Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/yT4yQUBwFUScsTNbYUDA98HYiRk.roa
File: yT4yQUBwFUScsTNbYUDA98HYiRk.roa (raw, json)
Hash identifier: nQH4XTHeHeY4YMrnWZ22d8q7nIF4nu6lVg1a6+krI8Q=
Subject key identifier: C9:3E:32:41:40:70:15:44:9C:B1:33:5B:61:40:C0:F7:C1:D8:89:19
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018F7B796AEDB3AB2DA5AE4CB452D2092423
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/yT4yQUBwFUScsTNbYUDA98HYiRk.roa
Signing time: Wed 15 May 2024 08:58:25 +0000
ROA not before: Wed 15 May 2024 08:58:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.114.12.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
91.132.114.0/23 maxlen: 32
103.53.216.0/22 maxlen: 22
103.240.180.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jul 2024 08:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:79:6a:ed:b3:ab:2d:a5:ae:4c:b4:52:d2:09:24:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: May 15 08:58:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c93e3241407015449cb1335b6140c0f7c1d88919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:86:d3:e2:50:92:0a:94:73:86:f3:74:9c:
b4:22:a0:8c:e3:62:f9:a5:bc:0c:52:50:be:70:59:
c1:02:7f:e8:49:d0:a6:ff:72:77:1d:43:ac:f4:68:
9b:b5:b4:92:af:f8:f5:32:a4:1b:d7:f9:60:81:c2:
e6:d9:d0:fa:61:9e:99:3e:b7:a7:6f:70:a5:0c:0d:
79:3d:4c:5e:bc:76:ce:fe:84:98:a4:da:c2:35:a2:
49:01:fa:76:ad:58:55:7e:5a:8a:8c:14:fc:e9:a8:
c4:01:93:2a:89:f5:57:71:47:66:bf:de:12:09:72:
85:a0:a1:64:8f:2e:8e:db:97:e8:b4:c6:c2:ca:dc:
ab:f5:83:32:66:bb:14:8b:d7:72:c1:43:78:bc:ce:
37:48:10:c2:39:b7:91:d4:2c:fa:85:ce:40:24:e0:
ca:9d:c1:d8:3f:f6:5e:7b:bc:c9:5b:20:a5:2e:b2:
95:a8:70:87:13:2b:45:5b:f4:3a:a1:25:68:23:9b:
54:ae:ab:b4:f5:22:37:a2:c4:0d:87:95:59:a7:28:
46:cd:d9:e5:1b:93:01:da:b5:71:99:46:5d:68:e6:
e7:ca:47:40:dc:9d:7c:7d:6d:4f:81:40:d9:61:1e:
7a:62:f1:e7:a0:6b:7b:02:45:6d:f6:c1:a0:54:0a:
19:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:3E:32:41:40:70:15:44:9C:B1:33:5B:61:40:C0:F7:C1:D8:89:19
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/yT4yQUBwFUScsTNbYUDA98HYiRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
91.132.114.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
63:62:2c:42:af:d2:60:60:49:7e:ea:43:fa:45:4d:67:a4:a4:
af:7e:18:36:fb:af:90:35:68:a9:27:cc:46:2d:32:2d:ca:55:
b7:9c:fb:49:65:55:5a:78:de:71:fc:49:64:ee:ef:86:5c:e8:
e8:b8:86:46:a5:71:ee:2f:e1:b1:2a:1f:1b:cb:1b:0f:d4:9e:
ae:cb:6b:43:37:ba:65:e6:d1:76:fd:9e:a7:3f:54:fd:95:00:
02:7c:1c:4f:33:89:9f:fd:38:5f:b9:57:ab:a5:51:72:17:2a:
d8:58:af:01:b6:c2:71:11:0f:c6:86:6f:40:54:9f:76:76:73:
27:33:ee:ec:a0:1d:5f:89:ca:e0:06:dd:8a:ec:a1:e9:ab:a0:
f4:d4:b8:11:54:e6:08:fc:1f:c6:87:c5:1b:08:a8:ec:30:1a:
e4:ed:d1:50:a6:bf:a7:84:40:e4:6d:68:fa:2a:5f:99:d3:38:
d3:6c:e4:e1:b2:81:ca:54:60:89:27:bb:6b:57:8a:5c:19:d1:
0d:a9:bf:f3:5c:7a:74:55:58:b0:99:2c:51:a2:7d:6f:84:c8:
04:42:bb:fc:ca:1d:93:c5:e2:c6:f0:e7:4c:5a:96:0d:87:2f:
34:24:c3:7a:80:cf:20:66:56:ce:85:d5:a0:d2:2a:69:f8:7f:
93:da:c6:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY97eWrts6stpa5MtFLSCSQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwNTE1MDg1ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTNlMzI0MTQwNzAxNTQ0OWNiMTMzNWI2MTQwYzBmN2MxZDg4OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIKG0+JQkgqUc4bzdJy0IqCM42L5
pbwMUlC+cFnBAn/oSdCm/3J3HUOs9GibtbSSr/j1MqQb1/lggcLm2dD6YZ6ZPren
b3ClDA15PUxevHbO/oSYpNrCNaJJAfp2rVhVflqKjBT86ajEAZMqifVXcUdmv94S
CXKFoKFkjy6O25fotMbCytyr9YMyZrsUi9dywUN4vM43SBDCObeR1Cz6hc5AJODK
ncHYP/Zee7zJWyClLrKVqHCHEytFW/Q6oSVoI5tUrqu09SI3osQNh5VZpyhGzdnl
G5MB2rVxmUZdaObnykdA3J18fW1PgUDZYR56YvHnoGt7AkVt9sGgVAoZpQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMk+MkFAcBVEnLEzW2FAwPfB2IkZMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEveVQ0eVFVQndGVVNjc1ROYllVREE5OEhZaVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLXIMAwQC
LZFoAwQBW4RyAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQAwRzKAwQA
wRztMA0GCSqGSIb3DQEBCwUAA4IBAQBjYixCr9JgYEl+6kP6RU1npKSvfhg2+6+Q
NWipJ8xGLTItylW3nPtJZVVaeN5x/Elk7u+GXOjouIZGpXHuL+GxKh8byxsP1J6u
y2tDN7pl5tF2/Z6nP1T9lQACfBxPM4mf/ThfuVerpVFyFyrYWK8BtsJxEQ/Ghm9A
VJ92dnMnM+7soB1ficrgBt2K7KHpq6D01LgRVOYI/B/Gh8UbCKjsMBrk7dFQpr+n
hEDkbWj6Kl+Z0zjTbOThsoHKVGCJJ7trV4pcGdENqb/zXHp0VViwmSxRon1vhMgE
Qrv8yh2TxeLG8OdMWpYNhy80JMN6gM8gZlbOhdWg0ipp+H+T2sYZ
-----END CERTIFICATE-----
Generated at Tue Jul 9 09:50:22 2024 by rpki-client on console-ams.rpki-client.org