Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/YfaBczqB9U5H3FJn9xsnGhLRkqA.roa
File: YfaBczqB9U5H3FJn9xsnGhLRkqA.roa (raw, json)
Hash identifier: WS5EJwfJ0PnDINS+pBPXbCyTedggudcEyff06Jeshns=
Subject key identifier: 61:F6:81:73:3A:81:F5:4E:47:DC:52:67:F7:1B:27:1A:12:D1:92:A0
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 018AEF170D14E7D13EA355E289D9F1CB6C1A
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/YfaBczqB9U5H3FJn9xsnGhLRkqA.roa
Signing time: Mon 02 Oct 2023 06:32:59 +0000
ROA not before: Mon 02 Oct 2023 06:32:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
5.180.179.0/24 maxlen: 24
193.35.228.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:17:0d:14:e7:d1:3e:a3:55:e2:89:d9:f1:cb:6c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Oct 2 06:32:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61f681733a81f54e47dc5267f71b271a12d192a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:5c:a4:73:a7:78:7a:dd:70:d8:f4:95:ce:
32:f6:50:87:a4:f6:2b:de:64:c8:91:82:80:24:0b:
a1:af:a6:90:85:b1:7a:a9:a1:b5:a8:19:97:2d:0a:
37:0c:1e:da:53:df:ff:83:75:12:01:d5:cc:cf:c0:
fd:73:be:55:e3:d5:38:02:d6:45:6d:ff:45:c2:c2:
ae:91:42:66:b0:0b:e4:6f:84:c3:be:d4:3e:62:45:
57:6e:43:9f:4f:37:0a:4f:5a:b8:c9:23:69:e9:27:
76:59:45:12:0e:74:ad:21:48:3a:3a:1e:1f:9e:1e:
26:e3:e0:5f:98:e1:b1:d3:0d:66:bc:52:68:fb:88:
15:08:5d:80:2a:5d:1e:cb:d9:b6:21:dd:07:f4:90:
48:98:7c:42:ba:7e:a7:77:da:59:92:a2:64:73:d7:
32:5f:85:b1:73:ea:e5:cc:a5:77:9f:1c:f8:0a:f5:
ac:ac:60:f2:6c:50:1f:a1:fe:b4:0d:5f:77:fb:41:
eb:86:28:50:0b:34:b2:71:51:e3:3f:87:ad:40:b2:
a2:32:f1:d1:c6:ed:d6:92:ec:97:be:bf:6b:d5:b6:
14:19:38:10:f9:76:ca:4a:31:f9:98:cd:ab:e1:4c:
bb:8d:e7:70:7b:9d:7d:de:04:db:c7:d8:c8:51:10:
ce:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F6:81:73:3A:81:F5:4E:47:DC:52:67:F7:1B:27:1A:12:D1:92:A0
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/YfaBczqB9U5H3FJn9xsnGhLRkqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
193.35.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ba:99:59:c8:ab:d9:69:22:7c:bc:da:4b:54:d7:4f:08:fd:
cb:25:c2:70:1a:10:6a:52:53:c9:ee:aa:cd:76:7c:cd:9c:06:
36:03:7b:f8:40:1f:d6:c4:09:e3:21:c0:99:53:60:6d:49:5b:
b8:8b:71:44:1d:4f:0e:e9:9e:fa:d0:ec:65:fe:c7:a4:82:fd:
d3:b5:2e:a2:1a:5a:1e:64:01:30:d7:ba:9b:df:c6:b0:63:13:
ad:6a:19:ea:8f:01:2f:11:cb:c7:a3:fc:c5:cb:6c:10:91:a9:
1a:9f:b8:9a:ea:6b:de:50:59:2f:26:81:f6:8e:36:0b:d0:9a:
bd:f9:01:51:d7:93:88:6d:07:e6:66:6b:70:98:03:c1:ee:3d:
e0:47:6e:1d:9e:15:b5:ad:17:59:09:49:03:15:98:0f:1e:8d:
11:3c:83:ad:ae:2b:72:63:91:33:1c:98:75:f2:e9:a4:01:7d:
da:03:71:63:e9:68:b6:d3:7f:ea:52:5d:60:f0:e5:b3:2a:6e:
0a:c8:f1:33:f7:d4:a9:25:1f:56:4f:65:f7:1e:9b:09:75:a9:
6a:26:99:f1:f5:52:ac:f4:ab:e9:c5:a8:06:31:c3:b4:74:4f:
86:a9:aa:00:56:c8:3c:25:b9:03:01:ff:36:e6:43:88:cc:21:
ef:a8:45:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrvFw0U59E+o1Xiidnxy2waMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMxMDAyMDYzMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY2ODE3MzNhODFmNTRlNDdkYzUyNjdmNzFiMjcxYTEyZDE5MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdpcpHOneHrdcNj0lc4y9lCHpPYr
3mTIkYKAJAuhr6aQhbF6qaG1qBmXLQo3DB7aU9//g3USAdXMz8D9c75V49U4AtZF
bf9FwsKukUJmsAvkb4TDvtQ+YkVXbkOfTzcKT1q4ySNp6Sd2WUUSDnStIUg6Oh4f
nh4m4+BfmOGx0w1mvFJo+4gVCF2AKl0ey9m2Id0H9JBImHxCun6nd9pZkqJkc9cy
X4Wxc+rlzKV3nxz4CvWsrGDybFAfof60DV93+0HrhihQCzSycVHjP4etQLKiMvHR
xu3WkuyXvr9r1bYUGTgQ+XbKSjH5mM2r4Uy7jedwe5193gTbx9jIURDOpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGH2gXM6gfVOR9xSZ/cbJxoS0ZKgMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvWWZhQmN6cUI5VTVIM0ZKbjl4c25HaExSa3FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbSzAwQA
H9n4AwQAuYmkAwQAwSPkMA0GCSqGSIb3DQEBCwUAA4IBAQCmuplZyKvZaSJ8vNpL
VNdPCP3LJcJwGhBqUlPJ7qrNdnzNnAY2A3v4QB/WxAnjIcCZU2BtSVu4i3FEHU8O
6Z760Oxl/sekgv3TtS6iGloeZAEw17qb38awYxOtahnqjwEvEcvHo/zFy2wQkaka
n7ia6mveUFkvJoH2jjYL0Jq9+QFR15OIbQfmZmtwmAPB7j3gR24dnhW1rRdZCUkD
FZgPHo0RPIOtrityY5EzHJh18umkAX3aA3Fj6Wi203/qUl1g8OWzKm4KyPEz99Sp
JR9WT2X3HpsJdalqJpnx9VKs9KvpxagGMcO0dE+GqaoAVsg8JbkDAf825kOIzCHv
qEVE
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:39 2024 by rpki-client on console-ams.rpki-client.org