Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/yXLLjSmz9Nn6YLNijplAfaBRKhg.roa
File: yXLLjSmz9Nn6YLNijplAfaBRKhg.roa (raw, json)
Hash identifier: 0P/d6N0jlQ6DKV6Xs2Z86avpimWN9iCdSGnPq0giaa8=
Subject key identifier: C9:72:CB:8D:29:B3:F4:D9:FA:60:B3:62:8E:99:40:7D:A0:51:2A:18
Certificate issuer: /CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Certificate serial: 0189F836CEB6519184DAAF67A0319DB7E4FB
Authority key identifier: E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/yXLLjSmz9Nn6YLNijplAfaBRKhg.roa
Signing time: Tue 15 Aug 2023 08:01:28 +0000
ROA not before: Tue 15 Aug 2023 08:01:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211251
IP address blocks: 213.171.64.0/23 maxlen: 23
213.171.66.0/24 maxlen: 24
213.171.66.0/23 maxlen: 23
213.171.67.0/24 maxlen: 24
213.171.68.0/23 maxlen: 23
213.171.72.0/24 maxlen: 24
213.171.72.0/23 maxlen: 23
213.171.74.0/24 maxlen: 24
213.171.75.0/24 maxlen: 24
79.98.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:36:ce:b6:51:91:84:da:af:67:a0:31:9d:b7:e4:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Validity
Not Before: Aug 15 08:01:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c972cb8d29b3f4d9fa60b3628e99407da0512a18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0c:8a:ad:54:96:10:86:8d:7c:1f:67:f1:a0:
82:48:fa:46:44:7c:6e:f1:1c:e8:55:d2:a7:f9:78:
bb:8f:ee:05:77:8f:1d:5e:54:fd:1d:84:29:46:70:
f5:53:76:ec:e4:91:85:10:92:04:53:b9:2b:09:aa:
80:31:5b:a8:f2:f3:b0:ee:2d:ea:dd:98:b0:d0:57:
2f:60:ea:b9:07:74:f7:75:a8:9d:82:bf:b7:6e:c5:
9e:49:a7:d5:0f:02:1e:40:dd:11:7d:a6:3d:30:8b:
7c:c8:c6:40:90:3c:37:dc:52:32:45:32:ad:1d:70:
ca:0d:d6:7a:dd:ce:fa:1d:08:1a:f1:2e:f2:19:0d:
ce:af:3d:e4:f6:74:3f:c7:dc:90:22:56:5b:98:74:
10:7c:b9:b8:9d:2e:c8:92:80:8b:35:f7:03:b7:32:
73:fc:fb:44:54:af:fe:46:b3:14:cf:79:11:45:18:
bd:f7:8e:54:b4:b4:f3:e9:90:1b:39:8a:19:23:53:
be:4f:97:f5:1d:ab:df:1a:bb:65:5f:9a:73:77:c3:
dd:bb:0b:0f:b7:c6:ee:93:05:ce:49:d9:c3:d7:73:
ce:54:c0:b3:9f:74:9c:fe:16:dd:85:fa:36:ac:35:
90:1a:7a:e0:22:01:74:4d:c4:89:56:4a:21:00:65:
00:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:72:CB:8D:29:B3:F4:D9:FA:60:B3:62:8E:99:40:7D:A0:51:2A:18
X509v3 Authority Key Identifier:
keyid:E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/yXLLjSmz9Nn6YLNijplAfaBRKhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.176.0/22
213.171.64.0-213.171.69.255
213.171.72.0/22
Signature Algorithm: sha256WithRSAEncryption
60:9f:a9:9b:f3:1d:ec:33:96:38:e0:b1:da:20:49:30:0d:aa:
16:31:95:91:9f:b1:f1:0d:62:a8:a4:bd:e9:9c:7a:1d:e3:80:
08:7e:3b:d9:32:3d:0f:1d:18:14:53:9a:3b:2d:56:c2:09:9e:
e9:d3:60:5d:96:a6:5b:ae:e5:c7:7c:8f:7e:a5:23:6a:de:28:
92:27:f4:f2:44:3b:82:eb:3c:ee:f6:89:e8:d0:2d:52:63:ea:
a0:15:c2:14:b9:41:39:99:df:ec:d7:9b:75:85:d9:44:bd:8f:
21:0f:25:aa:48:1c:7b:29:f8:7a:f8:23:14:b5:7c:4d:a2:a6:
93:d1:17:b6:e1:d2:e2:96:0b:12:25:44:75:2c:13:73:88:d6:
79:26:e3:67:f1:ea:e0:e6:26:42:10:53:96:29:ea:44:92:68:
f1:5e:7f:1a:81:34:2b:eb:29:a2:d9:34:fb:b2:e0:6c:ba:d9:
3a:79:e1:a3:39:7b:91:16:62:dd:1e:27:68:d1:d7:b4:61:cc:
27:90:15:4d:cb:30:2f:1f:ae:9a:7b:81:07:99:1e:96:4d:a3:
08:a5:da:d6:c6:1e:00:b1:c2:c1:85:b6:91:54:10:ab:9d:8e:
bc:40:2c:08:15:06:51:2b:cf:9f:19:03:1c:a2:a1:d0:c8:1f:
26:18:a9:50
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYn4Ns62UZGE2q9noDGdt+T7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OTg0ZjhmMzZlYmY5ZjhmNTRjMTIxNzRmNDYzNjY0ZDdi
MjNhZWUwHhcNMjMwODE1MDgwMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTcyY2I4ZDI5YjNmNGQ5ZmE2MGIzNjI4ZTk5NDA3ZGEwNTEyYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwyKrVSWEIaNfB9n8aCCSPpGRHxu
8RzoVdKn+Xi7j+4Fd48dXlT9HYQpRnD1U3bs5JGFEJIEU7krCaqAMVuo8vOw7i3q
3Ziw0FcvYOq5B3T3daidgr+3bsWeSafVDwIeQN0RfaY9MIt8yMZAkDw33FIyRTKt
HXDKDdZ63c76HQga8S7yGQ3Orz3k9nQ/x9yQIlZbmHQQfLm4nS7IkoCLNfcDtzJz
/PtEVK/+RrMUz3kRRRi9945UtLTz6ZAbOYoZI1O+T5f1HavfGrtlX5pzd8PduwsP
t8bukwXOSdnD13POVMCzn3Sc/hbdhfo2rDWQGnrgIgF0TcSJVkohAGUATQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMlyy40ps/TZ+mCzYo6ZQH2gUSoYMB8GA1UdIwQY
MBaAFOSYT4826/n49UwSF09GNmTXsjruMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgt
ZGU3YmUxZTVjNzc2LzEveVhMTGpTbXo5Tm42WUxOaWpwbEFmYUJSS2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgtZGU3YmUxZTVjNzc2
LzEvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCT2KwMAwD
BAbVq0ADBAHVq0QDBALVq0gwDQYJKoZIhvcNAQELBQADggEBAGCfqZvzHewzljjg
sdogSTANqhYxlZGfsfENYqikvemceh3jgAh+O9kyPQ8dGBRTmjstVsIJnunTYF2W
pluu5cd8j36lI2reKJIn9PJEO4LrPO72iejQLVJj6qAVwhS5QTmZ3+zXm3WF2US9
jyEPJapIHHsp+Hr4IxS1fE2ippPRF7bh0uKWCxIlRHUsE3OI1nkm42fx6uDmJkIQ
U5Yp6kSSaPFefxqBNCvrKaLZNPuy4Gy62Tp54aM5e5EWYt0eJ2jR17RhzCeQFU3L
MC8frpp7gQeZHpZNowil2tbGHgCxwsGFtpFUEKudjrxALAgVBlErz58ZAxyiodDI
HyYYqVA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:36 2024 by rpki-client on console-fra.rpki-client.org