Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/YUqXZ2H2Se2HALV8yrbQlTRIbhk.roa
File: YUqXZ2H2Se2HALV8yrbQlTRIbhk.roa (raw, json)
Hash identifier: DuNPHTKnt7gvNROLJso6wzCp09eSUM6emMqeHOzt01g=
Subject key identifier: 61:4A:97:67:61:F6:49:ED:87:00:B5:7C:CA:B6:D0:95:34:48:6E:19
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01867439E710084B786FBD7F1ADF68B4580C
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/YUqXZ2H2Se2HALV8yrbQlTRIbhk.roa
Signing time: Tue 21 Feb 2023 13:46:37 +0000
ROA not before: Tue 21 Feb 2023 13:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.160.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
81.91.138.80/28 maxlen: 28
81.91.138.112/28 maxlen: 28
81.91.138.48/28 maxlen: 28
109.162.176.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.80.0/20 maxlen: 20
81.91.138.40/29 maxlen: 29
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
81.91.130.0/23 maxlen: 23
81.91.128.0/20 maxlen: 20
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.128.0/23 maxlen: 23
81.91.128.0/22 maxlen: 22
81.91.128.0/21 maxlen: 21
81.91.138.0/23 maxlen: 23
81.91.134.0/23 maxlen: 23
81.91.136.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.140.0/22 maxlen: 22
81.91.142.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 25 Apr 2023 09:18:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:39:e7:10:08:4b:78:6f:bd:7f:1a:df:68:b4:58:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Feb 21 13:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=614a976761f649ed8700b57ccab6d09534486e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:21:12:1b:78:28:e4:42:71:36:65:0f:12:
2d:cd:25:d0:af:17:0f:3f:69:c0:73:7c:86:f9:d0:
d3:76:70:7d:38:69:95:5f:f1:bd:d4:91:c1:5f:93:
4c:17:9c:52:b1:c9:68:ae:91:fc:f8:12:18:e7:f1:
84:11:56:eb:19:63:f3:30:6e:04:46:08:0e:ec:73:
d5:4a:de:23:f9:4a:f0:9b:97:fb:53:8b:0c:2d:84:
98:6f:d6:de:bf:45:3f:a6:aa:12:23:ab:9d:8b:71:
bf:86:d6:ac:4f:2d:ed:ef:47:e5:0f:1c:3e:a0:cd:
ea:20:5b:00:5d:72:4d:08:28:60:b6:a8:49:4e:4d:
55:85:94:0d:bd:50:ad:66:59:bd:ec:dc:d1:d2:13:
ad:7c:29:87:65:ae:bd:2f:16:fe:51:1c:a1:57:ea:
e2:70:08:da:ab:5b:96:01:61:e0:7c:aa:fc:17:88:
ad:23:b6:7d:31:7d:36:39:59:74:3c:97:4d:60:12:
47:f1:7d:8f:c1:48:9e:23:91:6f:8b:6a:c3:20:f4:
6f:89:0b:d5:37:cb:f3:bf:31:93:9e:44:70:ce:c0:
fb:30:9c:4f:83:e5:e0:f9:b5:2e:b9:74:4e:b3:24:
3d:09:d7:84:be:65:6b:d3:8f:6c:f9:52:0e:34:0e:
45:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4A:97:67:61:F6:49:ED:87:00:B5:7C:CA:B6:D0:95:34:48:6E:19
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/YUqXZ2H2Se2HALV8yrbQlTRIbhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
34:1f:da:97:94:b9:43:c1:0c:7b:d0:42:af:bc:d4:e5:62:87:
49:6d:a4:ed:ef:d0:5b:77:53:82:f8:7d:33:d0:27:0c:86:db:
66:0a:5b:68:4b:28:28:d5:fd:1a:6e:b4:80:be:ca:1a:1c:a1:
cc:e0:94:cb:81:1f:43:2d:54:e3:76:e0:f4:e3:4a:c0:c2:62:
cd:a9:95:b8:41:82:a6:18:e4:08:84:a9:f6:12:36:e0:a0:aa:
4a:e9:46:02:d5:d0:69:86:29:c4:fe:0f:72:27:48:a6:39:d8:
c3:29:72:d3:99:45:83:37:7f:9e:56:00:64:bc:af:40:7d:68:
2c:3b:d0:a1:05:7a:b8:9a:3d:67:06:0f:3b:26:b7:90:7e:55:
f0:cc:fd:d3:33:a6:96:59:a1:56:ee:10:00:b0:37:bd:3d:87:
dc:d7:47:71:d3:ef:a0:59:f9:15:b3:8a:45:c8:1e:81:fa:2e:
1b:59:11:7a:09:0e:f2:d3:7d:f4:87:26:9c:65:83:38:b3:63:
0b:a6:b0:58:66:d7:a2:fd:53:fa:ba:f0:40:6b:53:86:10:ec:
e6:1f:fe:a7:ca:cf:e5:9b:a7:2f:32:5a:0e:57:ed:50:31:f6:
a2:2e:9e:23:38:b4:2f:40:65:ae:b1:f3:15:6b:ee:ad:42:2d:
f3:51:e9:21
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZ0OecQCEt4b71/Gt9otFgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjMwMjIxMTM0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTRhOTc2NzYxZjY0OWVkODcwMGI1N2NjYWI2ZDA5NTM0NDg2ZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6YhEht4KORCcTZlDxItzSXQrxcP
P2nAc3yG+dDTdnB9OGmVX/G91JHBX5NMF5xSsclorpH8+BIY5/GEEVbrGWPzMG4E
RggO7HPVSt4j+Urwm5f7U4sMLYSYb9bev0U/pqoSI6udi3G/htasTy3t70flDxw+
oM3qIFsAXXJNCChgtqhJTk1VhZQNvVCtZlm97NzR0hOtfCmHZa69Lxb+URyhV+ri
cAjaq1uWAWHgfKr8F4itI7Z9MX02OVl0PJdNYBJH8X2PwUieI5Fvi2rDIPRviQvV
N8vzvzGTnkRwzsD7MJxPg+Xg+bUuuXROsyQ9CdeEvmVr049s+VIONA5FTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGFKl2dh9knthwC1fMq20JU0SG4ZMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvWVVxWFoySDJTZTJIQUxWOHlyYlFsVFJJYmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQA0H9qXlLlDwQx70EKvvNTlYodJbaTt79Bbd1OC+H0z0CcMhttmCltoSygo1f0a
brSAvsoaHKHM4JTLgR9DLVTjduD040rAwmLNqZW4QYKmGOQIhKn2EjbgoKpK6UYC
1dBphinE/g9yJ0imOdjDKXLTmUWDN3+eVgBkvK9AfWgsO9ChBXq4mj1nBg87JreQ
flXwzP3TM6aWWaFW7hAAsDe9PYfc10dx0++gWfkVs4pFyB6B+i4bWRF6CQ7y0330
hyacZYM4s2MLprBYZtei/VP6uvBAa1OGEOzmH/6nys/lm6cvMloOV+1QMfaiLp4j
OLQvQGWusfMVa+6tQi3zUekh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org