Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/YNSCpuof02tvBjdS_s9dxTXLD3I.roa
File: YNSCpuof02tvBjdS_s9dxTXLD3I.roa (raw, json)
Hash identifier: 9+VTWz5jt8aO9tmP1PawXPMPI5Ov7O0rBo9pa25/Sjg=
Subject key identifier: 60:D4:82:A6:EA:1F:D3:6B:6F:06:37:52:FE:CF:5D:C5:35:CB:0F:72
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246E153CBC856CD9EF91E36538DE651
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/YNSCpuof02tvBjdS_s9dxTXLD3I.roa
Signing time: Mon 02 Jan 2023 11:38:45 +0000
ROA not before: Mon 02 Jan 2023 11:38:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60168
IP address blocks: 151.237.136.0/23 maxlen: 23
5.32.130.0/24 maxlen: 24
5.32.131.0/24 maxlen: 24
5.32.129.0/24 maxlen: 24
5.32.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:e1:53:cb:c8:56:cd:9e:f9:1e:36:53:8d:e6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60d482a6ea1fd36b6f063752fecf5dc535cb0f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:e3:96:f7:bc:58:79:3e:91:ae:1a:42:31:
99:c1:3c:52:64:af:2c:c0:c4:c8:a5:25:e6:b9:38:
f2:b8:3a:9a:df:9d:a6:82:ca:10:e8:b0:6a:58:92:
f0:2e:55:7c:aa:44:6c:25:48:2f:d4:f1:93:30:9c:
33:03:3e:8f:8d:11:f6:36:41:d2:1f:1d:39:67:2f:
6e:04:98:74:6f:e9:0e:5b:10:59:de:39:00:53:65:
24:f2:c7:45:2e:35:1d:29:bb:fb:fb:4c:11:8c:0a:
6d:8e:55:77:6f:83:d2:86:f0:a6:fc:52:bc:be:eb:
22:82:73:be:86:8a:0c:c2:55:e9:f3:ee:aa:3f:ab:
a0:f3:6f:82:fa:9d:fc:fb:6d:4f:08:71:03:e9:3e:
37:9e:1c:99:cf:ce:a2:3e:b7:3e:d0:63:b7:81:a3:
2e:ab:53:78:09:76:1f:6c:7c:31:24:6d:9a:0b:a4:
ad:1d:d3:80:05:77:55:ab:79:93:57:af:61:b0:b8:
ae:39:11:a7:5f:cc:11:ab:ea:ec:de:f3:38:4b:b8:
4a:68:c4:5f:77:72:7f:a3:a7:b8:1e:c2:4a:47:aa:
6e:40:e5:f4:b0:71:4e:b3:92:b2:12:f7:7b:24:6c:
a5:fa:e0:14:ba:3f:df:4d:36:79:30:6d:08:aa:3c:
b1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D4:82:A6:EA:1F:D3:6B:6F:06:37:52:FE:CF:5D:C5:35:CB:0F:72
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/YNSCpuof02tvBjdS_s9dxTXLD3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.128.0/22
151.237.136.0/23
Signature Algorithm: sha256WithRSAEncryption
19:af:e5:5a:96:13:c7:71:20:dc:04:a5:f0:a2:c9:51:01:60:
63:32:aa:16:aa:92:54:ad:73:fd:a9:97:88:26:d9:fd:b4:b8:
b2:f2:29:ec:08:fb:cb:40:0c:94:cb:4c:a7:98:4f:07:2c:e3:
21:ad:c6:c5:17:f2:86:05:c4:88:40:7a:db:d2:f3:66:a1:b4:
63:09:ec:f8:70:62:1a:b5:ee:70:59:fb:cf:61:49:fc:09:1b:
36:33:97:6e:83:54:3c:f5:dd:03:7a:9f:75:d3:70:91:27:4f:
55:85:10:bf:fb:0a:32:08:f9:8f:97:d5:7b:15:9f:33:a9:41:
97:cd:77:e9:be:4d:6c:d8:68:48:df:15:5d:42:1c:f3:a5:fc:
88:20:34:4e:a1:f9:07:48:8c:7e:e3:ad:75:f3:d6:a2:ef:35:
c0:c5:fc:d1:61:cf:cc:77:ed:3c:ef:ea:b4:04:08:bd:d5:3b:
a0:ca:26:37:f3:34:80:e9:c0:17:84:cc:73:54:cb:96:32:d1:
9a:50:26:42:4b:e9:ac:9a:65:88:63:b2:42:c9:e7:30:81:04:
2e:65:ac:52:45:ed:af:9a:79:09:e3:0b:83:f4:98:f1:5c:01:
fa:fe:db:be:73:ab:b5:ee:7f:2c:99:2c:28:31:86:6f:c6:72:
a5:04:5c:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRuFTy8hWzZ75HjZTjeZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ0ODJhNmVhMWZkMzZiNmYwNjM3NTJmZWNmNWRjNTM1Y2IwZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNrjlve8WHk+ka4aQjGZwTxSZK8s
wMTIpSXmuTjyuDqa352mgsoQ6LBqWJLwLlV8qkRsJUgv1PGTMJwzAz6PjRH2NkHS
Hx05Zy9uBJh0b+kOWxBZ3jkAU2Uk8sdFLjUdKbv7+0wRjAptjlV3b4PShvCm/FK8
vusignO+hooMwlXp8+6qP6ug82+C+p38+21PCHED6T43nhyZz86iPrc+0GO3gaMu
q1N4CXYfbHwxJG2aC6StHdOABXdVq3mTV69hsLiuORGnX8wRq+rs3vM4S7hKaMRf
d3J/o6e4HsJKR6puQOX0sHFOs5KyEvd7JGyl+uAUuj/fTTZ5MG0IqjyxEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDUgqbqH9NrbwY3Uv7PXcU1yw9yMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvWU5TQ3B1b2YwMnR2QmpkU19zOWR4VFhMRDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBSCAAwQB
l+2IMA0GCSqGSIb3DQEBCwUAA4IBAQAZr+ValhPHcSDcBKXwoslRAWBjMqoWqpJU
rXP9qZeIJtn9tLiy8insCPvLQAyUy0ynmE8HLOMhrcbFF/KGBcSIQHrb0vNmobRj
Cez4cGIate5wWfvPYUn8CRs2M5dug1Q89d0Dep9103CRJ09VhRC/+woyCPmPl9V7
FZ8zqUGXzXfpvk1s2GhI3xVdQhzzpfyIIDROofkHSIx+461189ai7zXAxfzRYc/M
d+087+q0BAi91TugyiY38zSA6cAXhMxzVMuWMtGaUCZCS+msmmWIY7JCyecwgQQu
ZaxSRe2vmnkJ4wuD9JjxXAH6/tu+c6u17n8smSwoMYZvxnKlBFzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org