEocnk1r0/7w/ZOdFpv1FE8WqSlAMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvU2h5ZVRXdlRfdkQ5azUwV21fVVVUeGFwS1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQAWSDIAwQC
Zy80AwQAvNcFMCIEAgACMBwDBQMqB0qAAwUDKgrrAAMFAyoPyEADBQMqETvAMA0G
CSqGSIb3DQEBCwUAA4IBAQC0RBFNejlmzQWk7dX3NVVCn5/2OLabX/Docwhv2U6x
vnRXq/jpBqApRUoAFftgfQd9JuwnM1MnDUeS3YDvgTZYbeHW5EhszWVkLKHfBbuo
hQiJizM3/FvWp/Da9LRDNMiAiFr8+6KxGlUSuQSvnKB/JCRxxBCHzmDcx+mc1RGF
gTDhgrp2c30CofBUI80H93GYNTyhVXGw0mHdvktckTkNnR2TP5jyrPehoQibDwmR
Kclyv6OsxZv25DxKDewfy+Lsandwied7PjH2YqD3AxN9wpj9ohTmDWqtx3qxJqhI
iNUZGWSlzMcz1xivT4fjmXU1AO/NgwstjEKeqR5+2luo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:35 2024 by rpki-client on console-ams.rpki-client.org