Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Ybchh915Bg8_mKF8h9KT8A-7w18.roa
File: Ybchh915Bg8_mKF8h9KT8A-7w18.roa (raw, json)
Hash identifier: Hhb41tECwwWmOhnYL+tI4kUd3c3CB0EfmsgscOS6gik=
Subject key identifier: 61:B7:21:87:DD:79:06:0F:3F:98:A1:7C:87:D2:93:F0:0F:BB:C3:5F
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CEA607C1BE23BABE3F52D3938A1A9E681
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Ybchh915Bg8_mKF8h9KT8A-7w18.roa
Signing time: Mon 08 Jan 2024 18:40:40 +0000
ROA not before: Mon 08 Jan 2024 18:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 17:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:60:7c:1b:e2:3b:ab:e3:f5:2d:39:38:a1:a9:e6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 8 18:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61b72187dd79060f3f98a17c87d293f00fbbc35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f3:02:00:ee:fd:a9:8e:95:c2:ab:8f:1d:71:
5f:ed:32:18:c9:2b:8b:94:18:f6:41:3f:1b:8e:8f:
cb:01:72:f3:dd:d2:07:82:75:c7:a6:52:87:7c:4a:
dc:35:a2:96:47:b1:dc:86:6a:54:f7:ae:d8:2d:41:
5e:c7:cf:e9:79:c3:8e:30:21:f6:35:ef:36:7d:e3:
a5:f1:de:0a:10:d2:ea:16:87:bc:31:1d:6e:e3:af:
bd:72:3b:2f:15:9e:d6:26:78:51:bb:78:e0:dc:fe:
16:00:02:fc:1a:c0:fe:ea:ea:37:cf:af:b1:0c:54:
53:cc:b3:80:5f:7c:2b:69:40:08:fc:e1:65:c7:98:
60:df:7e:8b:01:43:8c:4d:22:bb:11:ee:91:ea:67:
0c:d7:b4:27:09:ff:ba:31:d3:b8:26:a1:4b:25:44:
e5:39:63:95:05:d1:b1:ab:31:0c:06:bd:91:67:75:
ff:c5:a2:ab:e7:e5:25:c1:ed:f1:66:e1:49:57:e8:
90:9a:8d:c9:0b:de:94:c8:e5:ba:9a:64:bb:f0:38:
bb:22:bc:ae:b4:a6:24:c4:be:13:cd:93:0e:ae:95:
18:93:8d:de:89:32:78:9a:ea:c4:ec:cb:59:7b:0b:
b3:9b:a6:d1:6a:ef:e1:05:aa:3f:60:e3:ec:95:f6:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B7:21:87:DD:79:06:0F:3F:98:A1:7C:87:D2:93:F0:0F:BB:C3:5F
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Ybchh915Bg8_mKF8h9KT8A-7w18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/23
147.78.3.0/24
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/48
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::/48
2a11:840:54::/48
Signature Algorithm: sha256WithRSAEncryption
84:5f:fb:ec:47:c9:50:f9:2a:cc:33:97:1e:06:0d:c1:b4:35:
8c:83:3d:ea:4c:b5:d0:af:9b:99:1f:d6:33:96:1e:0c:b1:bd:
49:9e:00:97:68:a2:68:7f:00:2f:4c:42:04:9b:86:2a:f9:bb:
55:9e:07:55:70:0e:38:d4:48:ab:37:86:a4:62:ff:46:4d:e1:
3e:6d:76:1c:06:c9:15:0b:2c:d7:51:e2:82:b5:45:37:d2:0a:
47:c2:73:f4:8e:23:26:24:2e:8b:48:a3:50:ed:be:b6:6a:43:
af:6e:e0:2a:a6:c3:82:40:63:09:57:44:d5:12:f7:bb:06:0b:
21:5a:f0:5b:3e:53:ba:0c:bb:30:a5:1a:35:4a:18:a4:7f:83:
b1:9d:37:e1:e1:88:97:44:cc:b2:7c:0b:a7:61:c1:83:b0:51:
34:4f:6b:4b:64:22:07:f7:1e:12:7f:dc:c5:67:f3:d9:d7:4f:
b9:71:06:5c:90:c2:f3:87:d5:70:03:b2:54:af:5f:d8:9a:35:
20:c1:93:9c:f8:67:a6:e4:a3:18:42:34:5d:c4:fb:4c:46:c7:
da:91:c3:ed:2a:17:be:4d:b6:75:59:52:3e:4d:57:1c:78:f5:
61:48:d7:af:d5:e9:d2:82:95:be:8c:8e:02:07:e2:69:24:06:
2b:c3:57:1e
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzqYHwb4jur4/UtOTihqeaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTA4MTg0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI3MjE4N2RkNzkwNjBmM2Y5OGExN2M4N2QyOTNmMDBmYmJjMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPMCAO79qY6VwquPHXFf7TIYySuL
lBj2QT8bjo/LAXLz3dIHgnXHplKHfErcNaKWR7HchmpU967YLUFex8/pecOOMCH2
Ne82feOl8d4KENLqFoe8MR1u46+9cjsvFZ7WJnhRu3jg3P4WAAL8GsD+6uo3z6+x
DFRTzLOAX3wraUAI/OFlx5hg336LAUOMTSK7Ee6R6mcM17QnCf+6MdO4JqFLJUTl
OWOVBdGxqzEMBr2RZ3X/xaKr5+Ulwe3xZuFJV+iQmo3JC96UyOW6mmS78Di7Iryu
tKYkxL4TzZMOrpUYk43eiTJ4murE7MtZewuzm6bRau/hBao/YOPslfa/0wIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFGG3IYfdeQYPP5ihfIfSk/APu8NfMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvWWJjaGg5MTVCZzhfbUtGOGg5S1Q4QS03dzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjAqBAIAATAkAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQBuX7uAwQAudUXMIGDBAIAAjB9MBIDBwEqEQhA
AAYDBwAqEQhAAAgwEgMHBCoRCEAAEAMHACoRCEAAFDASAwcAKhEIQAAXAwcBKhEI
QAAYAwcAKhEIQAAgMBIDBwIqEQhAACQDBwAqEQhAACYDBwAqEQhAADMDBwEqEQhA
AEADBwAqEQhAAEcDBwAqEQhAAFQwDQYJKoZIhvcNAQELBQADggEBAIRf++xHyVD5
Kswzlx4GDcG0NYyDPepMtdCvm5kf1jOWHgyxvUmeAJdoomh/AC9MQgSbhir5u1We
B1VwDjjUSKs3hqRi/0ZN4T5tdhwGyRULLNdR4oK1RTfSCkfCc/SOIyYkLotIo1Dt
vrZqQ69u4Cqmw4JAYwlXRNUS97sGCyFa8Fs+U7oMuzClGjVKGKR/g7GdN+HhiJdE
zLJ8C6dhwYOwUTRPa0tkIgf3HhJ/3MVn89nXT7lxBlyQwvOH1XADslSvX9iaNSDB
k5z4Z6bkoxhCNF3E+0xGx9qRw+0qF75NtnVZUj5NVxx49WFI16/V6dKClb6MjgIH
4mkkBivDVx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org