Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/y74Nj8q2i_1v0MdlEZxf9O9_0fs.roa
File: y74Nj8q2i_1v0MdlEZxf9O9_0fs.roa (raw, json)
Hash identifier: wKUS8NrLuap+scV+AAvsvrdvrEoQLiminxaWvVAaBDg=
Subject key identifier: CB:BE:0D:8F:CA:B6:8B:FD:6F:D0:C7:65:11:9C:5F:F4:EF:7F:D1:FB
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01893E80B7FB9795E02DD94603E48D8E9AF0
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/y74Nj8q2i_1v0MdlEZxf9O9_0fs.roa
Signing time: Mon 10 Jul 2023 06:32:50 +0000
ROA not before: Mon 10 Jul 2023 06:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a09:3b00::/29 maxlen: 29
2a11:202::/32 maxlen: 32
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 12 Jul 2023 05:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:80:b7:fb:97:95:e0:2d:d9:46:03:e4:8d:8e:9a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jul 10 06:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbbe0d8fcab68bfd6fd0c765119c5ff4ef7fd1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:57:fd:ab:a4:7a:8f:7f:b2:4a:08:bb:f0:cb:
e5:ad:56:bb:31:8c:6a:74:ea:d1:1d:fb:df:57:73:
f8:7c:fd:e4:db:bc:f2:c5:31:fb:d8:02:12:e0:fc:
ea:ee:d0:21:47:ad:ca:41:98:a7:56:78:f0:62:0b:
0e:3c:88:78:b8:6a:c3:e0:47:f1:9e:f1:ff:c7:f6:
75:4f:74:91:d0:a1:87:fb:0e:50:f7:b0:45:ea:26:
8b:9b:f8:a2:1d:66:95:17:30:02:b8:02:90:07:98:
43:7e:79:ab:79:92:88:90:32:5b:3f:f0:a2:78:0e:
74:54:25:e9:a0:9a:39:51:8c:f4:a7:13:0e:6d:6c:
d6:7b:8f:64:90:dd:1d:31:3b:94:81:01:42:61:34:
aa:0b:78:e0:e3:98:87:fb:32:47:fc:45:13:e6:aa:
72:6d:63:f9:47:20:12:e0:03:77:b5:5c:fc:54:36:
01:d5:89:74:da:63:d0:49:11:7d:49:0a:14:5f:3d:
63:cc:db:46:6e:06:7f:01:bc:ba:2f:07:4f:e1:27:
e2:56:dc:11:2b:5f:83:4a:28:14:09:3a:c7:e3:85:
d8:e8:14:c7:72:88:eb:9a:50:82:bb:dc:7f:7c:1e:
2e:bd:3c:e9:24:e7:85:8e:90:11:b6:81:ae:e4:8c:
c3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BE:0D:8F:CA:B6:8B:FD:6F:D0:C7:65:11:9C:5F:F4:EF:7F:D1:FB
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/y74Nj8q2i_1v0MdlEZxf9O9_0fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a09:3b00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:e8c0::/29
2a0d:5ec5::/32
2a10:c0c0::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a1:d1:73:ad:c0:fc:55:8f:0e:e6:62:5f:f1:2e:ec:fa:24:18:
d0:a4:5c:b9:a4:55:bc:41:54:b1:ea:b0:40:78:31:1c:c7:15:
bc:81:9f:98:db:7b:bc:e3:cd:4d:15:97:bf:64:8c:6d:2c:79:
66:67:5b:70:17:e5:91:de:30:98:10:dd:66:90:df:ed:d2:f5:
a4:82:64:d5:bb:c1:87:33:37:f5:51:17:b6:10:f8:ba:50:cd:
7b:44:68:ee:d0:b2:2d:6b:b8:75:a6:d2:8f:5b:9d:33:cd:60:
e5:50:3d:1d:8d:9d:5d:2c:8f:47:1c:73:30:c6:f5:5a:39:89:
5e:25:1b:2d:88:04:f1:45:4a:f7:f5:17:d0:b8:d0:a1:b0:51:
c4:bd:7e:72:8f:eb:cf:0d:00:4b:93:fb:5e:35:59:db:3c:d6:
59:f2:7e:66:57:17:c7:7d:c3:16:6b:08:32:c8:b1:0e:aa:60:
df:88:42:f4:0e:22:11:1f:05:68:86:c7:5b:d1:33:e5:5c:f4:
e8:81:7b:6b:82:af:8c:0b:8a:6b:9b:cb:2c:50:38:47:3c:b9:
d2:d1:26:66:69:7b:7a:18:b2:4f:5f:13:ef:80:e4:d6:08:0f:
ea:e9:54:37:e5:d2:95:2c:ce:ca:2c:a8:40:c7:ac:37:a3:9e:
59:e2:a7:d2
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYk+gLf7l5XgLdlGA+SNjprwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwNzEwMDYzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJlMGQ4ZmNhYjY4YmZkNmZkMGM3NjUxMTljNWZmNGVmN2ZkMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1f9q6R6j3+ySgi78MvlrVa7MYxq
dOrRHfvfV3P4fP3k27zyxTH72AIS4Pzq7tAhR63KQZinVnjwYgsOPIh4uGrD4Efx
nvH/x/Z1T3SR0KGH+w5Q97BF6iaLm/iiHWaVFzACuAKQB5hDfnmreZKIkDJbP/Ci
eA50VCXpoJo5UYz0pxMObWzWe49kkN0dMTuUgQFCYTSqC3jg45iH+zJH/EUT5qpy
bWP5RyAS4AN3tVz8VDYB1Yl02mPQSRF9SQoUXz1jzNtGbgZ/Aby6LwdP4SfiVtwR
K1+DSigUCTrH44XY6BTHcojrmlCCu9x/fB4uvTzpJOeFjpARtoGu5IzDAQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFMu+DY/Ktov9b9DHZRGcX/Tvf9H7MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEveTc0Tmo4cTJpXzF2ME1kbEVaeGY5TzlfMGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MB4EAgABMBgDBAAtl4sD
BAJTq/ADBABUNiQDBADCcWkwXAQCAAIwVgMFAyoJOwAwEAMGBCoJTgEwAwYFKglO
AUADBQMqDOjAAwUAKg1exQMFAyoQwMADBgQqEQIAAAMGBSoRAgBAAwYEKhECAHAw
DgMFACoRAgEDBQAqEQICMA0GCSqGSIb3DQEBCwUAA4IBAQCh0XOtwPxVjw7mYl/x
Luz6JBjQpFy5pFW8QVSx6rBAeDEcxxW8gZ+Y23u8481NFZe/ZIxtLHlmZ1twF+WR
3jCYEN1mkN/t0vWkgmTVu8GHMzf1URe2EPi6UM17RGju0LIta7h1ptKPW50zzWDl
UD0djZ1dLI9HHHMwxvVaOYleJRstiATxRUr39RfQuNChsFHEvX5yj+vPDQBLk/te
NVnbPNZZ8n5mVxfHfcMWawgyyLEOqmDfiEL0DiIRHwVohsdb0TPlXPTogXtrgq+M
C4prm8ssUDhHPLnS0SZmaXt6GLJPXxPvgOTWCA/q6VQ35dKVLM7KLKhAx6w3o55Z
4qfS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org