Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/YLsgoerV_Hw0VCXAqWmmThxmJwc.roa
File: YLsgoerV_Hw0VCXAqWmmThxmJwc.roa (raw, json)
Hash identifier: dN8E8kvPJ0lAPIM4Yoofb7PKnfImk0NyilXwqCskWFE=
Subject key identifier: 60:BB:20:A1:EA:D5:FC:7C:34:54:25:C0:A9:69:A6:4E:1C:66:27:07
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019229FEF944F63C902980A7A7E43787434E
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/YLsgoerV_Hw0VCXAqWmmThxmJwc.roa
Signing time: Wed 25 Sep 2024 16:23:48 +0000
ROA not before: Wed 25 Sep 2024 16:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:3::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Oct 2024 15:51:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:fe:f9:44:f6:3c:90:29:80:a7:a7:e4:37:87:43:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 25 16:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60bb20a1ead5fc7c345425c0a969a64e1c662707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:63:77:ac:c7:7d:87:6d:66:04:a7:a8:a0:
b1:e0:73:32:95:5f:64:9c:e7:a9:ce:f6:08:2b:91:
cd:41:d1:5c:40:e7:71:92:c8:9e:8c:f4:32:77:ca:
0b:64:14:8c:68:47:11:65:ab:b0:f8:88:52:16:e6:
3d:6a:bf:cf:f8:0f:78:d1:b5:cd:c2:1c:93:5d:9c:
d7:b7:7e:10:af:51:07:32:b4:67:6f:c5:79:e3:d9:
75:c1:b7:0e:dc:7c:cf:3c:c6:55:27:be:db:5e:fb:
b0:0e:f5:31:55:a7:d0:33:3d:48:72:d7:31:64:54:
e7:3c:57:70:60:60:41:33:b4:f0:58:39:31:ac:75:
22:70:37:83:57:f2:c5:07:f8:f6:b4:75:d8:f3:17:
1a:a8:d9:ad:9a:a4:c7:ee:6f:05:b2:ac:9d:a4:23:
02:1f:27:91:67:42:c7:e5:94:86:60:68:de:ab:d2:
f0:99:8e:19:48:15:cd:48:3e:cb:c0:bd:07:6d:49:
39:4f:65:a7:fd:ae:6d:f8:cf:c9:ab:47:77:82:1c:
5f:6a:fb:3a:9f:06:ff:93:5a:45:72:94:58:8f:ed:
b4:47:f2:db:e3:b4:4d:50:aa:c5:2f:f2:3f:ba:fe:
09:52:58:0a:42:e8:32:e3:47:5c:b0:13:e3:22:39:
a7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:BB:20:A1:EA:D5:FC:7C:34:54:25:C0:A9:69:A6:4E:1C:66:27:07
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/YLsgoerV_Hw0VCXAqWmmThxmJwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0-46.16.130.255
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.237.0-185.126.239.255
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:3::/48
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/47
Signature Algorithm: sha256WithRSAEncryption
01:80:75:bc:9c:90:e8:3a:31:bd:22:20:95:e6:c6:85:aa:2e:
bb:4c:44:98:79:94:bf:e9:3e:16:9c:e7:ac:ba:2d:fa:d2:f8:
be:d1:e1:68:97:3d:b3:df:81:e6:48:4b:4d:bc:47:08:1c:f2:
88:b7:14:42:f6:01:d6:1f:ce:dd:58:9b:27:0c:93:e2:d2:43:
38:76:51:1b:90:1f:2e:0b:c4:bb:f5:9b:cb:9c:c8:d6:a1:f9:
8a:3d:86:4c:be:e6:70:54:45:e7:50:e6:e2:b2:5f:8c:9d:41:
28:5b:53:3e:bd:81:d4:92:12:f1:85:f1:da:ba:fb:2b:3f:8a:
13:f1:84:5a:4b:cd:21:e2:a6:7b:a9:3f:24:06:17:a1:bd:df:
01:94:89:da:5b:2f:7c:fb:ca:3e:66:ce:ba:9d:9b:2a:5a:af:
7b:50:eb:4c:d1:c5:0e:b2:c3:15:61:ae:00:8a:11:4f:03:c7:
b8:57:96:8c:b9:2f:28:07:dd:91:97:a9:13:90:d3:c6:e1:62:
f8:11:20:db:04:2e:42:21:df:59:96:cf:09:6d:1f:a5:8c:b0:
df:26:11:aa:f9:02:5d:f1:27:30:13:37:80:0e:77:e7:91:16:
3b:fc:08:ea:3d:95:ba:65:27:b6:35:4c:4b:a8:bb:f6:08:3e:
6d:0f:c9:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgISAZIp/vlE9jyQKYCnp+Q3h0NOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwOTI1MTYyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGJiMjBhMWVhZDVmYzdjMzQ1NDI1YzBhOTY5YTY0ZTFjNjYyNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Rjd6zHfYdtZgSnqKCx4HMylV9k
nOepzvYIK5HNQdFcQOdxksiejPQyd8oLZBSMaEcRZauw+IhSFuY9ar/P+A940bXN
whyTXZzXt34Qr1EHMrRnb8V549l1wbcO3HzPPMZVJ77bXvuwDvUxVafQMz1Ictcx
ZFTnPFdwYGBBM7TwWDkxrHUicDeDV/LFB/j2tHXY8xcaqNmtmqTH7m8FsqydpCMC
HyeRZ0LH5ZSGYGjeq9LwmY4ZSBXNSD7LwL0HbUk5T2Wn/a5t+M/Jq0d3ghxfavs6
nwb/k1pFcpRYj+20R/Lb47RNUKrFL/I/uv4JUlgKQugy40dcsBPjIjmnSQIDAQAB
o4IDBDCCAwAwHQYDVR0OBBYEFGC7IKHq1fx8NFQlwKlppk4cZicHMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvWUxzZ29lclZfSHcwVkNYQXFXbW1UaHhtSndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGAYIKwYBBQUHAQcBAf8EggEHMIIBAzBABAIAATA6MAwD
BAcuEIADBAAuEIIDBAFtaJgDBABtaJsDBAKTTgAwDAMEALl+7QMEBLl+4AMEAbnV
FAMEALnVFzCBvgQCAAIwgbcDBwAqEQhAAAMwEgMHASoRCEAABgMHACoRCEAACDAS
AwcEKhEIQAAQAwcAKhEIQAAUMBIDBwAqEQhAABcDBwEqEQhAABgwEgMHBSoRCEAA
IAMHACoRCEAAJgMHACoRCEAAMAMHACoRCEAAMwMHASoRCEAAQDASAwcAKhEIQABH
AwcAKhEIQABIAwcAKhEIQABUAwcAKhEIQABXMBIDBwUqEQhAAGADBwEqEQhAAGgD
BwEqEQhAAHAwDQYJKoZIhvcNAQELBQADggEBAAGAdbyckOg6Mb0iIJXmxoWqLrtM
RJh5lL/pPhac56y6LfrS+L7R4WiXPbPfgeZIS028Rwgc8oi3FEL2AdYfzt1YmycM
k+LSQzh2URuQHy4LxLv1m8ucyNah+Yo9hky+5nBURedQ5uKyX4ydQShbUz69gdSS
EvGF8dq6+ys/ihPxhFpLzSHipnupPyQGF6G93wGUidpbL3z7yj5mzrqdmypar3tQ
60zRxQ6ywxVhrgCKEU8Dx7hXloy5LygH3ZGXqROQ08bhYvgRINsELkIh31mWzwlt
H6WMsN8mEar5Al3xJzATN4AOd+eRFjv8COo9lbplJ7Y1TEuou/YIPm0Pyc4=
-----END CERTIFICATE-----
Generated at Tue Oct 15 20:42:51 2024 by rpki-client on console-ams.rpki-client.org