Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Ye2HdsL9hzUhYrmEixPKk1UtaHM.roa
File: Ye2HdsL9hzUhYrmEixPKk1UtaHM.roa (raw, json)
Hash identifier: wPuD06HgOfAfIbHP6f+psSgMQmcDz9fYKz7I89UHCzE=
Subject key identifier: 61:ED:87:76:C2:FD:87:35:21:62:B9:84:8B:13:CA:93:55:2D:68:73
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01891792B61FB00A3C0D6AB45369FB22563F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Ye2HdsL9hzUhYrmEixPKk1UtaHM.roa
Signing time: Sun 02 Jul 2023 17:07:18 +0000
ROA not before: Sun 02 Jul 2023 17:07:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 212.60.13.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
5.182.185.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:17:92:b6:1f:b0:0a:3c:0d:6a:b4:53:69:fb:22:56:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 2 17:07:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61ed8776c2fd87352162b9848b13ca93552d6873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:db:db:e6:87:7c:d2:c5:0b:f0:23:1a:42:
88:49:87:58:c0:2f:61:43:34:f2:00:38:88:3c:b5:
cc:ef:83:dc:bf:a6:1f:11:2c:6b:3e:34:5c:58:15:
e1:ed:75:ef:df:cb:de:37:d0:a8:8a:3a:77:b5:29:
d4:82:77:d8:f8:29:60:e3:8b:77:3e:a8:ce:b6:84:
98:47:13:15:8d:72:03:79:5e:ff:3b:52:8b:8f:61:
1e:99:5f:64:68:7d:c3:83:47:48:a4:e7:2d:9e:af:
5d:ae:be:36:ad:37:d1:a7:33:75:f0:af:85:0b:90:
53:c2:c3:21:ff:78:66:a1:29:60:42:49:83:ce:cd:
ef:27:c0:6f:76:d9:9a:58:10:94:6e:fd:a6:93:63:
8f:11:a1:4d:32:e7:87:f8:e7:38:dd:d9:34:f2:bf:
c4:7a:14:0c:1b:a0:b5:1a:a2:8b:b5:cd:21:dd:38:
eb:01:30:11:34:69:1f:b8:1e:68:47:ed:9c:74:62:
6e:14:a9:bd:91:c4:a9:e7:a7:25:0e:79:eb:52:3b:
ca:82:92:98:a2:19:81:11:51:7a:74:bd:41:7a:f4:
f1:c8:bc:b9:62:fe:91:14:18:e7:33:4f:de:2b:c3:
36:0d:73:b0:de:c6:89:d6:8a:21:8c:34:89:d5:dd:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:ED:87:76:C2:FD:87:35:21:62:B9:84:8B:13:CA:93:55:2D:68:73
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Ye2HdsL9hzUhYrmEixPKk1UtaHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.161.190.0/24
185.201.42.0/24
185.205.204.0/24
185.208.152.0/23
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:73:1b:12:6c:dd:8c:77:d4:95:ae:f5:d7:19:e5:be:a5:ea:
32:b4:8e:6c:d6:3b:5e:81:77:bf:b7:d8:d3:fb:f4:57:40:1a:
5d:c2:1c:f6:21:1e:80:61:03:ee:53:e8:31:cd:40:be:e4:9b:
5d:f3:ce:e3:e3:3f:22:59:5a:f7:f4:e7:14:ab:e5:89:6b:aa:
31:c9:10:98:27:a5:4e:ca:52:32:82:88:09:02:d3:48:dc:b2:
28:87:79:08:c8:bd:51:fc:66:11:68:59:5e:99:b5:6d:6a:bf:
78:39:99:be:20:e3:d5:b8:60:f3:3e:b0:8c:0d:6f:d7:61:8b:
87:94:ff:20:26:98:ee:ea:cc:ff:a3:d4:e7:dc:74:f5:4d:d6:
d1:15:c6:df:03:c5:cb:b9:07:c3:54:06:39:79:b0:92:7d:a2:
ce:be:89:0d:26:8b:4e:09:95:32:21:90:93:10:0c:76:f6:f8:
71:dc:df:46:52:5e:4a:25:66:9a:70:e3:c0:f9:2e:b7:0a:73:
14:0b:0f:29:03:af:24:9c:44:b7:ac:d9:21:53:4a:be:73:5b:
ba:17:42:2f:cf:9c:27:a4:be:df:2a:5b:36:86:46:0b:a3:6e:
75:f4:35:15:df:6a:a0:ff:d6:92:e9:d0:25:36:bb:16:20:75:
df:d4:64:fa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYkXkrYfsAo8DWq0U2n7IlY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNzAyMTcwNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWVkODc3NmMyZmQ4NzM1MjE2MmI5ODQ4YjEzY2E5MzU1MmQ2ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1nb2+aHfNLFC/AjGkKISYdYwC9h
QzTyADiIPLXM74Pcv6YfESxrPjRcWBXh7XXv38veN9Coijp3tSnUgnfY+Clg44t3
PqjOtoSYRxMVjXIDeV7/O1KLj2EemV9kaH3Dg0dIpOctnq9drr42rTfRpzN18K+F
C5BTwsMh/3hmoSlgQkmDzs3vJ8BvdtmaWBCUbv2mk2OPEaFNMueH+Oc43dk08r/E
ehQMG6C1GqKLtc0h3TjrATARNGkfuB5oR+2cdGJuFKm9kcSp56clDnnrUjvKgpKY
ohmBEVF6dL1BevTxyLy5Yv6RFBjnM0/eK8M2DXOw3saJ1oohjDSJ1d2a7QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGHth3bC/Yc1IWK5hIsTypNVLWhzMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWWUySGRzTDloelVoWXJtRWl4UEtrMVV0YUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABba5AwQB
BbbEAwQATh/NAwQAT2K3AwQAXPkdAwQAXpqrAwQAXpqyAwQAaOgkAwQAk07PAwQA
otpdAwQAuaG+AwQAuckqAwQAuc3MAwQBudCYAwQBuf14AwQA1DwNAwQA2cWqMA0G
CSqGSIb3DQEBCwUAA4IBAQB+cxsSbN2Md9SVrvXXGeW+peoytI5s1jtegXe/t9jT
+/RXQBpdwhz2IR6AYQPuU+gxzUC+5Jtd887j4z8iWVr39OcUq+WJa6oxyRCYJ6VO
ylIygogJAtNI3LIoh3kIyL1R/GYRaFlembVtar94OZm+IOPVuGDzPrCMDW/XYYuH
lP8gJpju6sz/o9Tn3HT1TdbRFcbfA8XLuQfDVAY5ebCSfaLOvokNJotOCZUyIZCT
EAx29vhx3N9GUl5KJWaacOPA+S63CnMUCw8pA68knES3rNkhU0q+c1u6F0Ivz5wn
pL7fKls2hkYLo2519DUV32qg/9aS6dAlNrsWIHXf1GT6
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:39 2024 by rpki-client on console-ams.rpki-client.org