Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YeBSdBqHdM9vO2mlKBb91NMleRE.roa
File: YeBSdBqHdM9vO2mlKBb91NMleRE.roa (raw, json)
Hash identifier: 4ha+JtI2Yrr/kJOlmQ8OdS5iV8sWoINzWtLhPqErx+c=
Subject key identifier: 61:E0:52:74:1A:87:74:CF:6F:3B:69:A5:28:16:FD:D4:D3:25:79:11
Certificate issuer: /CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Certificate serial: 01920994A1DC882EE76B44678AC62D442104
Authority key identifier: 61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YeBSdBqHdM9vO2mlKBb91NMleRE.roa
Signing time: Thu 19 Sep 2024 09:19:48 +0000
ROA not before: Thu 19 Sep 2024 09:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51790
IP address blocks: 46.19.8.0/23 maxlen: 24
46.19.10.0/23 maxlen: 24
46.19.12.0/23 maxlen: 24
46.19.14.0/23 maxlen: 24
185.57.144.0/23 maxlen: 23
185.57.145.0/24 maxlen: 24
185.57.146.0/24 maxlen: 24
185.92.228.0/24 maxlen: 24
185.97.52.0/22 maxlen: 24
185.185.88.0/22 maxlen: 24
193.3.59.0/24 maxlen: 24
209.16.152.0/22 maxlen: 23
217.61.252.0/24 maxlen: 24
2a02:28b0::/32 maxlen: 32
2a02:28b1::/32 maxlen: 32
2a02:28b2::/32 maxlen: 32
2a02:28b7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:94:a1:dc:88:2e:e7:6b:44:67:8a:c6:2d:44:21:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Validity
Not Before: Sep 19 09:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61e052741a8774cf6f3b69a52816fdd4d3257911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b5:87:78:05:7a:da:9b:54:d5:7e:9f:05:9d:
05:25:5a:72:21:b2:2b:db:44:7a:2e:c7:61:38:e0:
2b:eb:be:d3:c4:9a:f5:4f:0f:ef:77:72:3e:27:89:
78:0b:77:c0:bd:20:87:f7:98:78:bd:93:94:e2:2d:
f8:f5:cb:61:f0:1d:98:1b:fa:bb:d3:fa:80:03:d1:
87:f5:8a:e5:07:f2:f9:66:b8:46:45:8b:d9:87:6f:
72:6a:f9:b4:98:10:01:ce:75:a1:51:13:7c:fb:60:
b1:3a:fc:f3:c6:d2:23:2c:79:0e:d3:ef:51:48:73:
b7:a3:a6:55:60:90:65:0d:21:4a:88:a5:ae:fd:a3:
08:e9:59:f5:36:49:7e:26:55:47:c5:4b:fc:16:d5:
b0:15:33:71:2d:17:8f:dd:fe:f8:0e:55:4c:3b:5c:
1a:3b:ec:dc:a0:e7:43:70:ae:2a:de:fe:81:a1:56:
07:9f:62:11:a9:93:97:4a:2e:c9:89:03:3e:86:cd:
b6:aa:6f:32:7f:67:b8:fc:aa:47:93:f1:47:e9:59:
6c:e8:41:d7:08:59:36:67:58:70:f6:06:ec:ec:86:
d7:4f:d9:19:3c:ac:a2:ca:e6:55:6e:f3:d0:66:94:
bc:db:22:05:59:ce:d2:4f:21:06:54:06:50:4d:45:
05:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E0:52:74:1A:87:74:CF:6F:3B:69:A5:28:16:FD:D4:D3:25:79:11
X509v3 Authority Key Identifier:
keyid:61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YeBSdBqHdM9vO2mlKBb91NMleRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.8.0/21
185.57.144.0-185.57.146.255
185.92.228.0/24
185.97.52.0/22
185.185.88.0/22
193.3.59.0/24
209.16.152.0/22
217.61.252.0/24
IPv6:
2a02:28b0::-2a02:28b2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:28b7::/32
Signature Algorithm: sha256WithRSAEncryption
95:be:b8:fc:61:91:d9:e9:9d:79:de:43:47:77:f1:62:a9:37:
f8:85:9f:0e:05:ec:30:b8:ca:5b:af:f1:bf:13:01:74:54:cf:
05:49:ad:c3:01:e9:60:7d:24:77:81:4f:d3:df:e6:93:74:b8:
20:a8:b7:ba:38:04:f4:0a:38:b7:03:b2:f3:2d:37:5f:b7:32:
6f:79:b4:35:ab:39:ca:3d:21:e9:67:06:11:2c:d9:61:4f:aa:
4c:98:09:aa:9f:5f:8d:eb:3f:5f:a8:56:b9:c8:6e:8a:8c:24:
d0:40:c4:4c:52:db:b5:bd:9d:a7:23:d4:be:c8:d5:de:7f:c2:
1f:04:8c:35:12:c2:4f:50:dc:7b:fb:8c:09:93:27:6d:95:15:
fb:df:3f:ac:f9:ee:0a:fe:61:5d:a1:96:b2:b7:df:71:56:7e:
f1:c8:11:ea:57:67:02:11:32:98:ac:82:01:48:e5:43:92:f8:
50:98:51:f5:bc:b0:45:29:5f:6c:ee:fd:c5:c1:bd:4f:14:88:
33:34:4d:c1:96:bd:eb:d0:66:7f:cc:48:75:71:49:96:ea:30:
95:b8:26:d2:5c:40:74:00:19:bc:57:97:9f:e6:8b:ae:1f:a1:
5a:2a:99:98:3a:70:1f:e1:6a:63:0b:e9:22:44:47:fe:65:00:
f3:3c:cf:cc
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZIJlKHciC7na0RnisYtRCEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGM5NTg1ODg5Zjk4ZTBjNzdmOWI2Y2Q4MDM2MWFhMDJi
ZGQ2OGUwHhcNMjQwOTE5MDkxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWUwNTI3NDFhODc3NGNmNmYzYjY5YTUyODE2ZmRkNGQzMjU3OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobWHeAV62ptU1X6fBZ0FJVpyIbIr
20R6LsdhOOAr677TxJr1Tw/vd3I+J4l4C3fAvSCH95h4vZOU4i349cth8B2YG/q7
0/qAA9GH9YrlB/L5ZrhGRYvZh29yavm0mBABznWhURN8+2CxOvzzxtIjLHkO0+9R
SHO3o6ZVYJBlDSFKiKWu/aMI6Vn1Nkl+JlVHxUv8FtWwFTNxLReP3f74DlVMO1wa
O+zcoOdDcK4q3v6BoVYHn2IRqZOXSi7JiQM+hs22qm8yf2e4/KpHk/FH6Vls6EHX
CFk2Z1hw9gbs7IbXT9kZPKyiyuZVbvPQZpS82yIFWc7STyEGVAZQTUUFwwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGHgUnQah3TPbztppSgW/dTTJXkRMB8GA1UdIwQY
MBaAFGFMlYWIn5jgx3+bbNgDYaoCvdaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjIt
MGI0NTc1YjY5YzU3LzEvWWVCU2RCcUhkTTl2TzJtbEtCYjkxTk1sZVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjItMGI0NTc1YjY5YzU3
LzEvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzA+BAIAATA4AwQDLhMIMAwD
BAS5OZADBAC5OZIDBAC5XOQDBAK5YTQDBAK5uVgDBADBAzsDBALREJgDBADZPfww
HQQCAAIwFzAOAwUEKgIosAMFACoCKLIDBQAqAii3MA0GCSqGSIb3DQEBCwUAA4IB
AQCVvrj8YZHZ6Z153kNHd/FiqTf4hZ8OBewwuMpbr/G/EwF0VM8FSa3DAelgfSR3
gU/T3+aTdLggqLe6OAT0Cji3A7LzLTdftzJvebQ1qznKPSHpZwYRLNlhT6pMmAmq
n1+N6z9fqFa5yG6KjCTQQMRMUtu1vZ2nI9S+yNXef8IfBIw1EsJPUNx7+4wJkydt
lRX73z+s+e4K/mFdoZayt99xVn7xyBHqV2cCETKYrIIBSOVDkvhQmFH1vLBFKV9s
7v3Fwb1PFIgzNE3Blr3r0GZ/zEh1cUmW6jCVuCbSXEB0ABm8V5ef5ouuH6FaKpmY
OnAf4WpjC+kiREf+ZQDzPM/M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:29 2025 by rpki-client