Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/Yp_XxmW3dx-bC4d9lTXu0S-N_FY.roa
File: Yp_XxmW3dx-bC4d9lTXu0S-N_FY.roa (raw, json)
Hash identifier: yOF432UvuqMvtCrz4VFr3HHUJwM5Z2up05rydW9Dfl0=
Subject key identifier: 62:9F:D7:C6:65:B7:77:1F:9B:0B:87:7D:95:35:EE:D1:2F:8D:FC:56
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 01874BB39AF22C8F0DAFFAD5112B9D7F4E06
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/Yp_XxmW3dx-bC4d9lTXu0S-N_FY.roa
Signing time: Tue 04 Apr 2023 09:57:54 +0000
ROA not before: Tue 04 Apr 2023 09:57:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
188.125.224.0/19 maxlen: 19
46.20.56.0/23 maxlen: 23
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
128.127.80.0/21 maxlen: 21
128.127.80.0/20 maxlen: 20
91.208.50.0/24 maxlen: 24
185.15.232.0/22 maxlen: 22
46.20.48.0/20 maxlen: 20
188.125.244.0/22 maxlen: 22
188.125.242.0/23 maxlen: 23
213.109.32.0/20 maxlen: 20
213.109.34.0/23 maxlen: 23
213.109.40.0/24 maxlen: 24
213.109.39.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:b3:9a:f2:2c:8f:0d:af:fa:d5:11:2b:9d:7f:4e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Apr 4 09:57:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=629fd7c665b7771f9b0b877d9535eed12f8dfc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2a:24:2f:56:df:2d:39:8c:3f:05:d4:a7:ac:
dc:37:13:6c:7f:69:75:b4:84:1f:35:9a:35:e6:30:
d4:f2:07:f6:72:ce:8b:7f:52:e8:a3:30:41:25:46:
5b:11:19:ff:65:29:08:ed:be:74:1c:d6:44:6b:8f:
c5:af:ca:61:da:93:e8:38:ad:ad:db:4b:1c:65:1f:
a2:39:db:f9:e8:e4:4a:5e:c6:35:f4:c7:c0:a0:8b:
ba:6d:36:dc:3b:7b:bd:cd:0a:42:04:49:ff:e7:f3:
24:86:7d:01:b8:6b:02:7a:f5:d5:c5:9f:27:82:53:
23:2c:ef:b7:94:04:de:0c:a9:a2:f7:45:90:58:03:
e0:55:da:17:4e:5e:f4:c4:fe:92:a0:64:8a:fa:7d:
67:ca:8f:28:2d:50:38:8c:03:aa:9c:75:d7:9c:37:
2c:aa:10:e5:e5:28:79:13:55:47:f0:21:fd:06:35:
87:7e:54:7e:dd:6b:dc:45:78:e1:28:73:6b:92:27:
9e:c2:78:34:0c:47:ae:fe:2d:f2:0b:b1:ab:8f:d2:
e3:63:cb:00:3c:8d:8f:c1:36:d1:26:5e:16:82:bc:
54:e9:86:bf:42:4f:f9:28:e1:04:69:a4:3e:2c:89:
8d:96:e1:d7:07:2a:53:02:08:a5:99:e5:67:e2:47:
7b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9F:D7:C6:65:B7:77:1F:9B:0B:87:7D:95:35:EE:D1:2F:8D:FC:56
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/Yp_XxmW3dx-bC4d9lTXu0S-N_FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
c5:3e:b4:cb:76:ca:27:c2:95:33:59:5d:bd:47:64:2f:44:cd:
19:34:39:cd:78:b6:7f:80:43:f7:54:97:cb:0e:63:47:a1:3e:
b5:d7:43:7e:d3:f2:61:ac:06:f0:a0:0b:d5:4c:46:3a:88:7d:
df:c2:e7:77:44:7f:29:92:57:df:e6:61:0e:8b:ee:92:5e:29:
22:5b:80:64:d8:0d:89:89:a1:03:23:1e:c0:69:43:3f:84:04:
6e:f5:1c:eb:83:c8:56:4e:3d:2f:09:02:5e:78:4b:1f:76:96:
b5:fc:34:de:26:59:6e:39:61:a0:ee:3c:49:46:3d:a6:82:e0:
6f:57:8a:f8:9e:e8:e2:13:52:07:92:f0:f6:2f:c7:34:9a:89:
02:ed:fb:89:c7:5d:06:61:46:1b:99:95:2c:69:d4:bf:ca:06:
e0:d9:77:a7:ef:81:ef:ce:de:dc:d0:18:86:ad:b6:c0:40:b3:
8f:66:52:b7:6a:b7:b7:82:14:85:7a:9f:f6:f0:b1:90:40:1b:
8a:35:fb:41:03:4d:f6:7f:8d:50:08:d7:4b:15:62:84:7d:e0:
e0:91:2f:d9:98:ad:d6:54:24:12:88:15:f5:fd:1a:60:27:08:
53:4e:c3:91:50:b5:d3:46:03:10:02:10:45:b5:3b:0a:d8:d0:
9f:fa:8f:09
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYdLs5ryLI8Nr/rVESudf04GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjMwNDA0MDk1NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjlmZDdjNjY1Yjc3NzFmOWIwYjg3N2Q5NTM1ZWVkMTJmOGRmYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiokL1bfLTmMPwXUp6zcNxNsf2l1
tIQfNZo15jDU8gf2cs6Lf1LoozBBJUZbERn/ZSkI7b50HNZEa4/Fr8ph2pPoOK2t
20scZR+iOdv56ORKXsY19MfAoIu6bTbcO3u9zQpCBEn/5/Mkhn0BuGsCevXVxZ8n
glMjLO+3lATeDKmi90WQWAPgVdoXTl70xP6SoGSK+n1nyo8oLVA4jAOqnHXXnDcs
qhDl5Sh5E1VH8CH9BjWHflR+3WvcRXjhKHNrkieewng0DEeu/i3yC7Grj9LjY8sA
PI2PwTbRJl4WgrxU6Ya/Qk/5KOEEaaQ+LImNluHXBypTAgilmeVn4kd7XwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGKf18Zlt3cfmwuHfZU17tEvjfxWMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvWXBfWHhtVzNkeC1iQzRkOWxUWHUwUy1OX0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEJYOgAwQE
LhQwAwQBW85sAwQAW9AyAwQEXa+AAwQEgH9QAwQCuQ/oAwQFvH3gAwQE1W0gMA0E
AgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IBAQDFPrTLdsonwpUzWV29R2Qv
RM0ZNDnNeLZ/gEP3VJfLDmNHoT6110N+0/JhrAbwoAvVTEY6iH3fwud3RH8pklff
5mEOi+6SXikiW4Bk2A2JiaEDIx7AaUM/hARu9Rzrg8hWTj0vCQJeeEsfdpa1/DTe
JlluOWGg7jxJRj2mguBvV4r4nujiE1IHkvD2L8c0mokC7fuJx10GYUYbmZUsadS/
ygbg2Xen74Hvzt7c0BiGrbbAQLOPZlK3are3ghSFep/28LGQQBuKNftBA032f41Q
CNdLFWKEfeDgkS/ZmK3WVCQSiBX1/RpgJwhTTsORULXTRgMQAhBFtTsK2NCf+o8J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org