Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/yxh7Sz8h54j8FKc5DtjAG0GK1P0.roa
File: yxh7Sz8h54j8FKc5DtjAG0GK1P0.roa (raw, json)
Hash identifier: e9tbLjn2SmHk6XIKuxyD0nFNrYxAKQmd2jKmnVaJaGg=
Subject key identifier: CB:18:7B:4B:3F:21:E7:88:FC:14:A7:39:0E:D8:C0:1B:41:8A:D4:FD
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018CC34928975DBAAED75548B48DFD45B74E
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/yxh7Sz8h54j8FKc5DtjAG0GK1P0.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
31.193.240.0/22 maxlen: 24
45.84.114.0/23 maxlen: 24
31.193.244.0/22 maxlen: 24
185.74.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 08:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:28:97:5d:ba:ae:d7:55:48:b4:8d:fd:45:b7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb187b4b3f21e788fc14a7390ed8c01b418ad4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:67:37:09:8e:c3:8f:90:a4:3b:07:ef:d9:56:
a7:ec:c3:24:dd:a1:9f:a8:d5:22:9b:b3:67:13:8c:
f2:b3:f2:31:ed:d6:59:40:e1:c2:6e:10:6c:7a:da:
a6:c4:a7:4a:97:fe:76:a8:4e:11:80:da:c3:c0:8b:
01:c4:d3:d5:92:67:07:56:ea:60:26:ff:32:1d:93:
0e:8a:a2:07:3c:0c:78:03:40:01:49:1d:fb:6b:d8:
31:c7:59:86:1b:ee:ed:3f:3d:67:35:8d:55:c4:0c:
05:c5:ef:77:29:19:19:85:af:4f:a7:71:d5:e3:d4:
1e:f6:bf:e9:de:a6:41:45:7f:b0:65:c7:07:a2:6d:
c1:48:a8:89:85:f7:42:a9:ac:c0:00:73:9d:9b:8d:
84:d6:94:b7:eb:5d:0d:66:44:c1:8e:c6:89:4a:bd:
c4:c5:55:6a:3a:57:0b:84:d4:09:aa:d1:77:a2:1f:
c8:d7:02:ba:5e:15:48:8a:5d:c9:f3:7d:e4:73:2b:
06:9d:cf:b5:4c:74:c2:f9:9b:83:8f:c0:cb:08:f2:
85:ae:41:77:12:39:d3:76:c3:e3:8e:46:37:de:be:
27:ea:07:a9:a4:a1:44:07:74:49:24:09:6c:a0:a1:
8a:94:6d:1a:47:68:c9:9d:84:a9:a7:fc:4a:0a:0a:
51:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:18:7B:4B:3F:21:E7:88:FC:14:A7:39:0E:D8:C0:1B:41:8A:D4:FD
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/yxh7Sz8h54j8FKc5DtjAG0GK1P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
45.84.112.0/22
185.74.52.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:2e:18:df:68:80:85:ac:63:ed:4b:d2:3c:c2:00:bc:de:b9:
5b:64:af:4d:e1:a4:79:9e:e4:8a:cf:87:2c:00:69:b4:d2:77:
f5:26:93:a1:72:2e:64:e6:be:0f:6c:20:9a:e7:74:04:88:5e:
a2:92:cc:b4:9d:52:08:ad:0b:c6:5a:15:46:cc:19:88:e4:29:
7c:ad:49:0d:52:e5:a7:71:86:64:cb:14:39:18:43:fc:1a:13:
d5:0d:08:62:72:33:d8:1c:e4:80:c4:fc:5d:1d:fb:10:dd:f3:
b5:c4:33:29:66:41:e8:41:a9:e7:ac:ae:75:2b:50:1e:c6:15:
12:8c:bd:35:c2:85:72:d4:83:73:e9:2e:93:99:e0:50:04:9e:
c5:2b:e5:4c:dc:92:69:03:2d:9e:75:34:50:96:d9:17:69:4a:
22:ba:51:4a:a5:16:5f:16:25:71:ee:31:4e:d3:a2:06:9b:c4:
3f:0f:52:2c:6b:b4:6a:43:61:c7:b2:dc:45:5c:9b:e1:04:e9:
d9:66:88:10:bf:88:32:f6:29:6c:54:19:85:37:f9:07:0b:40:
77:8f:e3:dc:ce:ed:40:7c:95:9c:d8:0f:4a:9f:b3:d5:86:46:
6b:59:79:ec:1e:4b:c5:d9:76:00:5e:10:d2:39:b2:5c:0d:50:
cb:3f:01:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSSiXXbqu11VItI39RbdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE4N2I0YjNmMjFlNzg4ZmMxNGE3MzkwZWQ4YzAxYjQxOGFkNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimc3CY7Dj5CkOwfv2Van7MMk3aGf
qNUim7NnE4zys/Ix7dZZQOHCbhBsetqmxKdKl/52qE4RgNrDwIsBxNPVkmcHVupg
Jv8yHZMOiqIHPAx4A0ABSR37a9gxx1mGG+7tPz1nNY1VxAwFxe93KRkZha9Pp3HV
49Qe9r/p3qZBRX+wZccHom3BSKiJhfdCqazAAHOdm42E1pS3610NZkTBjsaJSr3E
xVVqOlcLhNQJqtF3oh/I1wK6XhVIil3J833kcysGnc+1THTC+ZuDj8DLCPKFrkF3
EjnTdsPjjkY33r4n6geppKFEB3RJJAlsoKGKlG0aR2jJnYSpp/xKCgpReQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMsYe0s/IeeI/BSnOQ7YwBtBitT9MB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEveXhoN1N6OGg1NGo4RktjNUR0akFHMEdLMVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH8HwAwQC
LVRwAwQBuUo0MA0GCSqGSIb3DQEBCwUAA4IBAQAaLhjfaICFrGPtS9I8wgC83rlb
ZK9N4aR5nuSKz4csAGm00nf1JpOhci5k5r4PbCCa53QEiF6iksy0nVIIrQvGWhVG
zBmI5Cl8rUkNUuWncYZkyxQ5GEP8GhPVDQhicjPYHOSAxPxdHfsQ3fO1xDMpZkHo
QannrK51K1AexhUSjL01woVy1INz6S6TmeBQBJ7FK+VM3JJpAy2edTRQltkXaUoi
ulFKpRZfFiVx7jFO06IGm8Q/D1Isa7RqQ2HHstxFXJvhBOnZZogQv4gy9ilsVBmF
N/kHC0B3j+Pczu1AfJWc2A9Kn7PVhkZrWXnsHkvF2XYAXhDSObJcDVDLPwF3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org