Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/YwHEfS_gnou7TqfRa_SG_RqJHKA.roa
File: YwHEfS_gnou7TqfRa_SG_RqJHKA.roa (raw, json)
Hash identifier: QH74P5W3CCRWKz3Mi0qtZOU5gTlDgRJelG3B+Iow9pA=
Subject key identifier: 63:01:C4:7D:2F:E0:9E:8B:BB:4E:A7:D1:6B:F4:86:FD:1A:89:1C:A0
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 0189F88DF085FA9CC9B4308528B9226BC3D4
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/YwHEfS_gnou7TqfRa_SG_RqJHKA.roa
Signing time: Tue 15 Aug 2023 09:36:38 +0000
ROA not before: Tue 15 Aug 2023 09:36:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.132.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 12 Nov 2023 23:10:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:8d:f0:85:fa:9c:c9:b4:30:85:28:b9:22:6b:c3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Aug 15 09:36:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6301c47d2fe09e8bbb4ea7d16bf486fd1a891ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:39:34:38:25:17:e7:e2:f7:69:19:a7:f9:
03:06:9d:ff:f5:ef:f8:fe:c4:75:d4:73:b8:a0:b0:
3a:89:c4:7c:bc:fd:3b:0a:a7:96:dd:ad:ac:8a:4f:
a7:b9:d0:8d:eb:80:ae:e9:29:ec:bb:b9:c6:31:13:
e3:26:12:8c:2c:59:76:a7:a4:74:32:16:d4:79:60:
be:a7:4e:1c:5d:f3:a2:4a:b3:ef:12:3e:61:b8:30:
6a:e6:e9:92:5a:4c:90:5a:93:a8:9c:fe:49:ff:92:
a0:08:53:e9:d0:1e:ca:6f:ed:86:bd:2c:b6:da:c6:
27:1b:be:ea:8d:f2:d9:00:8f:f1:bf:6c:dc:61:bd:
99:90:e1:d5:d8:e3:8f:ab:d1:c7:e8:5d:db:21:16:
ad:23:04:95:24:70:a0:de:be:d1:f6:b3:f5:9d:dc:
0e:f1:90:8b:69:f8:66:ae:2c:bb:ce:4e:6e:d5:3e:
6e:2d:ff:6a:0c:ec:e1:3a:63:e1:62:7d:76:59:41:
ad:a9:f7:92:45:b0:38:92:ce:7f:f0:8a:75:89:81:
7c:70:a8:27:6e:c4:52:e2:11:3a:a1:61:98:52:22:
54:26:66:ae:52:91:dd:c0:1e:14:1f:f2:22:06:7c:
38:99:3d:3e:3f:2b:98:c2:d6:c7:e9:61:f4:36:98:
20:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:01:C4:7D:2F:E0:9E:8B:BB:4E:A7:D1:6B:F4:86:FD:1A:89:1C:A0
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/YwHEfS_gnou7TqfRa_SG_RqJHKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/24
45.14.113.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.135.0/24
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
43:01:cf:be:b5:85:ac:60:e6:a4:5a:a6:2b:e1:43:44:6c:dc:
4a:19:3e:9e:f7:2f:84:0d:ca:76:be:5b:8c:9e:dd:89:13:74:
30:83:0a:81:4a:0f:13:94:4b:7e:02:c9:c4:d1:b1:e2:3e:3f:
42:bb:1f:47:f7:f8:37:de:cc:15:c8:c9:1a:1a:a6:e9:d4:87:
71:8c:c4:c4:94:e2:a7:f4:52:2e:e4:5d:7f:3f:3c:04:24:72:
72:be:8d:74:a3:e8:86:58:67:ab:7f:7b:d8:97:c5:5a:37:90:
8d:8d:01:7c:69:80:b4:a9:cb:91:b3:94:14:cc:e5:5b:68:1f:
b8:ba:ae:ce:80:1b:ba:ea:b5:15:a6:76:41:06:1f:a3:7d:9f:
44:4f:fd:6a:f5:33:96:75:19:e6:a7:81:4f:d2:6e:b8:39:67:
39:8d:f0:b4:56:04:36:0d:68:00:3d:54:2a:d9:58:63:19:85:
34:70:65:f3:84:bf:ab:97:78:50:6e:a2:6c:99:ec:3c:dc:aa:
48:f2:f7:5c:0c:a4:4e:51:ba:b8:5a:c7:ad:49:84:07:a6:ac:
03:b4:51:41:0b:c5:ea:fc:85:b8:07:02:a1:d2:b1:21:ea:ce:
54:f2:03:ef:cf:16:95:ea:81:6c:7e:a4:68:ea:f2:c9:c0:85:
eb:2d:22:08
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYn4jfCF+pzJtDCFKLkia8PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwODE1MDkzNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzAxYzQ3ZDJmZTA5ZThiYmI0ZWE3ZDE2YmY0ODZmZDFhODkxY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx45NDglF+fi92kZp/kDBp3/9e/4
/sR11HO4oLA6icR8vP07CqeW3a2sik+nudCN64Cu6Snsu7nGMRPjJhKMLFl2p6R0
MhbUeWC+p04cXfOiSrPvEj5huDBq5umSWkyQWpOonP5J/5KgCFPp0B7Kb+2GvSy2
2sYnG77qjfLZAI/xv2zcYb2ZkOHV2OOPq9HH6F3bIRatIwSVJHCg3r7R9rP1ndwO
8ZCLafhmriy7zk5u1T5uLf9qDOzhOmPhYn12WUGtqfeSRbA4ks5/8Ip1iYF8cKgn
bsRS4hE6oWGYUiJUJmauUpHdwB4UH/IiBnw4mT0+PyuYwtbH6WH0NpgglwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFGMBxH0v4J6Lu06n0Wv0hv0aiRygMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL1l3SEVmU19nbm91N1RxZlJhX1NHX1JxSkhLQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ0GCCsGAQUFBwEHAQH/BIGNMIGKMDgEAgABMDIDBAEC
OAgDBAAFt0wDBAAtDnEDBACTvYAwDAMEAJO9gwMEAJO9hAMEAJO9hwMEALBv2TBO
BAIAAjBIAwcAKg4MgAADAwcAKg4MgAMjAwcAKg4MgAQDAwcAKg4MgAdDAwcAKg+Z
gAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2MA0GCSqGSIb3DQEBCwUAA4IB
AQBDAc++tYWsYOakWqYr4UNEbNxKGT6e9y+EDcp2vluMnt2JE3QwgwqBSg8TlEt+
AsnE0bHiPj9Cux9H9/g33swVyMkaGqbp1IdxjMTElOKn9FIu5F1/PzwEJHJyvo10
o+iGWGerf3vYl8VaN5CNjQF8aYC0qcuRs5QUzOVbaB+4uq7OgBu66rUVpnZBBh+j
fZ9ET/1q9TOWdRnmp4FP0m64OWc5jfC0VgQ2DWgAPVQq2VhjGYU0cGXzhL+rl3hQ
bqJsmew83KpI8vdcDKROUbq4WsetSYQHpqwDtFFBC8Xq/IW4BwKh0rEh6s5U8gPv
zxaV6oFsfqRo6vLJwIXrLSII
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org