Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/yk-XKUWAm_ZRmGf9Ry4fv-RqBjo.roa
File: yk-XKUWAm_ZRmGf9Ry4fv-RqBjo.roa (raw, json)
Hash identifier: uWwL7sq7TR3uiTCdIYJ6vwinntgER3u35Bfon5JxB3E=
Subject key identifier: CA:4F:97:29:45:80:9B:F6:51:98:67:FD:47:2E:1F:BF:E4:6A:06:3A
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018AF05B1E5110EBA0FC226E308CB1FBF4D6
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/yk-XKUWAm_ZRmGf9Ry4fv-RqBjo.roa
Signing time: Mon 02 Oct 2023 12:26:57 +0000
ROA not before: Mon 02 Oct 2023 12:26:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 89.149.44.0/24 maxlen: 24
89.149.43.0/24 maxlen: 24
89.149.42.0/24 maxlen: 24
89.149.48.0/24 maxlen: 24
89.149.47.0/24 maxlen: 24
89.149.46.0/24 maxlen: 24
89.149.45.0/24 maxlen: 24
89.149.56.0/24 maxlen: 24
89.149.53.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
89.149.62.0/24 maxlen: 24
84.247.105.0/24 maxlen: 24
84.247.104.0/24 maxlen: 24
84.247.110.0/24 maxlen: 24
84.247.109.0/24 maxlen: 24
84.247.108.0/24 maxlen: 24
84.247.107.0/24 maxlen: 24
84.247.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 11:19:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:5b:1e:51:10:eb:a0:fc:22:6e:30:8c:b1:fb:f4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Oct 2 12:26:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4f972945809bf6519867fd472e1fbfe46a063a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:c7:5b:7c:80:e5:0d:27:ca:68:cc:b6:3d:
ee:f3:31:a7:71:8d:6d:c6:ce:12:9c:a6:35:66:6f:
dc:8f:46:5f:43:cc:f9:4f:c7:0d:d6:f7:9e:8c:7a:
0a:68:e4:62:df:2e:d8:72:25:61:ca:32:df:89:5d:
41:bf:34:e1:a7:e8:c9:51:7f:82:7b:12:9c:f9:21:
fd:3e:f2:5d:66:16:93:ac:59:6a:46:9c:3b:87:f9:
79:c2:bf:9e:7c:4d:e6:70:fa:99:7a:2c:ac:b4:2e:
e1:db:79:a6:88:46:2e:e7:15:de:78:1b:c7:ea:c7:
11:40:40:b3:7e:21:4a:bb:e7:f1:a1:fd:8b:09:99:
b9:a6:69:72:bf:d6:d5:c0:7e:8c:e4:4a:36:52:a6:
7a:e7:90:5c:5b:60:2d:ea:00:1c:16:20:ca:66:93:
a3:a4:92:3e:d0:6e:31:ae:1a:4a:73:1e:3a:9e:84:
4f:31:1c:53:4f:90:ef:c3:e2:65:03:93:ba:f4:e3:
b5:33:dc:35:ac:08:1f:f3:6d:5d:e4:20:3c:22:02:
03:f4:e6:9f:60:7a:23:0b:bb:09:11:13:7f:4c:62:
94:06:bc:8f:46:00:e4:14:5a:3d:02:38:23:c7:0d:
26:29:23:05:27:ac:d2:82:65:84:d7:2f:3f:ac:f7:
6c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4F:97:29:45:80:9B:F6:51:98:67:FD:47:2E:1F:BF:E4:6A:06:3A
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/yk-XKUWAm_ZRmGf9Ry4fv-RqBjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.104.0-84.247.110.255
89.149.42.0-89.149.48.255
89.149.52.0/23
89.149.56.0/24
89.149.62.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:61:4f:a6:b5:ca:9c:8e:d1:6c:93:6f:7c:0f:46:4e:c2:1c:
f0:29:bf:b7:86:31:77:de:30:9f:15:d1:58:b1:47:4a:84:55:
0b:be:fb:1d:90:31:56:62:f7:8c:70:70:98:5c:13:06:c2:6d:
2f:45:dc:91:8d:08:8c:9b:ae:46:fb:88:fc:d7:6c:85:33:ac:
31:8c:64:97:0f:eb:fb:1a:cf:03:14:66:30:cd:f2:0e:ee:60:
55:d1:01:9a:3c:ff:d1:78:f8:bc:8e:d1:be:af:d9:68:f7:4f:
8e:db:f8:6e:79:1b:ce:fe:be:64:98:8a:16:44:db:bb:52:6f:
4b:ea:f2:89:43:4c:c7:8d:fe:41:08:20:b9:17:67:ec:16:c4:
98:4e:21:33:2d:8f:8a:15:5b:c2:c9:05:9d:8a:92:a6:40:34:
f9:bc:61:17:9f:6b:ec:2a:69:6b:ff:bb:13:bd:0c:41:e2:40:
61:83:b1:00:6f:ae:fb:07:21:f0:55:cc:96:91:e4:00:2b:55:
b9:27:0e:4a:30:f5:76:8e:17:01:5a:81:71:4a:31:8c:13:82:
02:3c:b4:f3:08:08:41:58:f2:4f:8f:fc:9e:d9:33:44:f7:2b:
67:5c:09:d6:c1:7a:b6:dd:f6:9e:f8:aa:6a:88:3f:32:ec:1b:
7e:75:d9:b8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYrwWx5REOug/CJuMIyx+/TWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjMxMDAyMTIyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRmOTcyOTQ1ODA5YmY2NTE5ODY3ZmQ0NzJlMWZiZmU0NmEwNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfnHW3yA5Q0nymjMtj3u8zGncY1t
xs4SnKY1Zm/cj0ZfQ8z5T8cN1veejHoKaORi3y7YciVhyjLfiV1BvzThp+jJUX+C
exKc+SH9PvJdZhaTrFlqRpw7h/l5wr+efE3mcPqZeiystC7h23mmiEYu5xXeeBvH
6scRQECzfiFKu+fxof2LCZm5pmlyv9bVwH6M5Eo2UqZ655BcW2At6gAcFiDKZpOj
pJI+0G4xrhpKcx46noRPMRxTT5Dvw+JlA5O69OO1M9w1rAgf821d5CA8IgID9Oaf
YHojC7sJERN/TGKUBryPRgDkFFo9Ajgjxw0mKSMFJ6zSgmWE1y8/rPdsOwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMpPlylFgJv2UZhn/UcuH7/kagY6MB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEveWstWEtVV0FtX1pSbUdmOVJ5NGZ2LVJxQmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBANU92gD
BABU924wDAMEAVmVKgMEAFmVMAMEAVmVNAMEAFmVOAMEAFmVPjANBgkqhkiG9w0B
AQsFAAOCAQEAnWFPprXKnI7RbJNvfA9GTsIc8Cm/t4Yxd94wnxXRWLFHSoRVC777
HZAxVmL3jHBwmFwTBsJtL0XckY0IjJuuRvuI/NdshTOsMYxklw/r+xrPAxRmMM3y
Du5gVdEBmjz/0Xj4vI7Rvq/ZaPdPjtv4bnkbzv6+ZJiKFkTbu1JvS+ryiUNMx43+
QQgguRdn7BbEmE4hMy2PihVbwskFnYqSpkA0+bxhF59r7Cppa/+7E70MQeJAYYOx
AG+u+wch8FXMlpHkACtVuScOSjD1do4XAVqBcUoxjBOCAjy08wgIQVjyT4/8ntkz
RPcrZ1wJ1sF6tt32nviqaog/MuwbfnXZuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:47 2024 by rpki-client on console-ams.rpki-client.org