Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/YLnxMX6CV-pA2R_rSCZlXHKYOtE.roa
File: YLnxMX6CV-pA2R_rSCZlXHKYOtE.roa (raw, json)
Hash identifier: hOUUkxjhfQMv+Qw9bYpNofUVEzFyEL/Bope+vE45d+A=
Subject key identifier: 60:B9:F1:31:7E:82:57:EA:40:D9:1F:EB:48:26:65:5C:72:98:3A:D1
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 01873BA5CD6ECB6C6CBA0A74CCE4CC3A5812
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/YLnxMX6CV-pA2R_rSCZlXHKYOtE.roa
Signing time: Sat 01 Apr 2023 07:08:54 +0000
ROA not before: Sat 01 Apr 2023 07:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29512
IP address blocks: 195.140.236.0/22 maxlen: 24
94.231.224.0/20 maxlen: 24
185.10.120.0/22 maxlen: 22
79.110.0.0/20 maxlen: 24
5.39.192.0/21 maxlen: 21
2a00:fbc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:a5:cd:6e:cb:6c:6c:ba:0a:74:cc:e4:cc:3a:58:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Apr 1 07:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60b9f1317e8257ea40d91feb4826655c72983ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:e1:cc:98:51:02:e2:07:3c:e5:09:d5:0d:
49:9e:67:5e:ad:35:8b:fa:a7:47:44:4f:7b:bd:b4:
75:6f:27:39:b7:da:da:af:5d:f2:d3:83:ea:41:e2:
80:9c:4f:3a:7c:4e:fe:d7:0b:49:21:e6:d7:a0:22:
ff:e3:83:77:9d:f6:ad:01:b3:8c:9d:03:13:41:1b:
df:73:ea:79:e1:aa:94:4f:a1:c3:07:bd:0c:75:b7:
69:a3:50:6a:ff:b3:09:25:92:3c:59:90:19:d6:53:
6a:db:46:67:e6:5b:bf:b8:97:50:d6:66:1d:1f:1e:
0f:74:bd:7a:0f:42:22:02:e4:46:23:1d:c6:a1:a4:
d3:f2:2e:89:df:70:56:80:aa:21:32:8e:76:3b:c3:
bb:af:2c:da:34:77:46:13:7a:37:9b:a6:c6:76:d4:
02:f7:b1:35:e6:d1:a7:5c:1b:4f:45:86:1b:29:cc:
18:ea:a0:5a:53:04:a4:78:06:b4:c8:60:c1:d3:31:
e8:59:39:af:9f:36:a2:d9:2e:46:a1:e9:39:bd:07:
08:b9:5f:32:5b:61:98:40:30:65:c8:1b:13:1a:d9:
cb:3b:39:78:39:73:8a:66:7d:0e:51:8e:ff:60:4e:
cb:2a:d4:08:c2:68:9a:26:68:d3:94:60:a5:1f:5b:
ca:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B9:F1:31:7E:82:57:EA:40:D9:1F:EB:48:26:65:5C:72:98:3A:D1
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/YLnxMX6CV-pA2R_rSCZlXHKYOtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
79.110.0.0/20
94.231.224.0/20
185.10.120.0/22
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:51:dd:8e:0e:f9:7b:dd:43:10:31:ca:63:eb:5e:3b:0a:c1:
c9:3c:ee:e6:fc:29:b0:f1:c7:08:39:94:21:1f:60:56:7e:7e:
9a:22:be:10:27:e3:a8:55:6b:6d:55:67:a6:a3:cd:31:76:f2:
c4:3d:26:d1:f6:46:9e:c1:dd:1e:f4:21:72:8e:b5:ac:09:d3:
01:65:d7:87:b6:53:38:5e:b6:05:0e:19:18:c1:b0:a4:4f:8b:
13:72:f4:b4:ba:ec:f2:d0:18:08:ee:d0:0b:8a:e3:af:4d:09:
90:f9:85:04:45:fc:f0:21:b2:45:91:e5:a2:b5:7f:95:c9:24:
0e:66:4c:7a:f4:d1:8b:cc:c7:87:16:6b:af:b2:ea:c4:21:35:
b3:d6:a5:75:1e:29:30:6a:18:2e:d3:19:7d:61:8d:5e:2f:79:
ae:73:00:30:7e:67:2d:b1:c1:7f:1a:db:31:b0:f3:9e:96:77:
d4:3d:4a:38:e0:5d:4f:45:fa:dd:d3:96:f2:0b:f3:05:18:6c:
eb:6a:fc:49:15:cd:5d:c9:e8:94:aa:52:88:21:b8:da:af:cc:
f0:f7:f9:62:5e:c6:43:c3:cd:0b:d5:9e:69:a2:c1:a2:4b:35:
8f:54:84:a2:ca:35:55:43:20:22:bc:1c:22:e9:4a:ae:cf:49:
41:17:c6:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYc7pc1uy2xsugp0zOTMOlgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjMwNDAxMDcwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI5ZjEzMTdlODI1N2VhNDBkOTFmZWI0ODI2NjU1YzcyOTgzYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0ThzJhRAuIHPOUJ1Q1JnmderTWL
+qdHRE97vbR1byc5t9rar13y04PqQeKAnE86fE7+1wtJIebXoCL/44N3nfatAbOM
nQMTQRvfc+p54aqUT6HDB70Mdbdpo1Bq/7MJJZI8WZAZ1lNq20Zn5lu/uJdQ1mYd
Hx4PdL16D0IiAuRGIx3GoaTT8i6J33BWgKohMo52O8O7ryzaNHdGE3o3m6bGdtQC
97E15tGnXBtPRYYbKcwY6qBaUwSkeAa0yGDB0zHoWTmvnzai2S5Goek5vQcIuV8y
W2GYQDBlyBsTGtnLOzl4OXOKZn0OUY7/YE7LKtQIwmiaJmjTlGClH1vKhQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGC58TF+glfqQNkf60gmZVxymDrRMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvWUxueE1YNkNWLXBBMlJfclNDWmxYSEtZT3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBSfAAwQE
T24AAwQEXufgAwQCuQp4AwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEB
CwUAA4IBAQAsUd2ODvl73UMQMcpj6147CsHJPO7m/Cmw8ccIOZQhH2BWfn6aIr4Q
J+OoVWttVWemo80xdvLEPSbR9kaewd0e9CFyjrWsCdMBZdeHtlM4XrYFDhkYwbCk
T4sTcvS0uuzy0BgI7tALiuOvTQmQ+YUERfzwIbJFkeWitX+VySQOZkx69NGLzMeH
FmuvsurEITWz1qV1Hikwahgu0xl9YY1eL3mucwAwfmctscF/GtsxsPOelnfUPUo4
4F1PRfrd05byC/MFGGzravxJFc1dyeiUqlKIIbjar8zw9/liXsZDw80L1Z5posGi
SzWPVISiyjVVQyAivBwi6Uquz0lBF8ZS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:03 2024 by rpki-client on console-fra.rpki-client.org