Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/b_YYMhF6_JjS-ADuYP_cv8fHI8c.roa
File: b_YYMhF6_JjS-ADuYP_cv8fHI8c.roa (raw, json)
Hash identifier: RpHRVUFAtMjwtyJc07YZEt3s9EpVUcLR2WDHg4A/Feg=
Subject key identifier: 6F:F6:18:32:11:7A:FC:98:D2:F8:00:EE:60:FF:DC:BF:C7:C7:23:C7
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 0187A41C281CCA5E11F50AFB1A894E142FFE
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/b_YYMhF6_JjS-ADuYP_cv8fHI8c.roa
Signing time: Fri 21 Apr 2023 13:58:41 +0000
ROA not before: Fri 21 Apr 2023 13:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50837
IP address blocks: 185.12.4.0/22 maxlen: 24
178.22.64.0/21 maxlen: 24
93.123.82.0/23 maxlen: 24
91.92.71.0/24 maxlen: 24
45.88.24.0/22 maxlen: 24
93.123.14.0/23 maxlen: 24
94.156.200.0/22 maxlen: 24
31.171.240.0/20 maxlen: 24
2a01:9980::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:1c:28:1c:ca:5e:11:f5:0a:fb:1a:89:4e:14:2f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: Apr 21 13:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ff61832117afc98d2f800ee60ffdcbfc7c723c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5e:91:44:21:cb:35:d3:ec:76:66:28:42:24:
03:80:99:27:d2:01:bd:db:d6:a8:72:bc:f6:23:72:
9b:29:98:d3:65:36:3f:e7:0b:1e:50:f7:f0:8c:e0:
cf:c6:25:6a:1a:29:5c:c7:45:7c:e1:1c:f2:d0:92:
94:26:b2:dd:89:29:c2:7a:bc:c2:af:d1:e6:1b:62:
dc:93:52:ec:b6:5f:f6:53:bf:0b:d7:b4:01:17:de:
fb:e1:76:65:fb:75:d3:8a:ee:4b:3b:49:80:c1:10:
ea:7f:83:6d:13:eb:7a:d3:6c:5e:71:34:51:ba:6e:
46:a5:1a:7a:96:ec:7f:a3:40:a7:83:21:1d:b4:53:
61:15:47:c9:1a:7c:64:b3:80:89:22:18:4e:cd:d4:
ae:4b:c7:0b:fb:d5:40:a2:93:f9:ad:3a:97:e4:8d:
61:87:1b:39:44:d4:5f:78:0f:4d:57:e1:26:bc:cd:
3b:4c:b8:18:87:64:10:c9:3c:c1:c8:4c:ba:f0:55:
f0:53:a0:77:b3:14:0a:3f:86:98:ba:bb:c0:2c:7e:
8b:0c:a5:90:4e:8b:cf:14:c4:bd:4d:26:b4:75:53:
3b:c1:dd:39:1d:2f:45:29:2f:e5:76:a9:16:81:23:
2f:30:aa:3b:73:ee:40:76:e0:12:63:c4:da:f0:6e:
fd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F6:18:32:11:7A:FC:98:D2:F8:00:EE:60:FF:DC:BF:C7:C7:23:C7
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/b_YYMhF6_JjS-ADuYP_cv8fHI8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.240.0/20
45.88.24.0/22
91.92.71.0/24
93.123.14.0/23
93.123.82.0/23
94.156.200.0/22
178.22.64.0/21
185.12.4.0/22
IPv6:
2a01:9980::/32
Signature Algorithm: sha256WithRSAEncryption
64:48:d5:cd:07:34:44:9e:8a:a7:47:50:21:8a:4c:83:38:17:
37:33:b4:54:25:d4:86:e8:98:f1:7b:fe:dd:2b:52:d8:ed:c3:
85:70:a8:a5:e2:14:66:2b:d3:4e:64:f1:ec:c9:05:f9:d7:17:
df:8d:82:48:05:fe:33:ba:36:9d:b9:a7:b9:6f:5c:0c:8b:dc:
a3:07:fd:41:a9:81:88:16:89:c8:ce:7b:70:af:2b:0a:4a:df:
9a:a2:14:84:34:11:0c:09:93:8e:7c:31:9f:01:54:b4:64:d3:
c9:8e:69:20:fc:7b:43:2f:2e:49:45:ea:ce:52:3f:5c:e0:44:
95:1b:bc:17:3e:d9:0e:81:fe:16:c1:f4:67:ac:51:47:ff:59:
51:65:89:86:68:40:6b:11:f9:d6:a3:37:6f:77:5d:ba:6a:01:
f4:a7:f1:88:88:d0:52:38:b6:c9:64:57:18:8e:f1:c2:e4:34:
e1:0e:5b:6c:de:1a:8a:86:1d:d4:bb:06:84:5b:41:15:0e:90:
57:00:24:74:92:77:db:a2:74:b7:c0:44:c4:18:d3:27:31:e1:
52:f3:84:b7:f9:73:9f:05:8b:22:5e:cc:e7:c1:e6:76:da:89:
b2:c4:73:a0:85:70:29:92:f4:e5:45:41:ef:aa:83:b4:ce:ea:
7b:1e:f2:b0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYekHCgcyl4R9Qr7GolOFC/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjMwNDIxMTM1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmY2MTgzMjExN2FmYzk4ZDJmODAwZWU2MGZmZGNiZmM3YzcyM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l6RRCHLNdPsdmYoQiQDgJkn0gG9
29aocrz2I3KbKZjTZTY/5wseUPfwjODPxiVqGilcx0V84Rzy0JKUJrLdiSnCerzC
r9HmG2Lck1Lstl/2U78L17QBF9774XZl+3XTiu5LO0mAwRDqf4NtE+t602xecTRR
um5GpRp6lux/o0CngyEdtFNhFUfJGnxks4CJIhhOzdSuS8cL+9VAopP5rTqX5I1h
hxs5RNRfeA9NV+EmvM07TLgYh2QQyTzByEy68FXwU6B3sxQKP4aYurvALH6LDKWQ
TovPFMS9TSa0dVM7wd05HS9FKS/ldqkWgSMvMKo7c+5AduASY8Ta8G79NwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFG/2GDIRevyY0vgA7mD/3L/HxyPHMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvYl9ZWU1oRjZfSmpTLUFEdVlQX2N2OGZISThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEH6vwAwQC
LVgYAwQAW1xHAwQBXXsOAwQBXXtSAwQCXpzIAwQDshZAAwQCuQwEMA0EAgACMAcD
BQAqAZmAMA0GCSqGSIb3DQEBCwUAA4IBAQBkSNXNBzREnoqnR1AhikyDOBc3M7RU
JdSG6Jjxe/7dK1LY7cOFcKil4hRmK9NOZPHsyQX51xffjYJIBf4zujaduae5b1wM
i9yjB/1BqYGIFonIzntwrysKSt+aohSENBEMCZOOfDGfAVS0ZNPJjmkg/HtDLy5J
RerOUj9c4ESVG7wXPtkOgf4WwfRnrFFH/1lRZYmGaEBrEfnWozdvd126agH0p/GI
iNBSOLbJZFcYjvHC5DThDlts3hqKhh3UuwaEW0EVDpBXACR0knfbonS3wETEGNMn
MeFS84S3+XOfBYsiXsznweZ22omyxHOghXApkvTlRUHvqoO0zup7HvKw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:33 2024 by rpki-client on console-ams.rpki-client.org