Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/YqepfVFg8XimxQQMBANbuVcyYPU.roa
File: YqepfVFg8XimxQQMBANbuVcyYPU.roa (raw, json)
Hash identifier: GsIC48mm7weQ6XQaRNcZFSrf7B6oXgHiCeWJAgrVsBM=
Subject key identifier: 62:A7:A9:7D:51:60:F1:78:A6:C5:04:0C:04:03:5B:B9:57:32:60:F5
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0188D2DAA41BBC2CB2E2D4EFDBA06EB2869E
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/YqepfVFg8XimxQQMBANbuVcyYPU.roa
Signing time: Mon 19 Jun 2023 08:52:04 +0000
ROA not before: Mon 19 Jun 2023 08:52:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.194.0/23 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.40.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 10:14:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d2:da:a4:1b:bc:2c:b2:e2:d4:ef:db:a0:6e:b2:86:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 19 08:52:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62a7a97d5160f178a6c5040c04035bb9573260f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:2f:74:37:b8:8e:d4:72:60:11:ad:47:d3:
42:22:eb:ce:ef:d5:4f:d0:18:27:83:7d:aa:45:4c:
19:f2:34:54:4a:03:e6:32:e6:6c:12:b5:15:52:b3:
22:b7:b7:b0:a7:4d:67:36:40:8a:15:76:70:a6:87:
d7:22:fa:ba:87:9c:49:6e:a4:d0:fe:16:82:82:69:
22:ad:c0:0b:59:55:87:76:78:74:e6:a1:c9:57:75:
3a:1e:70:67:72:8c:5e:60:ee:f6:e9:ef:62:56:8b:
b8:5b:51:d0:02:5d:25:64:05:f0:d5:79:8d:06:f8:
6e:18:64:91:e6:0e:f0:16:d4:46:01:c0:32:85:d0:
60:55:93:f2:bd:fa:7d:46:13:f2:0c:2c:94:d7:f5:
07:24:54:19:f2:0b:b9:7d:5e:5a:83:32:7d:41:4d:
3d:da:18:b1:aa:d4:e1:11:a4:6e:4d:ed:21:d8:65:
57:f6:c6:e2:70:a2:1b:7d:6d:6d:cb:f0:ec:dd:61:
56:a6:28:c6:e2:dc:bf:66:1e:d8:0f:93:06:ec:ac:
a0:82:6d:c6:33:ea:f2:ae:cc:b8:20:8a:37:59:98:
a4:0b:cd:4e:9d:48:cf:90:fb:df:af:d4:ad:58:df:
56:f5:0a:e0:3e:90:bc:ef:59:9d:01:00:8f:fb:d8:
6a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A7:A9:7D:51:60:F1:78:A6:C5:04:0C:04:03:5B:B9:57:32:60:F5
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/YqepfVFg8XimxQQMBANbuVcyYPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/21
83.147.252.0/22
91.186.194.0/23
91.186.216.0/22
94.241.168.0/21
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:46:11:40:ce:11:71:ef:bd:e2:c4:a3:6c:5f:5d:20:65:43:
a8:d0:b4:2d:d4:17:97:9f:da:93:dd:96:fc:74:3f:30:41:15:
ca:bd:08:c4:2f:33:b7:bd:51:83:bf:36:05:4f:1d:6d:03:7b:
6e:c5:df:07:61:56:35:1c:d8:fc:38:a7:19:ad:12:a6:44:55:
6a:7a:75:14:9a:35:44:f5:0f:a6:90:28:84:ce:49:c9:94:7e:
c0:93:77:e8:1e:38:1d:9d:9e:d1:60:e4:14:b0:23:af:b2:44:
32:55:01:03:0d:a9:3e:6e:81:f3:81:14:b6:72:94:52:fa:1b:
42:6e:2b:91:04:f5:c8:07:90:ad:0e:79:47:5f:c2:2d:67:f6:
cf:ae:c3:3f:b3:e9:e0:19:25:ff:f0:02:15:11:cb:6b:82:dd:
99:91:3a:53:64:5e:17:ba:a1:ed:ae:b0:79:45:d5:d6:b6:26:
e1:d8:2b:44:1b:a9:91:71:77:07:ff:7d:f7:d7:f3:77:43:c2:
5c:1b:64:61:f8:3d:bc:79:0f:be:f3:15:39:f3:c0:b9:3e:25:
92:b4:4e:6f:ab:e3:5e:a1:de:21:04:9b:36:29:09:ba:a1:5f:
f2:32:88:18:77:45:96:c3:1e:d5:61:66:ec:42:d8:46:9f:1c:
7c:ca:5f:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjS2qQbvCyy4tTv26BusoaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNjE5MDg1MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE3YTk3ZDUxNjBmMTc4YTZjNTA0MGMwNDAzNWJiOTU3MzI2MGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn34vdDe4jtRyYBGtR9NCIuvO79VP
0Bgng32qRUwZ8jRUSgPmMuZsErUVUrMit7ewp01nNkCKFXZwpofXIvq6h5xJbqTQ
/haCgmkircALWVWHdnh05qHJV3U6HnBncoxeYO726e9iVou4W1HQAl0lZAXw1XmN
BvhuGGSR5g7wFtRGAcAyhdBgVZPyvfp9RhPyDCyU1/UHJFQZ8gu5fV5agzJ9QU09
2hixqtThEaRuTe0h2GVX9sbicKIbfW1ty/Ds3WFWpijG4ty/Zh7YD5MG7Kyggm3G
M+ryrsy4IIo3WZikC81OnUjPkPvfr9StWN9W9QrgPpC871mdAQCP+9hq7wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGKnqX1RYPF4psUEDAQDW7lXMmD1MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvWXFlcGZWRmc4WGlteFFRTUJBTmJ1VmN5WVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDU5PwAwQC
U5P8AwQBW7rCAwQCW7rYAwQDXvGoAwQCsv0oMA0GCSqGSIb3DQEBCwUAA4IBAQA9
RhFAzhFx773ixKNsX10gZUOo0LQt1BeXn9qT3Zb8dD8wQRXKvQjELzO3vVGDvzYF
Tx1tA3tuxd8HYVY1HNj8OKcZrRKmRFVqenUUmjVE9Q+mkCiEzknJlH7Ak3foHjgd
nZ7RYOQUsCOvskQyVQEDDak+boHzgRS2cpRS+htCbiuRBPXIB5CtDnlHX8ItZ/bP
rsM/s+ngGSX/8AIVEctrgt2ZkTpTZF4XuqHtrrB5RdXWtibh2CtEG6mRcXcH/333
1/N3Q8JcG2Rh+D28eQ++8xU588C5PiWStE5vq+Neod4hBJs2KQm6oV/yMogYd0WW
wx7VYWbsQthGnxx8yl+9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org