Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/yw_qWO3haNvWK1x42FCRknAJstk.roa
File: yw_qWO3haNvWK1x42FCRknAJstk.roa (raw, json)
Hash identifier: shoZmJd5FJUpxm4Rw6g/+ke/4XPKniyEl9AhDBHATYk=
Subject key identifier: CB:0F:EA:58:ED:E1:68:DB:D6:2B:5C:78:D8:50:91:92:70:09:B2:D9
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018C34D5C93B73ECDAF81C678176F03A7A77
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/yw_qWO3haNvWK1x42FCRknAJstk.roa
Signing time: Mon 04 Dec 2023 12:37:54 +0000
ROA not before: Mon 04 Dec 2023 12:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 147.123.48.0/21 maxlen: 21
137.174.192.0/19 maxlen: 22
155.204.64.0/20 maxlen: 20
137.174.0.0/17 maxlen: 22
155.204.80.0/21 maxlen: 21
155.204.88.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
155.204.104.0/21 maxlen: 21
147.123.36.0/22 maxlen: 24
137.174.128.0/18 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:d5:c9:3b:73:ec:da:f8:1c:67:81:76:f0:3a:7a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Dec 4 12:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb0fea58ede168dbd62b5c78d85091927009b2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:9e:ba:23:39:7d:2c:b4:fb:41:43:ae:f7:
8a:39:f5:c3:bd:7f:42:be:07:fa:b1:25:f8:91:89:
b7:7e:48:82:95:67:49:0b:ad:d6:03:91:a4:43:2b:
1e:10:13:51:61:19:e3:15:e7:6a:bf:df:72:4b:6e:
95:a6:11:51:1b:9a:bc:00:e4:11:18:b4:cc:e5:a0:
fb:56:9f:1f:df:74:72:93:a2:4d:a3:93:26:b8:5c:
47:83:fe:c7:b0:a8:e7:2c:10:3c:d9:85:30:73:86:
36:fa:58:65:11:8c:17:ea:21:33:cf:47:39:20:54:
c1:33:f3:82:fd:62:f4:fc:47:51:6d:3c:f3:57:38:
4c:b0:1d:13:5c:79:7a:53:f6:e3:98:64:14:bd:bf:
73:95:ae:ec:7b:3e:d7:7e:d0:33:50:48:56:8b:26:
d1:17:be:08:55:13:6d:4b:b9:1c:83:68:be:17:ba:
d3:41:91:77:bd:3d:f4:c2:f3:e0:65:f1:e5:18:2a:
a0:d5:bb:62:0e:90:cd:61:87:47:ba:68:7e:1b:44:
7f:6f:21:69:8e:49:37:a7:df:ca:a6:f4:7f:b4:ed:
f3:e1:a8:5b:2d:88:ab:cd:1c:4f:81:7d:24:80:85:
db:75:80:6e:c7:3f:86:04:ad:88:fe:79:d1:f7:22:
9c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0F:EA:58:ED:E1:68:DB:D6:2B:5C:78:D8:50:91:92:70:09:B2:D9
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/yw_qWO3haNvWK1x42FCRknAJstk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0-137.174.223.255
147.123.36.0/22
147.123.48.0/21
155.204.64.0-155.204.111.255
Signature Algorithm: sha256WithRSAEncryption
8f:1c:f1:09:59:40:66:ab:4d:e0:52:8f:d2:c4:47:b1:9c:22:
24:9b:b3:77:85:f6:2a:2e:5e:b9:8b:56:c4:33:11:38:7c:28:
e0:76:7a:a0:31:e1:57:55:e0:a9:1c:b5:c8:79:48:4c:b1:90:
29:5d:39:00:55:15:f2:1b:ee:8b:17:bf:58:85:68:a1:aa:72:
2d:92:da:43:18:e2:50:79:59:57:56:8e:95:af:2f:ba:6e:f8:
80:04:91:ad:fc:4a:4c:d9:19:93:be:97:b5:24:5a:9e:04:a7:
d6:3e:80:e1:5e:08:a3:09:28:94:1b:b3:12:bd:ad:0d:f5:94:
c3:c8:ab:98:6b:96:37:91:d1:05:50:54:a3:21:0c:25:b7:39:
be:48:4e:2d:9e:79:5a:68:1a:ae:28:5e:a0:85:63:73:b3:4a:
15:43:57:52:78:24:00:96:80:5d:76:8f:80:3a:bf:06:7e:06:
0d:d6:f7:07:83:a6:93:45:30:5f:e9:13:2b:7c:29:d1:35:4d:
50:ac:f8:55:29:2b:9c:c9:79:b7:61:11:fb:39:5c:81:8b:f6:
00:5b:93:6a:ef:96:c7:02:2f:de:df:6b:0e:87:e7:3b:ad:cd:
55:dd:f1:d8:8e:b5:e7:64:c5:8e:8a:62:19:a3:41:3d:d4:48:
1f:31:83:c4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYw01ck7c+za+BxngXbwOnp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMxMjA0MTIzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBmZWE1OGVkZTE2OGRiZDYyYjVjNzhkODUwOTE5MjcwMDliMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvKeuiM5fSy0+0FDrveKOfXDvX9C
vgf6sSX4kYm3fkiClWdJC63WA5GkQyseEBNRYRnjFedqv99yS26VphFRG5q8AOQR
GLTM5aD7Vp8f33Ryk6JNo5MmuFxHg/7HsKjnLBA82YUwc4Y2+lhlEYwX6iEzz0c5
IFTBM/OC/WL0/EdRbTzzVzhMsB0TXHl6U/bjmGQUvb9zla7sez7XftAzUEhWiybR
F74IVRNtS7kcg2i+F7rTQZF3vT30wvPgZfHlGCqg1btiDpDNYYdHumh+G0R/byFp
jkk3p9/KpvR/tO3z4ahbLYirzRxPgX0kgIXbdYBuxz+GBK2I/nnR9yKcoQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMsP6ljt4Wjb1itceNhQkZJwCbLZMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEveXdfcVdPM2hhTnZXSzF4NDJGQ1JrbkFKc3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAsDAwGJrgME
BYmuwAMEApN7JAMEA5N7MDAMAwQGm8xAAwQEm8xgMA0GCSqGSIb3DQEBCwUAA4IB
AQCPHPEJWUBmq03gUo/SxEexnCIkm7N3hfYqLl65i1bEMxE4fCjgdnqgMeFXVeCp
HLXIeUhMsZApXTkAVRXyG+6LF79YhWihqnItktpDGOJQeVlXVo6Vry+6bviABJGt
/EpM2RmTvpe1JFqeBKfWPoDhXgijCSiUG7MSva0N9ZTDyKuYa5Y3kdEFUFSjIQwl
tzm+SE4tnnlaaBquKF6ghWNzs0oVQ1dSeCQAloBddo+AOr8GfgYN1vcHg6aTRTBf
6RMrfCnRNU1QrPhVKSucyXm3YRH7OVyBi/YAW5Nq75bHAi/e32sOh+c7rc1V3fHY
jrXnZMWOimIZo0E91EgfMYPE
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:00 2024 by rpki-client on console-fra.rpki-client.org