Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/YhdojpQw3F5d6FxHpEzaRCndqnQ.roa
File: YhdojpQw3F5d6FxHpEzaRCndqnQ.roa (raw, json)
Hash identifier: aJOrW2SfuTIjgOeEClpcCImThtQ6NtSQYjxL274qiIU=
Subject key identifier: 62:17:68:8E:94:30:DC:5E:5D:E8:5C:47:A4:4C:DA:44:29:DD:AA:74
Certificate issuer: /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial: 01861F0A886B95D5822D55A0C1F6B0E25761
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/YhdojpQw3F5d6FxHpEzaRCndqnQ.roa
Signing time: Sun 05 Feb 2023 00:47:09 +0000
ROA not before: Sun 05 Feb 2023 00:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 37.230.138.0/24 maxlen: 24
81.16.176.0/24 maxlen: 24
81.16.177.0/24 maxlen: 24
91.208.92.0/24 maxlen: 24
194.213.3.0/24 maxlen: 24
213.170.135.0/24 maxlen: 24
45.143.196.0/22 maxlen: 24
2a10:e780::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 21 Dec 2023 12:26:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:1f:0a:88:6b:95:d5:82:2d:55:a0:c1:f6:b0:e2:57:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
Validity
Not Before: Feb 5 00:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6217688e9430dc5e5de85c47a44cda4429ddaa74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2d:d4:66:fb:a0:48:93:20:46:c6:b0:f1:69:
46:63:02:c4:23:50:2e:8f:00:1b:4d:ce:f1:fa:f5:
35:b8:e8:39:e9:04:e3:6a:de:45:38:94:45:e7:62:
ad:c8:b0:37:12:07:a8:3e:c8:d5:c4:cb:a7:94:9f:
0d:31:bb:98:2e:dd:26:ad:89:d6:25:3d:3e:0a:87:
30:a6:d7:37:85:88:e6:cf:0e:96:39:c5:85:4d:ec:
75:c3:a1:82:a1:3b:c0:03:fe:df:ba:6d:8c:46:93:
02:cc:d9:af:fa:e7:c9:61:7a:d5:20:94:74:1f:88:
8a:7c:64:1a:50:f2:79:cd:09:5c:57:75:5b:0e:a2:
0f:ec:dc:9d:c1:f4:f9:e1:ab:e6:10:49:4b:88:3a:
ca:36:33:30:59:a9:b1:09:6e:a9:49:69:3b:a7:ba:
e6:7b:37:26:6f:d9:da:58:c0:aa:6e:13:ce:f0:7d:
fc:18:b9:d0:bf:a3:d6:c0:4d:a5:4e:0c:fb:c0:87:
be:90:af:f1:d5:29:fc:4c:bc:5d:31:94:84:10:26:
18:d8:c7:27:f0:21:27:f9:aa:11:18:3e:d3:78:72:
4c:7d:06:f7:4d:7e:c4:24:77:17:85:55:d9:60:95:
a2:cd:4d:9d:09:87:9b:1d:b1:94:8f:8d:1a:f3:99:
d3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:17:68:8E:94:30:DC:5E:5D:E8:5C:47:A4:4C:DA:44:29:DD:AA:74
X509v3 Authority Key Identifier:
keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/YhdojpQw3F5d6FxHpEzaRCndqnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.138.0/24
45.143.196.0/22
81.16.176.0/23
91.208.92.0/24
194.213.3.0/24
213.170.135.0/24
IPv6:
2a10:e780::/40
Signature Algorithm: sha256WithRSAEncryption
a1:44:23:f7:42:c6:d1:b0:c7:ab:e3:15:23:e8:1b:34:d4:74:
59:81:fb:f7:81:61:07:6d:9d:67:7d:16:39:14:17:1f:ea:74:
fc:3d:00:47:b3:e6:96:eb:3c:fa:c1:7d:02:ac:0e:9b:b5:5b:
87:45:a3:de:61:f4:da:b0:ea:22:64:52:84:33:d2:a7:f1:d8:
88:c3:4f:b7:5a:92:c7:8f:b4:ad:7c:e2:cd:0c:49:2d:0d:f5:
e1:0e:47:3d:c0:c6:f1:09:e9:2b:28:ba:e5:81:33:13:7b:35:
32:88:5a:77:e6:b5:61:30:e6:af:7b:a9:9c:98:9e:8c:c8:36:
0d:e6:73:b7:7a:f6:2a:63:af:1e:94:3c:7a:3b:cf:1b:e5:7c:
dd:84:fd:cd:ac:a0:32:48:44:ce:a5:83:c0:70:e3:1c:1a:4f:
9e:89:ec:fa:a8:f9:74:e4:be:69:83:d1:c9:94:59:8f:37:ca:
37:02:c7:05:68:c3:64:40:68:60:53:47:2d:6b:31:f6:6b:41:
69:d1:b7:67:5a:ed:56:a4:3c:fc:3f:eb:d0:f4:03:b6:f7:13:
5b:bd:fd:2a:58:3f:dc:c1:b6:03:1e:b6:90:aa:9c:76:3d:82:
4a:cb:a8:d1:2b:07:d2:23:14:8f:71:3a:a0:d2:51:b4:ad:6d:
a5:60:f1:f4
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYYfCohrldWCLVWgwfaw4ldhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMwMjA1MDA0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE3Njg4ZTk0MzBkYzVlNWRlODVjNDdhNDRjZGE0NDI5ZGRhYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy3UZvugSJMgRsaw8WlGYwLEI1Au
jwAbTc7x+vU1uOg56QTjat5FOJRF52KtyLA3EgeoPsjVxMunlJ8NMbuYLt0mrYnW
JT0+Cocwptc3hYjmzw6WOcWFTex1w6GCoTvAA/7fum2MRpMCzNmv+ufJYXrVIJR0
H4iKfGQaUPJ5zQlcV3VbDqIP7NydwfT54avmEElLiDrKNjMwWamxCW6pSWk7p7rm
ezcmb9naWMCqbhPO8H38GLnQv6PWwE2lTgz7wIe+kK/x1Sn8TLxdMZSEECYY2Mcn
8CEn+aoRGD7TeHJMfQb3TX7EJHcXhVXZYJWizU2dCYebHbGUj40a85nTvQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGIXaI6UMNxeXehcR6RM2kQp3ap0MB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvWWhkb2pwUXczRjVkNkZ4SHBFemFSQ25kcW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAwtUDAwQA1aqHMA4EAgACMAgDBgAqEOeAADANBgkq
hkiG9w0BAQsFAAOCAQEAoUQj90LG0bDHq+MVI+gbNNR0WYH794FhB22dZ30WORQX
H+p0/D0AR7Pmlus8+sF9AqwOm7Vbh0Wj3mH02rDqImRShDPSp/HYiMNPt1qSx4+0
rXzizQxJLQ314Q5HPcDG8QnpKyi65YEzE3s1Mohad+a1YTDmr3upnJiejMg2DeZz
t3r2KmOvHpQ8ejvPG+V83YT9zaygMkhEzqWDwHDjHBpPnons+qj5dOS+aYPRyZRZ
jzfKNwLHBWjDZEBoYFNHLWsx9mtBadG3Z1rtVqQ8/D/r0PQDtvcTW739Klg/3MG2
Ax62kKqcdj2CSsuo0SsH0iMUj3E6oNJRtK1tpWDx9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:38 2024 by rpki-client on console-ams.rpki-client.org