Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/yBJOFOf5lNc_yIHnBbtbGaIhtTM.roa
File: yBJOFOf5lNc_yIHnBbtbGaIhtTM.roa (raw, json)
Hash identifier: o6Jfw/0eN+pPb3UX8k8VNCVEWWG713TfNDixDwLxINU=
Subject key identifier: C8:12:4E:14:E7:F9:94:D7:3F:C8:81:E7:05:BB:5B:19:A2:21:B5:33
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 018CC9BA81428A5CC4FD10B1F3ECE9BB9696
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/yBJOFOf5lNc_yIHnBbtbGaIhtTM.roa
Signing time: Tue 02 Jan 2024 10:31:32 +0000
ROA not before: Tue 02 Jan 2024 10:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62212
IP address blocks: 87.236.146.0/24 maxlen: 24
91.199.137.0/24 maxlen: 24
188.127.247.0/24 maxlen: 24
91.199.147.0/24 maxlen: 24
91.199.154.0/24 maxlen: 24
91.199.160.0/24 maxlen: 24
2a11:3b80::/29 maxlen: 48
2a11:3b80::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Apr 2024 12:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:81:42:8a:5c:c4:fd:10:b1:f3:ec:e9:bb:96:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Jan 2 10:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8124e14e7f994d73fc881e705bb5b19a221b533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:29:0c:a4:21:67:5e:9c:63:44:ae:f4:6e:3e:
a7:c6:6a:d6:0e:92:f9:81:45:7e:09:0a:64:47:c2:
32:3a:bf:4e:1c:e7:97:28:5a:e9:a3:93:15:a1:91:
a7:93:07:94:c0:95:e1:45:fe:5e:0e:c1:8a:3c:b1:
c3:94:87:d5:87:ab:50:45:35:8b:78:44:df:da:dd:
d6:57:6c:d8:3e:da:7b:5c:88:9f:06:3a:22:74:85:
fb:f0:dc:03:d1:34:ed:04:e1:83:94:c4:c2:10:05:
39:2b:67:17:92:8f:a2:52:80:15:13:99:89:ad:f9:
0a:de:d0:7e:43:b2:57:6d:f9:34:e8:55:83:b5:16:
d2:54:ce:b5:e5:08:c7:6d:2c:6e:e7:bf:45:a9:d8:
e6:7d:3d:5f:45:82:47:a6:46:d4:b1:12:1a:30:58:
ac:19:46:8b:6c:c7:bc:93:10:1a:40:6f:38:d7:5d:
5b:d0:64:c6:96:8b:6c:0e:43:b1:6a:fb:39:06:e7:
f5:c5:95:f3:9e:59:c1:ad:56:a9:0b:b6:e6:69:83:
69:c6:7b:78:d9:bf:d9:fe:17:b2:cc:8c:30:83:ff:
84:64:01:d4:20:59:59:39:65:07:bd:3e:cb:8d:dd:
a0:ee:22:87:ee:b2:6c:cb:59:1d:cd:77:44:7b:3e:
e5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:12:4E:14:E7:F9:94:D7:3F:C8:81:E7:05:BB:5B:19:A2:21:B5:33
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/yBJOFOf5lNc_yIHnBbtbGaIhtTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.146.0/24
91.199.137.0/24
91.199.147.0/24
91.199.154.0/24
91.199.160.0/24
188.127.247.0/24
IPv6:
2a11:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
25:10:ea:a7:96:e5:67:07:cb:ab:af:c2:60:e6:16:22:9b:23:
8f:a9:17:6e:9d:de:cf:e3:62:80:13:6c:5c:2c:38:03:7b:32:
c7:21:44:bb:23:1d:ad:c0:f0:ce:af:fc:d4:b2:22:78:e9:70:
79:8d:ef:ee:60:2f:fd:74:b8:39:8f:c0:7c:69:22:c9:24:58:
8c:12:e4:f4:ab:81:7e:28:a8:7d:74:1b:d0:22:57:a5:a4:30:
5e:7b:f0:a1:97:09:72:7c:04:8b:95:fc:43:64:b2:5f:20:49:
8f:83:e1:4b:be:15:2a:87:88:01:f9:fa:e1:55:69:71:a2:d7:
b6:74:1b:48:c2:d0:b8:fd:d6:6b:0a:67:22:8a:49:46:d7:3f:
96:a7:a4:4a:cc:4b:03:dc:5d:d2:d5:49:c6:1c:69:4f:3d:d9:
c6:fc:e7:37:2d:f4:12:7c:fb:36:a0:2a:d1:bb:11:03:10:be:
fd:bc:ac:48:c7:90:7e:16:69:98:e6:1d:59:9e:13:3b:06:85:
fb:81:0e:0d:9e:82:92:42:04:6a:07:31:0a:20:0c:02:86:e0:
4b:d9:b8:05:c8:c4:c6:ad:ad:e7:7e:48:48:c2:30:b3:e0:61:
8e:b3:8c:79:db:d9:cc:a4:b1:4d:24:16:3f:1f:18:5d:e3:14:
0a:f2:6a:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJuoFCilzE/RCx8+zpu5aWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi
MzJjZjIwHhcNMjQwMTAyMTAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODEyNGUxNGU3Zjk5NGQ3M2ZjODgxZTcwNWJiNWIxOWEyMjFiNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCkMpCFnXpxjRK70bj6nxmrWDpL5
gUV+CQpkR8IyOr9OHOeXKFrpo5MVoZGnkweUwJXhRf5eDsGKPLHDlIfVh6tQRTWL
eETf2t3WV2zYPtp7XIifBjoidIX78NwD0TTtBOGDlMTCEAU5K2cXko+iUoAVE5mJ
rfkK3tB+Q7JXbfk06FWDtRbSVM615QjHbSxu579FqdjmfT1fRYJHpkbUsRIaMFis
GUaLbMe8kxAaQG84111b0GTGlotsDkOxavs5Buf1xZXznlnBrVapC7bmaYNpxnt4
2b/Z/heyzIwwg/+EZAHUIFlZOWUHvT7Ljd2g7iKH7rJsy1kdzXdEez7lGwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMgSThTn+ZTXP8iB5wW7WxmiIbUzMB8GA1UdIwQY
MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt
YmU0MzRjYjlmOGY4LzEveUJKT0ZPZjVsTmNfeUlIbkJidGJHYUlodFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4
LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAV+ySAwQA
W8eJAwQAW8eTAwQAW8eaAwQAW8egAwQAvH/3MA0EAgACMAcDBQMqETuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAlEOqnluVnB8urr8Jg5hYimyOPqRdund7P42KAE2xcLDgD
ezLHIUS7Ix2twPDOr/zUsiJ46XB5je/uYC/9dLg5j8B8aSLJJFiMEuT0q4F+KKh9
dBvQIlelpDBee/ChlwlyfASLlfxDZLJfIEmPg+FLvhUqh4gB+frhVWlxote2dBtI
wtC4/dZrCmciiklG1z+Wp6RKzEsD3F3S1UnGHGlPPdnG/Oc3LfQSfPs2oCrRuxED
EL79vKxIx5B+FmmY5h1ZnhM7BoX7gQ4NnoKSQgRqBzEKIAwChuBL2bgFyMTGra3n
fkhIwjCz4GGOs4x529nMpLFNJBY/Hxhd4xQK8mrE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:35 2024 by rpki-client on console-fra.rpki-client.org