Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/YrObWWHGcV_wyiB8fsJj4IvBCdU.roa
File: YrObWWHGcV_wyiB8fsJj4IvBCdU.roa (raw, json)
Hash identifier: wwbId6t095gEC9Ou6lisgZGLMN2+/r92d63GlR0igi8=
Subject key identifier: 62:B3:9B:59:61:C6:71:5F:F0:CA:20:7C:7E:C2:63:E0:8B:C1:09:D5
Certificate issuer: /CN=d476b006351a2f9cf2a91386de50ce27f1550595
Certificate serial: 01856F3015517D445AD27BC4062E20F4FFE5
Authority key identifier: D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/YrObWWHGcV_wyiB8fsJj4IvBCdU.roa
Signing time: Sun 01 Jan 2023 21:15:00 +0000
ROA not before: Sun 01 Jan 2023 21:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8586
IP address blocks: 178.239.96.0/20 maxlen: 24
195.12.0.0/19 maxlen: 24
164.40.208.0/20 maxlen: 24
195.74.128.0/19 maxlen: 24
212.58.32.0/19 maxlen: 24
185.13.140.0/22 maxlen: 24
84.252.192.0/18 maxlen: 24
146.255.0.0/20 maxlen: 24
213.83.64.0/18 maxlen: 24
94.250.224.0/20 maxlen: 24
62.8.96.0/19 maxlen: 24
5.102.80.0/20 maxlen: 24
37.152.32.0/20 maxlen: 24
213.246.128.0/18 maxlen: 24
2001:4160::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:15:51:7d:44:5a:d2:7b:c4:06:2e:20:f4:ff:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d476b006351a2f9cf2a91386de50ce27f1550595
Validity
Not Before: Jan 1 21:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62b39b5961c6715ff0ca207c7ec263e08bc109d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8c:f5:a5:55:1b:3c:ad:77:06:7d:ff:6f:8e:
7a:60:8c:7d:b2:37:cb:79:71:1a:47:6b:94:24:3f:
2c:e4:4e:86:ec:93:52:72:ca:b3:cd:30:c9:8d:22:
84:82:e5:4d:2f:68:f9:b6:dd:d6:cc:5b:c5:2b:f3:
9a:c5:e1:02:1b:50:7d:44:43:c9:05:2a:8b:3e:36:
66:de:8d:bf:50:14:67:9b:ce:73:44:ca:0a:01:83:
69:c6:bb:d6:63:39:20:c8:0e:9e:44:03:66:95:a9:
25:1c:bf:97:b9:57:a7:a3:3a:c7:29:7d:be:44:04:
9c:f4:71:3f:64:9b:27:10:ba:c8:49:59:26:e9:08:
d0:7a:21:4b:87:a1:72:90:df:56:73:76:50:da:22:
cb:d3:40:7d:67:cb:c9:c0:f6:74:40:7c:00:49:91:
e4:9b:db:92:5f:fe:dd:95:ff:02:ab:4c:57:09:a2:
45:4b:ac:f7:c3:8c:1a:bb:67:41:4f:ef:6a:06:f6:
22:75:b6:77:33:61:d0:c8:7f:a3:ba:af:37:e6:24:
d0:61:fe:ac:c6:af:85:d7:23:46:bd:15:08:fe:93:
ef:0f:77:07:5b:b5:a9:3b:84:d0:10:20:36:94:12:
d0:48:3e:28:f2:81:dc:9c:e5:00:a6:77:34:2e:2e:
0d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B3:9B:59:61:C6:71:5F:F0:CA:20:7C:7E:C2:63:E0:8B:C1:09:D5
X509v3 Authority Key Identifier:
keyid:D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/YrObWWHGcV_wyiB8fsJj4IvBCdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.80.0/20
37.152.32.0/20
62.8.96.0/19
84.252.192.0/18
94.250.224.0/20
146.255.0.0/20
164.40.208.0/20
178.239.96.0/20
185.13.140.0/22
195.12.0.0/19
195.74.128.0/19
212.58.32.0/19
213.83.64.0/18
213.246.128.0/18
IPv6:
2001:4160::/32
Signature Algorithm: sha256WithRSAEncryption
48:9a:6a:ac:28:ba:9a:27:ca:87:2d:f1:2e:2c:44:c7:22:d5:
82:31:2e:4e:a1:16:27:55:7e:2b:6d:b0:3b:2a:38:ff:67:ba:
79:d1:6c:aa:12:d3:3a:2b:be:63:9f:ae:bc:9b:77:98:19:3f:
2b:45:62:9e:de:08:8d:a2:6e:be:79:ac:74:89:ca:71:60:c3:
a9:01:ac:6a:c3:67:bb:5a:7f:e4:20:b3:d4:1f:c9:fa:16:38:
34:2c:8a:b6:3a:19:67:66:31:c3:e8:d3:b3:2b:f7:d3:ca:f2:
8a:74:da:7d:17:1a:f5:57:1e:ff:0d:d0:f4:2c:43:0d:32:98:
9c:8f:e4:17:36:c8:b7:bc:8b:84:d0:a1:0a:8f:78:7b:8a:07:
cf:37:d2:93:04:3f:08:ea:4a:64:25:25:06:96:92:48:2e:eb:
39:4b:51:5d:ac:4e:db:b3:b5:a0:d2:b1:b2:f7:40:ae:7b:cc:
82:53:ad:1b:ca:ae:f7:e9:ad:70:f5:d4:36:fd:d2:76:42:24:
89:80:b6:fb:45:f9:f2:d9:8f:44:90:ec:26:f3:0e:8f:64:6c:
74:61:fc:67:99:66:46:77:b4:36:bf:6a:b2:4e:0d:22:2b:e2:
a6:b8:28:77:9f:c1:eb:af:34:80:27:e0:a8:63:ac:0c:d3:3f:
e3:24:a8:d6
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYVvMBVRfURa0nvEBi4g9P/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzZiMDA2MzUxYTJmOWNmMmE5MTM4NmRlNTBjZTI3ZjE1
NTA1OTUwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIzOWI1OTYxYzY3MTVmZjBjYTIwN2M3ZWMyNjNlMDhiYzEwOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Yz1pVUbPK13Bn3/b456YIx9sjfL
eXEaR2uUJD8s5E6G7JNScsqzzTDJjSKEguVNL2j5tt3WzFvFK/OaxeECG1B9REPJ
BSqLPjZm3o2/UBRnm85zRMoKAYNpxrvWYzkgyA6eRANmlaklHL+XuVenozrHKX2+
RASc9HE/ZJsnELrISVkm6QjQeiFLh6FykN9Wc3ZQ2iLL00B9Z8vJwPZ0QHwASZHk
m9uSX/7dlf8Cq0xXCaJFS6z3w4wau2dBT+9qBvYidbZ3M2HQyH+juq835iTQYf6s
xq+F1yNGvRUI/pPvD3cHW7WpO4TQECA2lBLQSD4o8oHcnOUApnc0Li4N+QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFGKzm1lhxnFf8MogfH7CY+CLwQnVMB8GA1UdIwQY
MBaAFNR2sAY1Gi+c8qkTht5QzifxVQWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEt
NDRjMDdmMzE0OTA0LzEvWXJPYldXSEdjVl93eWlCOGZzSmo0SXZCQ2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEtNDRjMDdmMzE0OTA0
LzEvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBWZQAwQE
JZggAwQFPghgAwQGVPzAAwQEXvrgAwQEkv8AAwQEpCjQAwQEsu9gAwQCuQ2MAwQF
wwwAAwQFw0qAAwQF1DogAwQG1VNAAwQG1faAMA0EAgACMAcDBQAgAUFgMA0GCSqG
SIb3DQEBCwUAA4IBAQBImmqsKLqaJ8qHLfEuLETHItWCMS5OoRYnVX4rbbA7Kjj/
Z7p50WyqEtM6K75jn668m3eYGT8rRWKe3giNom6+eax0icpxYMOpAaxqw2e7Wn/k
ILPUH8n6Fjg0LIq2OhlnZjHD6NOzK/fTyvKKdNp9Fxr1Vx7/DdD0LEMNMpicj+QX
Nsi3vIuE0KEKj3h7igfPN9KTBD8I6kpkJSUGlpJILus5S1FdrE7bs7Wg0rGy90Cu
e8yCU60byq736a1w9dQ2/dJ2QiSJgLb7Rfny2Y9EkOwm8w6PZGx0YfxnmWZGd7Q2
v2qyTg0iK+KmuCh3n8HrrzSAJ+CoY6wM0z/jJKjW
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:50 2024 by rpki-client on console-ams.rpki-client.org