Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yJpyQgPjCWZjKFCsl2Ux3gXAYJc.roa
File: yJpyQgPjCWZjKFCsl2Ux3gXAYJc.roa (raw, json)
Hash identifier: nuTvUD92GKmlA05WyXU4byEHgjKf/VvcO/se8REolu8=
Subject key identifier: C8:9A:72:42:03:E3:09:66:63:28:50:AC:97:65:31:DE:05:C0:60:97
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019094A29DA1579B2107DF67A69B1B9D3E68
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yJpyQgPjCWZjKFCsl2Ux3gXAYJc.roa
Signing time: Mon 08 Jul 2024 23:16:43 +0000
ROA not before: Mon 08 Jul 2024 23:16:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Aug 2024 21:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:94:a2:9d:a1:57:9b:21:07:df:67:a6:9b:1b:9d:3e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jul 8 23:16:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c89a724203e30966632850ac976531de05c06097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:97:0d:af:3d:bb:7c:ed:c9:3c:af:2e:15:61:
1c:a4:b6:2e:26:78:ae:26:fd:16:b6:f9:d3:60:0c:
95:92:ce:09:2a:b4:96:04:9c:f8:ff:db:bb:a8:0d:
a3:46:3f:e4:1c:52:f1:01:31:c7:b4:2d:d6:c8:4c:
4c:e2:ea:45:fd:3f:99:4d:1f:b1:26:d6:13:1c:01:
34:3f:dc:ff:8b:9d:65:5f:d3:d9:45:8b:32:84:26:
61:11:05:f1:77:b1:c3:cf:8f:b7:be:e7:5d:87:64:
96:fe:32:bb:39:9a:d4:55:8d:30:ef:cd:6a:20:08:
04:b6:31:99:26:50:0b:6f:5c:6c:f6:23:1d:90:c8:
fc:84:ef:83:bb:d5:df:c8:40:38:fa:20:c6:a2:e8:
e3:6d:7b:a2:59:73:13:30:ca:0c:7e:72:fc:0b:b8:
31:70:9a:8f:fe:ae:77:8f:c0:fa:63:30:a1:6f:1c:
fe:84:35:e2:e1:0e:f0:2a:cc:3d:a3:4a:73:c7:15:
50:7e:dc:11:27:a5:d3:dc:3c:0a:d8:1e:65:73:0a:
f9:54:c9:2d:82:fd:39:dc:1f:9a:28:52:b4:38:ab:
89:1f:44:16:ec:68:b3:ef:96:16:95:2a:73:5b:87:
bd:8a:a0:51:45:a7:89:57:e2:b3:b5:4e:4e:43:97:
f5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9A:72:42:03:E3:09:66:63:28:50:AC:97:65:31:DE:05:C0:60:97
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yJpyQgPjCWZjKFCsl2Ux3gXAYJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/24
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:22:ffff:ffff:ffff:ffff:ffff
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:68:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:7a:19:66:af:a7:33:a6:de:ad:72:b4:70:aa:c8:23:70:01:
26:84:a6:ef:f1:97:d4:52:3d:09:1a:9f:78:41:4d:c6:98:ad:
f0:72:c7:ed:5c:4f:a2:3c:f7:94:1d:d1:82:a4:6b:eb:ac:0e:
c7:00:2e:44:61:7b:a1:65:bc:1e:5a:5c:85:7d:64:57:b1:65:
01:5e:b7:76:38:a3:6c:1e:c6:ee:1e:73:71:cc:d3:a9:6c:9f:
fd:bd:93:b7:e1:13:3e:ea:25:31:5f:b8:d1:79:cc:93:bf:c6:
bd:cf:11:d3:6c:d1:a0:fd:22:7d:e6:ce:d2:74:36:c9:39:32:
a1:4d:32:ed:40:78:90:34:b1:42:cf:3e:b1:23:cf:ac:da:57:
fd:37:00:92:f2:01:16:96:22:2a:56:c4:11:ef:04:ae:c0:a5:
22:bf:d0:ad:9b:1d:2f:2e:85:9f:c1:34:d1:ff:c7:14:24:8d:
f2:9e:c3:64:a7:7d:de:df:bf:a2:7e:82:25:86:2f:2c:4f:e5:
8e:ba:9b:51:21:af:a2:f0:63:3c:ed:c1:3f:4b:9b:f6:98:48:
12:72:06:b8:a1:46:55:d5:58:da:8a:ae:72:e3:4d:8a:b2:c8:
77:e4:dc:25:ab:9e:ed:9c:ae:70:58:43:41:14:af:e1:6a:7d:
3f:c6:f8:1c
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZCUop2hV5shB99nppsbnT5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwNzA4MjMxNjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODlhNzI0MjAzZTMwOTY2NjMyODUwYWM5NzY1MzFkZTA1YzA2MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZcNrz27fO3JPK8uFWEcpLYuJniu
Jv0WtvnTYAyVks4JKrSWBJz4/9u7qA2jRj/kHFLxATHHtC3WyExM4upF/T+ZTR+x
JtYTHAE0P9z/i51lX9PZRYsyhCZhEQXxd7HDz4+3vuddh2SW/jK7OZrUVY0w781q
IAgEtjGZJlALb1xs9iMdkMj8hO+Du9XfyEA4+iDGoujjbXuiWXMTMMoMfnL8C7gx
cJqP/q53j8D6YzChbxz+hDXi4Q7wKsw9o0pzxxVQftwRJ6XT3DwK2B5lcwr5VMkt
gv053B+aKFK0OKuJH0QW7Giz75YWlSpzW4e9iqBRRaeJV+KztU5OQ5f1DQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFMiackID4wlmYyhQrJdlMd4FwGCXMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEveUpweVFnUGpDV1pqS0ZDc2wyVXgzZ1hBWUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jAqBAIAATAkAwQALhCA
AwQBbWiYAwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIG3BAIAAjCBsDASAwcBKhEI
QAAGAwcAKhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoR
CEAAGDASAwcFKhEIQAAgAwcAKhEIQAAiMBIDBwIqEQhAACQDBwAqEQhAACYDBwAq
EQhAADADBwAqEQhAADMDBwEqEQhAAEAwEgMHACoRCEAARwMHACoRCEAASAMHACoR
CEAAVDASAwcFKhEIQABgAwcAKhEIQABoMA0GCSqGSIb3DQEBCwUAA4IBAQCKehlm
r6czpt6tcrRwqsgjcAEmhKbv8ZfUUj0JGp94QU3GmK3wcsftXE+iPPeUHdGCpGvr
rA7HAC5EYXuhZbweWlyFfWRXsWUBXrd2OKNsHsbuHnNxzNOpbJ/9vZO34RM+6iUx
X7jRecyTv8a9zxHTbNGg/SJ95s7SdDbJOTKhTTLtQHiQNLFCzz6xI8+s2lf9NwCS
8gEWliIqVsQR7wSuwKUiv9Ctmx0vLoWfwTTR/8cUJI3ynsNkp33e37+ifoIlhi8s
T+WOuptRIa+i8GM87cE/S5v2mEgScga4oUZV1Vjaiq5y402Kssh35Nwlq57tnK5w
WENBFK/han0/xvgc
-----END CERTIFICATE-----
Generated at Tue Aug 20 01:15:46 2024 by rpki-client on console-fra.rpki-client.org