Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YBaozfwPSkq4DwiEMPd2bNOkWeE.roa
File: YBaozfwPSkq4DwiEMPd2bNOkWeE.roa (raw, json)
Hash identifier: JmL/8ij3j3tMjzrQbcvoueqDK9ePngK7xxbjkcrDsNA=
Subject key identifier: 60:16:A8:CD:FC:0F:4A:4A:B8:0F:08:84:30:F7:76:6C:D3:A4:59:E1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018A6683CCE17CD39717A1A752459A8D946C
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YBaozfwPSkq4DwiEMPd2bNOkWeE.roa
Signing time: Tue 05 Sep 2023 18:03:48 +0000
ROA not before: Tue 05 Sep 2023 18:03:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 162.218.90.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
5.182.192.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
45.67.140.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
185.230.122.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
94.154.182.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:83:cc:e1:7c:d3:97:17:a1:a7:52:45:9a:8d:94:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 5 18:03:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6016a8cdfc0f4a4ab80f088430f7766cd3a459e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:92:b3:0e:88:16:59:34:8f:c7:fc:d6:e1:06:
c1:d6:46:0c:0d:0e:44:91:31:1b:44:b5:7e:27:44:
5c:b9:51:a7:ee:97:94:03:a8:f8:a4:c1:05:f3:ca:
d0:94:e6:f7:cc:94:7b:c8:e4:24:67:5b:40:8a:82:
9e:06:62:44:1e:7b:c6:5d:70:e2:cd:05:9f:2b:da:
f3:17:07:a3:b8:13:87:c2:90:6c:ad:af:0c:c6:23:
10:cf:0f:24:db:52:7e:8d:36:71:69:37:ea:14:fa:
73:03:a2:dc:00:76:ed:e8:5a:ea:f2:d1:cc:fd:f7:
95:bd:a8:1f:ac:f6:9f:25:11:47:ad:0c:a3:ca:2c:
97:d3:b6:1c:80:43:35:fe:24:1f:47:8d:bb:d4:ce:
0f:c7:4d:78:6d:8b:27:60:d6:97:49:b5:90:ce:be:
7a:d7:d5:57:7c:e6:c3:f6:c4:a6:2f:47:72:ab:2a:
ec:d4:12:87:7f:e7:b9:0b:e8:a9:29:c8:4f:14:23:
18:ad:ba:28:5a:28:df:b5:e3:28:8b:0a:77:2b:03:
df:3a:70:c9:56:15:9e:b4:f1:8a:89:dc:fb:22:ba:
62:02:44:0c:1f:16:63:2d:38:38:ce:f5:0f:5f:cc:
42:ae:cb:f2:36:a1:dc:72:2e:e4:3c:72:e5:f2:6d:
b6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:16:A8:CD:FC:0F:4A:4A:B8:0F:08:84:30:F7:76:6C:D3:A4:59:E1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/YBaozfwPSkq4DwiEMPd2bNOkWeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
31.132.52.0/24
45.67.140.0/24
63.246.150.0/24
92.249.31.0/24
94.154.177.0/24
94.154.180.0-94.154.182.255
147.78.205.0-147.78.206.255
162.218.90.0/24
162.218.95.0/24
185.187.212.0/24
185.205.205.0/24
185.230.122.0/24
185.253.122.0/24
192.145.71.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
76:8e:4f:c7:5a:b4:12:dc:6a:f2:00:69:20:56:da:11:f5:38:
b8:0f:15:0c:65:34:09:44:35:c1:46:fc:7e:d8:37:4d:6a:87:
86:37:ca:be:9d:77:47:c9:71:78:73:85:79:29:66:5d:61:8c:
37:dc:82:aa:de:58:7b:aa:9b:c8:55:2f:9b:59:62:d1:7d:00:
87:c3:80:b2:c0:e1:76:a4:6d:c5:44:ef:01:3f:aa:41:87:6e:
9f:9d:e5:a2:8e:69:d7:93:a6:34:a0:ae:61:5f:37:4b:ba:02:
8c:62:a7:a4:e4:9e:b9:74:f2:51:3c:64:e1:4b:85:32:76:7e:
32:d6:1c:62:a6:8c:62:be:32:97:64:57:25:23:57:0c:77:bd:
4a:a5:9c:1c:bb:74:d8:c5:57:e4:73:e1:ce:a4:b7:c8:9a:47:
05:c5:c6:5e:8d:06:c1:a3:d1:40:a7:c9:f9:73:11:74:09:8b:
9b:bb:36:e3:11:88:52:fb:75:2c:9c:f0:f0:86:54:24:88:a1:
61:c7:9a:79:ba:b6:86:ef:ec:ff:4f:d4:03:07:58:ca:ee:aa:
e9:c9:60:1b:bc:2e:d8:5b:bd:f6:6c:ce:e7:90:58:34:79:26:
02:47:61:0b:e4:3e:d2:6d:f6:24:8d:6c:b1:f9:11:ae:7d:33:
05:7d:77:2e
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYpmg8zhfNOXF6GnUkWajZRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwOTA1MTgwMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE2YThjZGZjMGY0YTRhYjgwZjA4ODQzMGY3NzY2Y2QzYTQ1OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5KzDogWWTSPx/zW4QbB1kYMDQ5E
kTEbRLV+J0RcuVGn7peUA6j4pMEF88rQlOb3zJR7yOQkZ1tAioKeBmJEHnvGXXDi
zQWfK9rzFwejuBOHwpBsra8MxiMQzw8k21J+jTZxaTfqFPpzA6LcAHbt6Frq8tHM
/feVvagfrPafJRFHrQyjyiyX07YcgEM1/iQfR4271M4Px014bYsnYNaXSbWQzr56
19VXfObD9sSmL0dyqyrs1BKHf+e5C+ipKchPFCMYrbooWijfteMoiwp3KwPfOnDJ
VhWetPGKidz7IrpiAkQMHxZjLTg4zvUPX8xCrsvyNqHcci7kPHLl8m22BQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFGAWqM38D0pKuA8IhDD3dmzTpFnhMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWUJhb3pmd1BTa3E0RHdpRU1QZDJiTk9rV2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFtsAD
BAAfhDQDBAAtQ4wDBAA/9pYDBABc+R8DBABemrEwDAMEAl6atAMEAF6atjAMAwQA
k07NAwQAk07OAwQAotpaAwQAotpfAwQAubvUAwQAuc3NAwQAueZ6AwQAuf16AwQA
wJFHAwQA1DwPAwQA2cWpMA0GCSqGSIb3DQEBCwUAA4IBAQB2jk/HWrQS3GryAGkg
VtoR9Ti4DxUMZTQJRDXBRvx+2DdNaoeGN8q+nXdHyXF4c4V5KWZdYYw33IKq3lh7
qpvIVS+bWWLRfQCHw4CywOF2pG3FRO8BP6pBh26fneWijmnXk6Y0oK5hXzdLugKM
Yqek5J65dPJRPGThS4Uydn4y1hxipoxivjKXZFclI1cMd71KpZwcu3TYxVfkc+HO
pLfImkcFxcZejQbBo9FAp8n5cxF0CYubuzbjEYhS+3UsnPDwhlQkiKFhx5p5uraG
7+z/T9QDB1jK7qrpyWAbvC7YW732bM7nkFg0eSYCR2EL5D7SbfYkjWyx+RGufTMF
fXcu
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:39 2024 by rpki-client on console-ams.rpki-client.org