Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YPKwgb-4oLG2kWmo89luFXjQD0Q.roa
File: YPKwgb-4oLG2kWmo89luFXjQD0Q.roa (raw, json)
Hash identifier: /fOb/7lObuBDxsnlt8Z31tIppx47FFUVJMbt2I6CBSA=
Subject key identifier: 60:F2:B0:81:BF:B8:A0:B1:B6:91:69:A8:F3:D9:6E:15:78:D0:0F:44
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 018793DCEB329E851C95A8DB77BD62F1F2AC
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YPKwgb-4oLG2kWmo89luFXjQD0Q.roa
Signing time: Tue 18 Apr 2023 10:15:41 +0000
ROA not before: Tue 18 Apr 2023 10:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 23
185.16.36.0/22 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:dc:eb:32:9e:85:1c:95:a8:db:77:bd:62:f1:f2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Apr 18 10:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60f2b081bfb8a0b1b69169a8f3d96e1578d00f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:7c:0b:ab:0f:f5:ea:2b:1e:39:39:f1:4e:
c1:ef:d2:5a:a4:69:d4:12:28:3a:e0:aa:fd:fe:43:
23:40:05:de:f5:53:bf:59:f9:70:e1:73:2f:2e:cb:
12:30:e5:c5:af:9d:db:8f:7c:ce:5b:79:30:0c:66:
8f:2b:b5:18:08:55:e0:ba:75:b6:49:47:ed:00:bf:
e0:36:87:b7:42:7a:aa:87:56:fc:9e:65:47:e3:e6:
47:6b:84:15:d9:ab:b4:4f:b3:89:fa:be:3c:c4:e4:
6a:a6:1e:fb:25:c3:21:3f:91:4a:d6:04:e1:75:37:
06:f1:4b:5f:12:25:b6:89:e2:e4:b7:db:66:0e:b8:
f7:32:0a:72:b5:65:79:34:51:a3:ce:d6:2d:7f:a0:
51:c4:f6:dd:c7:29:03:88:74:b3:b7:a4:b1:e5:a2:
c1:9d:aa:89:f3:fb:f1:b3:2f:a1:03:87:96:c5:82:
8f:04:ce:41:9c:ba:59:c9:b1:73:68:e9:9d:53:d2:
b0:ac:26:54:af:be:7d:53:ac:88:62:ff:8b:a8:5c:
4b:39:f7:f8:eb:81:59:39:9c:40:0d:fd:68:3c:4a:
e8:a2:7b:15:00:0e:f3:53:b5:d0:1c:8f:a8:4f:47:
d8:f7:64:36:a2:b6:ae:3d:d5:75:9e:ee:44:06:b2:
77:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F2:B0:81:BF:B8:A0:B1:B6:91:69:A8:F3:D9:6E:15:78:D0:0F:44
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/YPKwgb-4oLG2kWmo89luFXjQD0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:d7:87:bd:83:b8:23:0c:33:2d:d6:4b:05:23:68:fd:ee:32:
3e:ce:ac:c9:8a:4b:a2:11:fa:7b:8f:15:f3:2a:e6:5e:26:40:
e8:8a:42:4a:bc:4f:aa:19:04:35:2f:f2:ce:ca:63:07:8c:c3:
ce:86:d0:9e:df:69:f2:89:e9:09:8f:42:ce:09:e7:13:ff:e5:
65:5f:b3:ca:5c:c3:91:d6:1b:81:42:78:df:f8:0e:e8:8a:9f:
e3:68:58:75:55:a7:6d:0a:83:e2:b8:fd:c7:2f:81:5a:13:21:
2c:a0:51:5f:27:d0:cc:79:9f:08:b3:f0:ba:f3:6d:bf:06:44:
55:3d:91:d3:8f:b7:2d:11:5f:8f:d9:87:eb:aa:d4:ec:77:b3:
60:de:f3:71:ef:4d:09:63:ba:62:45:c1:dd:31:a1:e2:3e:d8:
78:c1:91:40:9a:b6:84:c1:a1:a8:98:e9:16:5b:e3:fa:21:d7:
4b:f2:24:36:8c:8f:5d:38:37:76:3d:24:78:c4:e0:ae:a0:7f:
3f:02:b6:81:90:1e:8a:64:ce:af:21:55:c6:93:1b:ed:56:6b:
d2:c6:51:f9:9a:07:6e:d5:18:39:46:d7:8d:44:f6:35:07:2b:
34:c1:ca:47:7d:66:38:2e:30:3d:24:28:01:a9:4f:99:23:d1:
01:4e:01:cb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYeT3OsynoUclajbd71i8fKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjMwNDE4MTAxNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGYyYjA4MWJmYjhhMGIxYjY5MTY5YThmM2Q5NmUxNTc4ZDAwZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNR8C6sP9eorHjk58U7B79JapGnU
Eig64Kr9/kMjQAXe9VO/Wflw4XMvLssSMOXFr53bj3zOW3kwDGaPK7UYCFXgunW2
SUftAL/gNoe3Qnqqh1b8nmVH4+ZHa4QV2au0T7OJ+r48xORqph77JcMhP5FK1gTh
dTcG8UtfEiW2ieLkt9tmDrj3MgpytWV5NFGjztYtf6BRxPbdxykDiHSzt6Sx5aLB
naqJ8/vxsy+hA4eWxYKPBM5BnLpZybFzaOmdU9KwrCZUr759U6yIYv+LqFxLOff4
64FZOZxADf1oPEroonsVAA7zU7XQHI+oT0fY92Q2orauPdV1nu5EBrJ3DwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGDysIG/uKCxtpFpqPPZbhV40A9EMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvWVBLd2diLTRvTEcya1dtbzg5bHVGWGpRRDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbW8AwQC
X9Y0AwQCuRAkMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQAt14e9
g7gjDDMt1ksFI2j97jI+zqzJikuiEfp7jxXzKuZeJkDoikJKvE+qGQQ1L/LOymMH
jMPOhtCe32nyiekJj0LOCecT/+VlX7PKXMOR1huBQnjf+A7oip/jaFh1VadtCoPi
uP3HL4FaEyEsoFFfJ9DMeZ8Is/C6822/BkRVPZHTj7ctEV+P2YfrqtTsd7Ng3vNx
700JY7piRcHdMaHiPth4wZFAmraEwaGomOkWW+P6IddL8iQ2jI9dODd2PSR4xOCu
oH8/AraBkB6KZM6vIVXGkxvtVmvSxlH5mgdu1Rg5RteNRPY1Bys0wcpHfWY4LjA9
JCgBqU+ZI9EBTgHL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org