Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/YHYRe8azKuuk7mT_OpKOE7QW2DQ.roa
File: YHYRe8azKuuk7mT_OpKOE7QW2DQ.roa (raw, json)
Hash identifier: VQmt828Buq1gQizfGukXzzW6qLeSn0zVA3ymkp2X2T4=
Subject key identifier: 60:76:11:7B:C6:B3:2A:EB:A4:EE:64:FF:3A:92:8E:13:B4:16:D8:34
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0188F540104A72D9B7474CB949BDA9888E75
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/YHYRe8azKuuk7mT_OpKOE7QW2DQ.roa
Signing time: Mon 26 Jun 2023 01:09:56 +0000
ROA not before: Mon 26 Jun 2023 01:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 107.161.166.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jul 2023 00:08:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f5:40:10:4a:72:d9:b7:47:4c:b9:49:bd:a9:88:8e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jun 26 01:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6076117bc6b32aeba4ee64ff3a928e13b416d834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f5:13:45:71:b6:c1:b4:c8:53:e5:7f:3d:50:
4a:25:8f:6d:06:71:c0:ef:c5:34:63:4b:e0:c7:d6:
2a:ef:a8:c3:32:16:db:ef:c6:61:37:0b:d7:76:0e:
c8:ea:1a:5f:fd:6a:0a:c5:69:76:02:ec:47:fb:a6:
82:43:ee:0a:bb:67:4a:6d:6a:6a:0d:3a:f0:39:81:
5c:47:13:db:e8:c1:2b:9d:5c:14:2a:8b:12:f6:6c:
4d:e8:6e:d9:cc:e7:1c:68:42:ae:a9:c1:4a:31:52:
75:f6:74:a4:f7:d6:26:9a:4f:2f:f1:fd:bd:bb:7c:
1b:33:8b:cb:93:d6:10:48:38:4d:d9:34:57:9e:b5:
d6:87:f7:df:71:0e:36:c5:0f:19:a9:44:52:be:15:
38:23:be:10:6c:29:eb:62:8f:eb:01:0e:e7:94:f6:
da:be:c3:8e:cd:a6:e6:12:81:0d:22:8f:70:46:36:
21:03:00:a0:38:92:a4:3c:e8:20:6f:fd:4d:dd:32:
7d:94:b3:3b:06:83:d1:d5:50:ad:77:11:d4:8e:d2:
fd:b6:3a:ca:b7:b8:a9:12:7a:38:5c:6b:df:48:53:
d4:f3:c5:f7:80:4d:16:b9:b9:35:ef:76:32:29:ba:
e1:54:a1:cc:f9:02:33:c3:71:ea:3c:9d:46:ab:88:
3f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:76:11:7B:C6:B3:2A:EB:A4:EE:64:FF:3A:92:8E:13:B4:16:D8:34
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/YHYRe8azKuuk7mT_OpKOE7QW2DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
IPv6:
2a07:9944:40::/48
2a07:9945:45::/48
Signature Algorithm: sha256WithRSAEncryption
54:90:ac:7f:4c:fb:d6:b3:95:2d:f4:07:04:e2:fc:85:0e:1d:
64:7c:45:5d:04:ee:a8:aa:c0:be:f0:b8:61:91:53:ec:26:8e:
29:7e:bc:ad:e1:92:e6:92:da:8a:d4:d1:74:a7:de:f4:2d:be:
0a:f0:4d:ee:f7:1a:9a:f2:1e:8c:15:7f:b8:c9:03:0d:da:d5:
2f:be:a0:64:73:31:5f:ac:ee:de:3a:29:35:24:cc:34:5f:28:
76:68:e2:bb:c1:6b:c6:e2:a9:7d:df:0c:a4:8e:9a:eb:b5:81:
d0:12:4a:c7:19:db:2e:69:11:94:05:e0:5e:77:10:ac:8b:e3:
ae:22:0a:26:16:00:c1:e0:7b:a4:e6:cd:e3:71:2b:8b:0c:c9:
fb:c1:cd:f4:67:cf:85:66:40:55:c7:d9:d9:14:d8:e2:f2:b4:
df:bd:4b:ec:71:e2:36:1f:8c:53:1a:55:0e:4a:37:b6:80:2b:
44:bb:db:9e:47:d9:5b:e1:ec:26:be:73:91:2b:f6:d1:4a:96:
39:a0:42:be:e7:c9:5d:39:d9:1b:4d:06:9a:ef:9a:c7:47:af:
f2:d1:e0:1c:ca:14:59:4a:44:f1:40:07:1f:bc:6a:8b:12:ab:
32:78:e9:d8:29:15:9e:d3:aa:89:48:b9:8a:3a:46:55:27:97:
5b:4c:c3:d8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYj1QBBKctm3R0y5Sb2piI51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNjI2MDEwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc2MTE3YmM2YjMyYWViYTRlZTY0ZmYzYTkyOGUxM2I0MTZkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/UTRXG2wbTIU+V/PVBKJY9tBnHA
78U0Y0vgx9Yq76jDMhbb78ZhNwvXdg7I6hpf/WoKxWl2AuxH+6aCQ+4Ku2dKbWpq
DTrwOYFcRxPb6MErnVwUKosS9mxN6G7ZzOccaEKuqcFKMVJ19nSk99Ymmk8v8f29
u3wbM4vLk9YQSDhN2TRXnrXWh/ffcQ42xQ8ZqURSvhU4I74QbCnrYo/rAQ7nlPba
vsOOzabmEoENIo9wRjYhAwCgOJKkPOggb/1N3TJ9lLM7BoPR1VCtdxHUjtL9tjrK
t7ipEno4XGvfSFPU88X3gE0Wubk173YyKbrhVKHM+QIzw3HqPJ1Gq4g//QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGB2EXvGsyrrpO5k/zqSjhO0Ftg0MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvWUhZUmU4YXpLdXVrN21UX09wS09FN1FXMkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBABroaMD
BANroaAwGAQCAAIwEgMHACoHmUQAQAMHACoHmUUARTANBgkqhkiG9w0BAQsFAAOC
AQEAVJCsf0z71rOVLfQHBOL8hQ4dZHxFXQTuqKrAvvC4YZFT7CaOKX68reGS5pLa
itTRdKfe9C2+CvBN7vcamvIejBV/uMkDDdrVL76gZHMxX6zu3jopNSTMNF8odmji
u8FrxuKpfd8MpI6a67WB0BJKxxnbLmkRlAXgXncQrIvjriIKJhYAweB7pObN43Er
iwzJ+8HN9GfPhWZAVcfZ2RTY4vK0371L7HHiNh+MUxpVDko3toArRLvbnkfZW+Hs
Jr5zkSv20UqWOaBCvufJXTnZG00Gmu+ax0ev8tHgHMoUWUpE8UAHH7xqixKrMnjp
2CkVntOqiUi5ijpGVSeXW0zD2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org