Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/YbrfGSFofG3tec2xY6o4VswUHCE.roa
File: YbrfGSFofG3tec2xY6o4VswUHCE.roa (raw, json)
Hash identifier: qDQUxr+C/cEzYEAUJhrSja0rMtTRK4MzEov1Q+M+AcU=
Subject key identifier: 61:BA:DF:19:21:68:7C:6D:ED:79:CD:B1:63:AA:38:56:CC:14:1C:21
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019306FB6F219B22EA4B6FF8BD6EC0337845
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/YbrfGSFofG3tec2xY6o4VswUHCE.roa
Signing time: Thu 07 Nov 2024 14:16:01 +0000
ROA not before: Thu 07 Nov 2024 14:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
185.28.240.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
206.245.213.0/24 maxlen: 24
206.245.224.0/21 maxlen: 21
206.245.232.0/22 maxlen: 22
206.245.236.0/23 maxlen: 23
2a00:e340::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:fb:6f:21:9b:22:ea:4b:6f:f8:bd:6e:c0:33:78:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Nov 7 14:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61badf1921687c6ded79cdb163aa3856cc141c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d6:45:c4:75:e2:ba:36:1a:26:9a:5f:05:94:
c5:b3:fc:45:21:b2:1e:ec:d8:a7:06:cb:f8:a6:58:
73:db:8d:63:75:1d:89:14:0a:62:50:a2:3c:97:19:
47:f1:c9:79:c3:e2:26:e6:97:10:f6:e9:54:c6:27:
ec:36:e4:9f:c3:48:cd:43:30:bc:8a:b4:b7:9f:c9:
2d:54:22:89:13:57:1d:41:18:7d:9a:68:a2:d5:75:
23:8b:92:63:52:85:b6:28:31:8f:5c:28:30:60:85:
1a:48:20:31:6c:c2:d3:62:18:c8:f9:dd:80:05:13:
78:2c:b4:1c:ee:0d:2e:cc:d7:dd:90:6d:ed:12:dd:
36:2d:84:0c:88:c7:a2:44:d0:9d:99:e6:ba:bc:b9:
bc:b8:17:81:d0:e6:09:d4:51:2e:cf:82:21:c5:3b:
7a:9a:eb:6e:1e:94:4f:f8:74:36:eb:3c:6c:50:34:
3d:59:44:55:66:d7:a9:2e:82:8d:b6:fb:e1:c1:9c:
9a:63:ba:72:36:51:65:73:a9:21:b4:7a:c9:6c:f1:
a9:08:76:94:0d:4e:fa:a8:10:b3:39:2f:27:85:52:
32:d2:06:0a:25:72:76:9a:7b:99:1c:9a:2c:a7:f1:
59:84:a8:4f:df:a1:8e:c8:04:71:a0:b3:c1:c6:5a:
a1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BA:DF:19:21:68:7C:6D:ED:79:CD:B1:63:AA:38:56:CC:14:1C:21
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/YbrfGSFofG3tec2xY6o4VswUHCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.213.0/24
206.245.224.0-206.245.237.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
61:26:52:65:79:74:69:de:6b:04:3b:7e:ea:09:a3:33:db:2c:
dd:c5:b3:48:1e:b4:ed:7a:0d:e7:8e:91:c2:9d:05:00:75:97:
c4:18:5d:ce:6f:c2:c2:b8:9a:20:51:2b:de:c3:fc:8c:2c:1d:
2a:88:79:c0:24:41:af:e4:8f:be:35:04:05:44:89:9c:ba:0e:
43:68:9c:69:b1:c0:01:9d:07:99:2d:4d:ca:3a:c4:38:bf:4a:
43:6a:de:5b:ce:df:8b:61:83:31:39:05:8d:6c:93:e3:20:93:
40:18:7c:8c:f8:82:b8:a5:c2:e6:ed:4e:c7:20:dd:42:6c:94:
4b:2f:fa:7e:8c:a4:c5:d2:9b:31:d2:80:bf:fe:14:bd:c8:72:
f1:93:13:69:b2:0a:41:c5:46:d0:88:f9:05:55:ff:2e:aa:61:
c8:75:04:03:3b:35:d6:3f:c2:b6:d0:9f:6f:63:7e:cd:dd:a4:
ee:a8:fa:86:f2:dd:fd:59:3a:a6:45:2e:67:7f:eb:b8:33:4d:
17:5a:cd:ae:ab:a5:f0:eb:10:33:8a:6b:33:85:e3:05:d6:f4:
9a:51:4a:a1:d0:01:72:aa:32:6a:58:4c:dd:d6:18:01:c3:3e:
d6:87:66:c9:f3:ab:5d:83:78:b1:75:fe:e4:ea:8b:6d:a4:9e:
ab:57:62:95
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZMG+28hmyLqS2/4vW7AM3hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjQxMTA3MTQxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJhZGYxOTIxNjg3YzZkZWQ3OWNkYjE2M2FhMzg1NmNjMTQxYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNZFxHXiujYaJppfBZTFs/xFIbIe
7NinBsv4plhz241jdR2JFApiUKI8lxlH8cl5w+Im5pcQ9ulUxifsNuSfw0jNQzC8
irS3n8ktVCKJE1cdQRh9mmii1XUji5JjUoW2KDGPXCgwYIUaSCAxbMLTYhjI+d2A
BRN4LLQc7g0uzNfdkG3tEt02LYQMiMeiRNCdmea6vLm8uBeB0OYJ1FEuz4IhxTt6
mutuHpRP+HQ26zxsUDQ9WURVZtepLoKNtvvhwZyaY7pyNlFlc6khtHrJbPGpCHaU
DU76qBCzOS8nhVIy0gYKJXJ2mnuZHJosp/FZhKhP36GOyARxoLPBxlqhvwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGG63xkhaHxt7XnNsWOqOFbMFBwhMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvWWJyZkdTRm9mRzN0ZWMyeFk2bzRWc3dVSENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBAUKkAME
BVKjwAMEAFvu3QMDAJBiAwQGnilAAwMApUEDBAK5HPADBAK5eMwDBAK57TADBAHB
ALADBAXB3YADBAHCCP4DBADO9dUwDAMEBc714AMEAc717DANBAIAAjAHAwUDKgDj
QDANBgkqhkiG9w0BAQsFAAOCAQEAYSZSZXl0ad5rBDt+6gmjM9ss3cWzSB607XoN
546Rwp0FAHWXxBhdzm/CwriaIFEr3sP8jCwdKoh5wCRBr+SPvjUEBUSJnLoOQ2ic
abHAAZ0HmS1NyjrEOL9KQ2reW87fi2GDMTkFjWyT4yCTQBh8jPiCuKXC5u1OxyDd
QmyUSy/6foykxdKbMdKAv/4Uvchy8ZMTabIKQcVG0Ij5BVX/LqphyHUEAzs11j/C
ttCfb2N+zd2k7qj6hvLd/Vk6pkUuZ3/ruDNNF1rNrqul8OsQM4prM4XjBdb0mlFK
odABcqoyalhM3dYYAcM+1odmyfOrXYN4sXX+5OqLbaSeq1dilQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:13 2025 by rpki-client