Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/yDgwwmhUwVVTZ1dM_TYe1KPqk3M.roa
File: yDgwwmhUwVVTZ1dM_TYe1KPqk3M.roa (raw, json)
Hash identifier: zTTFdMT93AW6EFMOE48dXzGfEljLyFzCfH8tBN7SodE=
Subject key identifier: C8:38:30:C2:68:54:C1:55:53:67:57:4C:FD:36:1E:D4:A3:EA:93:73
Certificate issuer: /CN=07560e3e72c6079a04e7d1f6103b9df78979a522
Certificate serial: 018CC7949A5A70983263FFFFB17B3D0B08FE
Authority key identifier: 07:56:0E:3E:72:C6:07:9A:04:E7:D1:F6:10:3B:9D:F7:89:79:A5:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1YOPnLGB5oE59H2EDud94l5pSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/yDgwwmhUwVVTZ1dM_TYe1KPqk3M.roa
Signing time: Tue 02 Jan 2024 00:30:53 +0000
ROA not before: Tue 02 Jan 2024 00:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49635
IP address blocks: 217.71.200.0/21 maxlen: 24
161.22.40.0/21 maxlen: 24
85.208.20.0/22 maxlen: 24
185.166.212.0/22 maxlen: 24
185.253.152.0/22 maxlen: 24
79.143.88.0/21 maxlen: 24
27.0.172.0/22 maxlen: 24
46.183.112.0/21 maxlen: 24
93.189.88.0/21 maxlen: 24
200.234.224.0/20 maxlen: 24
185.254.204.0/22 maxlen: 24
80.240.126.0/23 maxlen: 24
103.23.60.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 12:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:9a:5a:70:98:32:63:ff:ff:b1:7b:3d:0b:08:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07560e3e72c6079a04e7d1f6103b9df78979a522
Validity
Not Before: Jan 2 00:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83830c26854c1555367574cfd361ed4a3ea9373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:49:70:d9:e8:46:f5:db:f6:95:ec:e2:47:f1:
b9:79:4b:17:46:9e:30:8d:a5:50:4f:e5:18:90:39:
01:f7:b3:ef:35:f4:e4:d0:6d:f8:09:f7:18:3e:26:
34:4a:39:33:11:61:90:07:6f:77:61:77:b8:96:93:
95:25:69:7f:ee:b2:8a:08:f8:29:d8:6d:12:b5:07:
f2:17:b7:b0:bc:1f:d8:46:d9:e1:5c:3b:2d:46:a9:
19:cd:f8:f4:ec:25:46:d7:73:52:06:bc:db:05:1b:
d7:3a:1f:bd:57:32:bf:3f:46:da:1b:d9:59:3b:a3:
9f:96:a0:d0:21:b9:c3:91:35:bc:77:f6:82:60:f8:
1f:18:78:51:f2:72:2e:a2:d0:ef:3f:f8:78:ba:8b:
d6:ab:d4:70:c9:19:29:f2:b8:ef:f5:ba:85:2f:21:
25:f8:7f:9d:a8:ee:8d:bc:c2:42:20:43:da:2e:07:
01:16:8e:44:9a:b8:b6:6e:23:40:e3:ae:f8:f4:60:
77:f0:df:c4:81:25:48:9e:96:e8:ff:ff:3e:4f:1d:
5e:09:f2:c3:29:63:14:41:5c:29:3e:18:fb:ef:ad:
37:d7:75:a6:59:a2:44:2d:74:8c:20:4d:86:e6:ef:
af:e0:84:fa:ab:ab:8a:d6:61:59:34:ad:69:38:1e:
09:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:38:30:C2:68:54:C1:55:53:67:57:4C:FD:36:1E:D4:A3:EA:93:73
X509v3 Authority Key Identifier:
keyid:07:56:0E:3E:72:C6:07:9A:04:E7:D1:F6:10:3B:9D:F7:89:79:A5:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1YOPnLGB5oE59H2EDud94l5pSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/yDgwwmhUwVVTZ1dM_TYe1KPqk3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/B1YOPnLGB5oE59H2EDud94l5pSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.172.0/22
46.183.112.0/21
79.143.88.0/21
80.240.126.0/23
85.208.20.0/22
93.189.88.0/21
103.23.60.0/23
161.22.40.0/21
185.166.212.0/22
185.253.152.0/22
185.254.204.0/22
200.234.224.0/20
217.71.200.0/21
Signature Algorithm: sha256WithRSAEncryption
32:5f:e5:24:c8:d3:cd:28:3b:70:58:bd:43:05:01:d9:f4:8e:
23:9e:f4:1e:15:6b:fc:dc:2a:44:99:a6:b2:13:de:8b:60:7e:
e5:2e:ae:4d:04:2b:65:4b:54:65:f4:8a:3b:6d:57:39:e0:07:
af:51:ab:9d:d4:61:7d:54:21:a7:31:4b:90:6a:43:e0:4e:7c:
35:a2:31:56:98:b3:32:ba:5c:56:e9:75:aa:8a:76:be:60:a1:
51:4a:50:b0:34:99:7c:4e:ae:05:4c:21:74:db:96:8e:fe:dc:
7e:c6:7e:ff:14:3d:77:59:81:ed:dc:09:31:ca:07:1c:9b:19:
22:bf:f3:7b:bb:d3:83:a9:3d:e9:b5:cf:86:e1:4d:57:22:03:
57:bf:c6:92:38:bc:e0:54:74:de:12:ea:4b:7c:4a:1f:89:62:
d2:d2:b5:9b:09:13:a2:fe:74:0b:ee:dc:73:5e:9d:98:80:af:
9a:32:de:b7:96:e1:bc:ea:ad:1c:61:fa:cc:b2:af:e2:8a:55:
68:11:76:7d:db:4c:0a:07:35:72:fb:3b:dc:5e:e6:a7:40:42:
51:6b:a5:1b:69:4a:02:20:64:9f:af:31:80:9f:96:c3:8e:ab:
23:0d:2c:68:56:ab:46:b8:a4:63:ac:e4:97:1e:c9:29:bd:3c:
56:3a:b9:10
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzHlJpacJgyY///sXs9Cwj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTYwZTNlNzJjNjA3OWEwNGU3ZDFmNjEwM2I5ZGY3ODk3
OWE1MjIwHhcNMjQwMTAyMDAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM4MzBjMjY4NTRjMTU1NTM2NzU3NGNmZDM2MWVkNGEzZWE5MzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzElw2ehG9dv2leziR/G5eUsXRp4w
jaVQT+UYkDkB97PvNfTk0G34CfcYPiY0SjkzEWGQB293YXe4lpOVJWl/7rKKCPgp
2G0StQfyF7ewvB/YRtnhXDstRqkZzfj07CVG13NSBrzbBRvXOh+9VzK/P0baG9lZ
O6OflqDQIbnDkTW8d/aCYPgfGHhR8nIuotDvP/h4uovWq9RwyRkp8rjv9bqFLyEl
+H+dqO6NvMJCIEPaLgcBFo5Emri2biNA46749GB38N/EgSVInpbo//8+Tx1eCfLD
KWMUQVwpPhj7760313WmWaJELXSMIE2G5u+v4IT6q6uK1mFZNK1pOB4JFwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMg4MMJoVMFVU2dXTP02HtSj6pNzMB8GA1UdIwQY
MBaAFAdWDj5yxgeaBOfR9hA7nfeJeaUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFZT1BuTEdCNW9FNTlIMkVEdWQ5NGw1cFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNjk5OGQtOGNkOS00OTkzLTlmZTct
ODIyMWQyMTQzNzk2LzEveURnd3dtaFV3VlZUWjFkTV9UWWUxS1BxazNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNjk5OGQtOGNkOS00OTkzLTlmZTctODIyMWQyMTQzNzk2
LzEvQjFZT1BuTEdCNW9FNTlIMkVEdWQ5NGw1cFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCGwCsAwQD
LrdwAwQDT49YAwQBUPB+AwQCVdAUAwQDXb1YAwQBZxc8AwQDoRYoAwQCuabUAwQC
uf2YAwQCuf7MAwQEyOrgAwQD2UfIMA0GCSqGSIb3DQEBCwUAA4IBAQAyX+UkyNPN
KDtwWL1DBQHZ9I4jnvQeFWv83CpEmaayE96LYH7lLq5NBCtlS1Rl9Io7bVc54Aev
Uaud1GF9VCGnMUuQakPgTnw1ojFWmLMyulxW6XWqina+YKFRSlCwNJl8Tq4FTCF0
25aO/tx+xn7/FD13WYHt3Akxygccmxkiv/N7u9ODqT3ptc+G4U1XIgNXv8aSOLzg
VHTeEupLfEofiWLS0rWbCROi/nQL7txzXp2YgK+aMt63luG86q0cYfrMsq/iilVo
EXZ920wKBzVy+zvcXuanQEJRa6UbaUoCIGSfrzGAn5bDjqsjDSxoVqtGuKRjrOSX
HskpvTxWOrkQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:24 2024 by rpki-client on console-ams.rpki-client.org