Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/YLnsUIZVXHE4M5AhXYnwQBPnrGE.roa
File: YLnsUIZVXHE4M5AhXYnwQBPnrGE.roa (raw, json)
Hash identifier: Wb4re5YcreC7g4945St7FkLaUrwfeOx8gtgB/KOc1XI=
Subject key identifier: 60:B9:EC:50:86:55:5C:71:38:33:90:21:5D:89:F0:40:13:E7:AC:61
Certificate issuer: /CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Certificate serial: 018DA87F74FA098025E9AB189AA56898BB95
Authority key identifier: AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/YLnsUIZVXHE4M5AhXYnwQBPnrGE.roa
Signing time: Wed 14 Feb 2024 16:42:21 +0000
ROA not before: Wed 14 Feb 2024 16:42:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 128.65.164.0/24 maxlen: 24
128.65.166.0/24 maxlen: 24
128.65.168.0/24 maxlen: 24
128.65.172.0/24 maxlen: 24
128.65.173.0/24 maxlen: 24
128.65.174.0/24 maxlen: 24
128.65.175.0/24 maxlen: 24
194.26.2.0/24 maxlen: 24
194.26.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 16:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:7f:74:fa:09:80:25:e9:ab:18:9a:a5:68:98:bb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2f2e86dd7cc9101658ff8d5a5241445fcd1d6a
Validity
Not Before: Feb 14 16:42:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60b9ec5086555c71383390215d89f04013e7ac61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:da:29:dc:0e:f9:a7:ae:c9:73:17:df:3a:8d:
06:4e:ae:06:8a:01:a3:a7:46:07:2e:68:61:1e:6c:
ba:01:4f:b5:52:fe:b6:7e:54:5f:ae:13:34:f7:a1:
17:40:aa:e4:46:22:d4:c6:75:31:ae:7f:54:5b:81:
88:0c:3d:84:32:7e:97:c9:73:cf:e5:35:ae:8f:3f:
fa:d2:e8:74:13:f0:c3:6c:f4:5e:ca:ae:f5:8f:47:
1c:84:0c:3f:27:97:ce:2e:f4:f2:4d:f3:47:66:48:
50:c0:06:43:ec:4b:df:56:ff:07:8e:be:ed:be:64:
7b:9f:03:6c:a0:e0:fc:de:7b:79:30:b4:75:47:32:
51:13:4c:83:58:ca:9e:5d:50:d6:a1:d0:94:1e:52:
7d:e1:03:fa:63:81:bd:a1:6a:d2:ec:bf:bb:16:59:
d2:15:8e:aa:0f:ff:bf:28:77:7e:fe:c5:ea:34:08:
74:52:a2:d4:a9:0a:4a:19:12:f4:f3:16:aa:34:a4:
7c:5b:b9:9a:71:73:61:63:30:9c:09:1f:a6:85:40:
06:a2:b8:bc:82:1f:78:e9:38:e5:e5:2a:df:6d:90:
c4:df:50:48:5b:28:3d:9f:81:d5:0b:de:22:b2:96:
f5:c2:40:c7:f1:3c:f5:f2:75:3e:a0:4e:77:f7:f4:
3f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B9:EC:50:86:55:5C:71:38:33:90:21:5D:89:F0:40:13:E7:AC:61
X509v3 Authority Key Identifier:
keyid:AF:2F:2E:86:DD:7C:C9:10:16:58:FF:8D:5A:52:41:44:5F:CD:1D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ry8uht18yRAWWP-NWlJBRF_NHWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/YLnsUIZVXHE4M5AhXYnwQBPnrGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/e08b8e-bf22-435c-8b1f-46bb7aec1f30/1/ry8uht18yRAWWP-NWlJBRF_NHWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.164.0/24
128.65.166.0/24
128.65.168.0/24
128.65.172.0/22
194.26.2.0/23
Signature Algorithm: sha256WithRSAEncryption
87:89:ca:32:9d:61:3a:c1:50:d9:09:56:c4:11:be:6c:f9:d3:
3a:a5:d0:c2:0a:78:10:f4:38:89:55:77:6f:7f:73:b1:18:f1:
66:6f:04:06:73:c3:72:14:7f:47:fb:52:11:93:df:a4:6d:58:
40:3b:11:c2:01:6e:7b:b3:d9:c9:52:e0:de:f0:a3:05:b2:09:
61:7f:3d:ac:5d:18:f2:8e:0f:3e:d8:f9:8b:14:25:72:bc:11:
90:32:01:3d:f5:f8:d3:f9:c9:43:0b:3b:ae:63:a4:fe:1b:8c:
fb:d4:bd:5f:ba:ea:f3:6b:40:c1:50:35:5a:f9:cd:9c:00:c0:
71:99:8d:c5:4c:54:26:1d:77:b5:c2:29:1d:a8:29:07:79:ba:
01:72:52:66:80:8c:8c:01:2a:a8:04:8a:4f:a4:a9:17:15:b7:
fa:eb:9f:ee:f4:1b:c9:d4:e4:c0:32:05:ff:fe:9c:34:f7:e0:
ed:bf:38:41:9c:32:b7:1e:66:ed:55:7a:9c:13:36:2c:0a:14:
ee:ef:06:6c:2d:dc:54:ed:17:bc:d4:6c:c5:5a:6d:30:72:ac:
c1:28:16:a2:ad:e8:a4:e7:54:49:7f:39:5c:64:0b:87:3f:00:
ea:a8:6d:60:25:17:f6:e9:73:b3:27:0e:76:54:18:bb:ab:d1:
8d:ef:43:40
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2of3T6CYAl6asYmqVomLuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmYyZTg2ZGQ3Y2M5MTAxNjU4ZmY4ZDVhNTI0MTQ0NWZj
ZDFkNmEwHhcNMjQwMjE0MTY0MjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI5ZWM1MDg2NTU1YzcxMzgzMzkwMjE1ZDg5ZjA0MDEzZTdhYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdop3A75p67JcxffOo0GTq4GigGj
p0YHLmhhHmy6AU+1Uv62flRfrhM096EXQKrkRiLUxnUxrn9UW4GIDD2EMn6XyXPP
5TWujz/60uh0E/DDbPReyq71j0cchAw/J5fOLvTyTfNHZkhQwAZD7EvfVv8Hjr7t
vmR7nwNsoOD83nt5MLR1RzJRE0yDWMqeXVDWodCUHlJ94QP6Y4G9oWrS7L+7FlnS
FY6qD/+/KHd+/sXqNAh0UqLUqQpKGRL08xaqNKR8W7macXNhYzCcCR+mhUAGori8
gh946Tjl5SrfbZDE31BIWyg9n4HVC94ispb1wkDH8Tz18nU+oE539/Q/CQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGC57FCGVVxxODOQIV2J8EAT56xhMB8GA1UdIwQY
MBaAFK8vLobdfMkQFlj/jVpSQURfzR1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYt
NDZiYjdhZWMxZjMwLzEvWUxuc1VJWlZYSEU0TTVBaFhZbndRQlBuckdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lMDhiOGUtYmYyMi00MzVjLThiMWYtNDZiYjdhZWMxZjMw
LzEvcnk4dWh0MTh5UkFXV1AtTldsSkJSRl9OSFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgEGkAwQA
gEGmAwQAgEGoAwQCgEGsAwQBwhoCMA0GCSqGSIb3DQEBCwUAA4IBAQCHicoynWE6
wVDZCVbEEb5s+dM6pdDCCngQ9DiJVXdvf3OxGPFmbwQGc8NyFH9H+1IRk9+kbVhA
OxHCAW57s9nJUuDe8KMFsglhfz2sXRjyjg8+2PmLFCVyvBGQMgE99fjT+clDCzuu
Y6T+G4z71L1fuurza0DBUDVa+c2cAMBxmY3FTFQmHXe1wikdqCkHeboBclJmgIyM
ASqoBIpPpKkXFbf665/u9BvJ1OTAMgX//pw09+DtvzhBnDK3HmbtVXqcEzYsChTu
7wZsLdxU7Re81GzFWm0wcqzBKBaireik51RJfzlcZAuHPwDqqG1gJRf26XOzJw52
VBi7q9GN70NA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org