Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/YqQ_lZ_g8hKMQ7RSsKyBkyU_IvE.roa
File: YqQ_lZ_g8hKMQ7RSsKyBkyU_IvE.roa (raw, json)
Hash identifier: wdl2hDW94O/Mu6N1pL9YoS5f26+CYks3ft5C7OtBb/E=
Subject key identifier: 62:A4:3F:95:9F:E0:F2:12:8C:43:B4:52:B0:AC:81:93:25:3F:22:F1
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 01884CE177CA9F837408CE36FF5F3F87F629
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/YqQ_lZ_g8hKMQ7RSsKyBkyU_IvE.roa
Signing time: Wed 24 May 2023 08:30:24 +0000
ROA not before: Wed 24 May 2023 08:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47297
IP address blocks: 93.184.176.0/20 maxlen: 24
31.25.45.0/24 maxlen: 24
31.25.46.0/23 maxlen: 24
37.60.168.0/21 maxlen: 24
37.228.176.0/20 maxlen: 24
185.6.96.0/22 maxlen: 24
193.238.104.0/22 maxlen: 24
2a03:b880::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:e1:77:ca:9f:83:74:08:ce:36:ff:5f:3f:87:f6:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: May 24 08:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62a43f959fe0f2128c43b452b0ac8193253f22f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:46:00:95:bc:a8:71:68:71:c2:8c:09:94:
75:4b:ea:d6:4e:27:74:9c:83:42:4e:d6:e2:8e:dc:
dc:38:05:8a:eb:8b:f1:a9:91:8b:d4:5f:7d:83:42:
ab:71:c7:f7:51:20:80:4b:b3:f0:f7:08:5f:70:dd:
c6:2b:38:f0:c2:b5:cb:a6:51:4c:88:61:21:23:29:
cd:00:26:05:12:32:78:b6:e7:bb:ac:66:f8:99:eb:
91:2d:80:06:9a:65:58:f3:37:89:a3:0c:53:7f:92:
42:bb:33:09:a5:ba:31:e9:47:c6:46:ce:98:04:ba:
0b:51:b9:87:bc:7f:24:17:3d:30:ae:b6:b6:0c:7f:
b1:af:6c:5b:4a:88:ac:ba:75:c0:2b:14:f1:70:39:
c7:85:1f:2e:90:5e:08:f1:a9:59:e5:fd:c8:87:83:
e8:6c:ab:b5:21:1e:4e:77:31:58:cd:d9:6e:5a:17:
7a:81:01:52:e9:c0:7d:c5:87:3e:b8:88:24:10:5e:
56:41:44:c7:54:c7:10:fd:d0:1c:d3:cb:f4:e9:99:
d1:9f:00:5d:d8:c8:1d:bc:f9:cc:db:2b:84:4f:42:
ba:cd:dd:72:cd:8e:ef:10:f3:d6:6d:4c:10:44:ff:
58:f3:a0:2a:80:8e:04:db:be:6c:cf:83:30:ff:1d:
af:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A4:3F:95:9F:E0:F2:12:8C:43:B4:52:B0:AC:81:93:25:3F:22:F1
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/YqQ_lZ_g8hKMQ7RSsKyBkyU_IvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.45.0-31.25.47.255
37.60.168.0/21
37.228.176.0/20
93.184.176.0/20
185.6.96.0/22
193.238.104.0/22
IPv6:
2a03:b880::/29
Signature Algorithm: sha256WithRSAEncryption
65:70:6d:d1:16:88:5d:8b:75:ad:3c:06:5c:57:e5:39:4c:a1:
d8:99:fb:37:91:9d:ee:9f:f4:dd:20:44:a7:94:98:91:ec:0a:
82:bd:9b:8e:b8:6b:95:85:56:50:ce:91:a7:34:27:ba:14:11:
75:c2:98:dd:47:d3:65:59:3c:0b:23:c9:43:7d:82:0d:5f:01:
12:1d:f6:54:ef:77:7e:4f:2d:06:cf:cc:24:8f:6d:ed:13:17:
0d:5c:62:5d:b7:45:88:73:d5:5d:35:90:c1:55:a3:50:69:74:
cd:90:74:7c:2f:8f:f1:1e:f3:05:98:86:85:ac:83:16:f2:00:
09:24:ad:52:db:f7:9d:ca:24:62:eb:74:61:2d:5a:0a:e0:93:
1a:65:b2:0e:d2:4d:cd:72:b7:ea:a4:5a:d3:b8:62:78:49:67:
f2:3b:4d:3f:49:24:f4:a5:50:5b:e8:6f:89:89:1e:f4:8a:20:
ca:16:bf:40:e8:90:ef:97:85:77:5d:d3:bc:55:0c:17:cb:c6:
75:a3:3e:6c:92:1e:cd:57:90:b5:60:b3:45:d2:e9:c2:a2:4a:
18:26:f2:e1:d9:01:15:3e:ba:30:ad:8a:1b:fc:3b:71:b7:cc:
03:92:75:9e:9b:92:0f:19:dc:91:df:fb:54:78:f0:b1:86:b3:
57:1b:b5:7f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYhM4XfKn4N0CM42/18/h/YpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjMwNTI0MDgzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE0M2Y5NTlmZTBmMjEyOGM0M2I0NTJiMGFjODE5MzI1M2YyMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9pGAJW8qHFoccKMCZR1S+rWTid0
nINCTtbijtzcOAWK64vxqZGL1F99g0Krccf3USCAS7Pw9whfcN3GKzjwwrXLplFM
iGEhIynNACYFEjJ4tue7rGb4meuRLYAGmmVY8zeJowxTf5JCuzMJpbox6UfGRs6Y
BLoLUbmHvH8kFz0wrra2DH+xr2xbSoisunXAKxTxcDnHhR8ukF4I8alZ5f3Ih4Po
bKu1IR5OdzFYzdluWhd6gQFS6cB9xYc+uIgkEF5WQUTHVMcQ/dAc08v06ZnRnwBd
2MgdvPnM2yuET0K6zd1yzY7vEPPWbUwQRP9Y86AqgI4E275sz4Mw/x2v1wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGKkP5Wf4PISjEO0UrCsgZMlPyLxMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvWXFRX2xaX2c4aEtNUTdSU3NLeUJreVVfSXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBAAfGS0D
BAQfGSADBAMlPKgDBAQl5LADBARduLADBAK5BmADBALB7mgwDQQCAAIwBwMFAyoD
uIAwDQYJKoZIhvcNAQELBQADggEBAGVwbdEWiF2Lda08BlxX5TlModiZ+zeRne6f
9N0gRKeUmJHsCoK9m464a5WFVlDOkac0J7oUEXXCmN1H02VZPAsjyUN9gg1fARId
9lTvd35PLQbPzCSPbe0TFw1cYl23RYhz1V01kMFVo1BpdM2QdHwvj/Ee8wWYhoWs
gxbyAAkkrVLb953KJGLrdGEtWgrgkxplsg7STc1yt+qkWtO4YnhJZ/I7TT9JJPSl
UFvob4mJHvSKIMoWv0DokO+XhXdd07xVDBfLxnWjPmySHs1XkLVgs0XS6cKiShgm
8uHZARU+ujCtihv8O3G3zAOSdZ6bkg8Z3JHf+1R48LGGs1cbtX8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:10 2024 by rpki-client on console-fra.rpki-client.org