Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yatlROf1BGErwgejN-0oH7lXRkk.roa
File: yatlROf1BGErwgejN-0oH7lXRkk.roa (raw, json)
Hash identifier: v5r6Uq7Sns43ynplehEiBthT3M63Yozcz7SIBncrqMw=
Subject key identifier: C9:AB:65:44:E7:F5:04:61:2B:C2:07:A3:37:ED:28:1F:B9:57:46:49
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018E0E7D10D18FF15BF3F22DF60207B11222
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yatlROf1BGErwgejN-0oH7lXRkk.roa
Signing time: Tue 05 Mar 2024 12:01:01 +0000
ROA not before: Tue 05 Mar 2024 12:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 16:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:7d:10:d1:8f:f1:5b:f3:f2:2d:f6:02:07:b1:12:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Mar 5 12:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9ab6544e7f504612bc207a337ed281fb9574649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:b4:ad:20:19:65:69:fc:a6:25:01:e0:ed:
8b:ab:28:95:44:3a:76:6c:38:9a:ee:f3:e9:4c:ba:
e0:3c:3b:be:38:18:85:97:07:ef:10:da:cd:ea:c0:
5f:b7:5f:a0:89:a6:4d:40:b4:bd:36:18:38:f3:c8:
2b:97:a3:9e:e2:9a:83:9e:17:fe:e8:18:fb:14:ce:
39:b6:99:14:05:6e:eb:07:17:70:12:fb:74:7c:7a:
dc:ec:6d:2e:f0:cb:a5:46:31:ac:61:9e:e5:ce:13:
42:d6:ea:4b:c3:2c:0a:4e:53:a8:8c:23:f0:c5:27:
f0:b6:85:a4:ab:b1:04:b2:b1:d6:63:15:f5:32:f3:
48:51:13:a4:9d:31:54:ab:ab:17:9d:44:23:f2:ba:
c9:c6:e1:3a:56:38:14:c9:d9:03:66:7d:4b:ba:27:
e7:2b:f2:dd:bb:5d:0f:76:b3:a0:2f:87:66:b0:2f:
67:40:14:e7:e0:d3:2f:3f:f4:95:0c:11:45:30:35:
41:ee:4b:21:cc:c8:f4:b0:78:6c:36:9e:f8:3e:5b:
90:03:74:47:e3:3e:26:52:60:6e:d5:e8:e8:fe:a7:
61:2b:8a:5a:b2:f5:96:29:d5:69:1f:28:d5:cc:04:
4d:07:c7:ce:ad:06:8b:30:6f:81:f6:2d:b3:f4:4b:
8d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AB:65:44:E7:F5:04:61:2B:C2:07:A3:37:ED:28:1F:B9:57:46:49
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/yatlROf1BGErwgejN-0oH7lXRkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/47
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
Signature Algorithm: sha256WithRSAEncryption
81:d5:4a:48:64:7b:74:73:0b:c4:1e:c3:ec:b1:69:a3:25:48:
d6:c1:d5:c5:7f:a1:72:c4:f1:56:62:b6:33:e9:99:3f:b8:8a:
df:79:18:26:1e:a6:9d:68:d8:9e:dc:34:62:e9:9e:07:96:73:
82:c4:fa:34:57:70:6e:f2:64:27:a8:68:fc:b8:a3:33:56:75:
0f:0d:62:a0:e6:ce:24:58:71:63:52:af:5d:44:61:7a:04:f6:
06:01:e8:a4:15:7c:25:55:c5:83:43:31:7e:ba:66:c5:c3:6f:
fb:aa:4e:a2:16:f2:f3:f8:3b:00:3c:88:1d:29:ec:55:db:91:
58:3e:9a:ea:15:91:3e:93:ce:14:ee:45:c2:4f:9f:78:5a:cb:
1a:ba:86:5f:0d:16:cd:9d:80:a6:d6:6f:84:b9:cc:5b:79:94:
e0:5f:70:dc:7f:c3:41:40:b3:55:c0:c7:55:ad:26:1d:5f:74:
54:0b:98:46:73:33:72:68:f9:6a:17:fa:c5:ca:9f:f3:f9:38:
70:40:c0:b0:d7:90:87:17:04:b2:dc:5e:84:9f:f5:01:a3:6f:
73:b4:82:16:a1:82:62:2a:17:2c:c6:26:fd:f1:84:fe:93:09:
66:cb:d7:88:87:4c:1e:dd:ba:c2:a2:61:a0:d8:c3:fb:97:8c:
0f:84:91:6f
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY4OfRDRj/Fb8/It9gIHsRIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMzA1MTIwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFiNjU0NGU3ZjUwNDYxMmJjMjA3YTMzN2VkMjgxZmI5NTc0NjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRC0rSAZZWn8piUB4O2LqyiVRDp2
bDia7vPpTLrgPDu+OBiFlwfvENrN6sBft1+giaZNQLS9Nhg488grl6Oe4pqDnhf+
6Bj7FM45tpkUBW7rBxdwEvt0fHrc7G0u8MulRjGsYZ7lzhNC1upLwywKTlOojCPw
xSfwtoWkq7EEsrHWYxX1MvNIUROknTFUq6sXnUQj8rrJxuE6VjgUydkDZn1Luifn
K/Ldu10PdrOgL4dmsC9nQBTn4NMvP/SVDBFFMDVB7kshzMj0sHhsNp74PluQA3RH
4z4mUmBu1ejo/qdhK4pasvWWKdVpHyjVzARNB8fOrQaLMG+B9i2z9EuNYwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFMmrZUTn9QRhK8IHozftKB+5V0ZJMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEveWF0bFJPZjFCR0Vyd2dlak4tMG9IN2xYUmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTAkBAIAATAeAwQBbWiY
AwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIGYBAIAAjCBkTASAwcBKhEIQAAGAwcA
KhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGAMH
ASoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAwAwcAKhEIQAAzAwcB
KhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQwDQYJKoZIhvcNAQEL
BQADggEBAIHVSkhke3RzC8Qew+yxaaMlSNbB1cV/oXLE8VZitjPpmT+4it95GCYe
pp1o2J7cNGLpngeWc4LE+jRXcG7yZCeoaPy4ozNWdQ8NYqDmziRYcWNSr11EYXoE
9gYB6KQVfCVVxYNDMX66ZsXDb/uqTqIW8vP4OwA8iB0p7FXbkVg+muoVkT6TzhTu
RcJPn3hayxq6hl8NFs2dgKbWb4S5zFt5lOBfcNx/w0FAs1XAx1WtJh1fdFQLmEZz
M3Jo+WoX+sXKn/P5OHBAwLDXkIcXBLLcXoSf9QGjb3O0ghahgmIqFyzGJv3xhP6T
CWbL14iHTB7dusKiYaDYw/uXjA+EkW8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org