Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YzVNaURRynvzxJJoRP_qKacLHd4.roa
File: YzVNaURRynvzxJJoRP_qKacLHd4.roa (raw, json)
Hash identifier: fVc5E3J/+H+4R0e5oSvUWM68cfYq+f6H9IUdCKmD3pw=
Subject key identifier: 63:35:4D:69:44:51:CA:7B:F3:C4:92:68:44:FF:EA:29:A7:0B:1D:DE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E3CDE4BFA3F0EE015F9280AEEF80D0DB7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YzVNaURRynvzxJJoRP_qKacLHd4.roa
Signing time: Thu 14 Mar 2024 12:09:45 +0000
ROA not before: Thu 14 Mar 2024 12:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 192.71.200.0/24 maxlen: 24
193.181.71.0/24 maxlen: 24
193.182.6.0/24 maxlen: 24
193.182.156.0/24 maxlen: 24
194.14.242.0/24 maxlen: 24
194.103.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 09:59:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:de:4b:fa:3f:0e:e0:15:f9:28:0a:ee:f8:0d:0d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 14 12:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63354d694451ca7bf3c4926844ffea29a70b1dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:20:f2:53:92:55:8d:7c:ab:e2:d7:e5:c2:72:
0c:6f:c1:33:24:5b:cc:5d:16:13:26:bf:86:87:7a:
9f:b8:25:26:0e:e3:d0:95:94:11:7e:85:75:7b:1b:
59:51:52:8a:31:c9:68:8e:89:16:cb:06:9d:fd:43:
b4:73:a0:78:d5:52:18:ee:17:a1:d6:d9:f6:9c:ca:
6f:29:2d:08:c2:e3:e6:f0:0b:06:65:38:6f:9d:90:
0d:d3:6f:65:4d:a8:76:5e:70:7a:6b:1f:f1:bf:59:
e3:38:34:c3:06:7b:eb:7f:9d:c0:fe:9b:b6:58:f8:
06:92:a3:30:6c:86:ac:46:cb:2a:95:5a:13:f6:e3:
9d:51:f2:e3:c5:e0:73:17:ae:16:3a:b6:47:1e:55:
0a:b5:b2:34:09:fb:de:fb:7d:22:92:ed:5e:5c:5a:
e7:d9:24:b2:31:e1:96:6e:fc:9c:c0:e2:ed:4a:d7:
4f:23:3b:cc:42:07:8e:25:98:8c:c0:47:af:62:e9:
5f:30:b8:f1:a8:62:ec:67:4b:56:da:30:b5:b1:18:
ca:6c:f1:66:e9:f8:07:ba:90:d9:4f:51:75:43:de:
f3:1e:12:d1:95:c9:0f:71:a7:a8:2b:fe:9a:fb:45:
fa:50:78:df:7d:78:d0:9f:60:32:a2:29:cf:a1:1d:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:35:4D:69:44:51:CA:7B:F3:C4:92:68:44:FF:EA:29:A7:0B:1D:DE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/YzVNaURRynvzxJJoRP_qKacLHd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.200.0/24
193.181.71.0/24
193.182.6.0/24
193.182.156.0/24
194.14.242.0/24
194.103.248.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a6:b4:f6:57:26:d9:72:4a:0d:5d:a4:2b:17:2f:88:59:18:
a1:4b:5c:12:0e:a8:ba:de:6b:fc:9c:34:b9:2b:de:d7:17:77:
d0:4e:a9:c3:55:25:e4:f8:55:64:f7:21:ce:b7:38:d0:cf:f2:
d6:1d:e6:32:4c:2d:b1:73:7e:a2:ba:36:f8:85:3b:ee:68:c9:
b8:d8:f4:7b:f7:0f:8f:40:7e:c4:3d:0e:86:49:88:3c:b2:2e:
f0:33:39:2d:05:13:3a:4d:3b:d4:bc:0c:f5:22:b8:1e:6b:71:
5a:5b:43:79:05:93:76:fd:c4:b6:dd:52:c4:e7:f2:77:ea:04:
9b:7d:2d:cd:a8:01:40:de:d6:2c:8b:e9:40:42:b5:0e:90:ae:
3a:c4:82:04:37:86:29:e9:ff:af:ca:9a:2b:17:a2:29:21:3c:
82:76:df:bc:5b:9c:28:d1:5b:ff:fc:03:42:ec:c3:df:99:64:
f9:84:09:05:4e:6b:a4:c6:70:54:34:9f:44:a9:fa:77:bd:3d:
22:73:fd:1c:e0:de:0d:ff:d6:ee:23:57:2f:bc:0a:a4:33:29:
21:b9:63:79:47:e7:f3:52:9e:c3:c8:bc:9a:19:66:4b:17:a2:
be:36:a8:4e:a0:3b:6f:e8:a1:d7:a8:6b:f7:98:58:a5:c0:af:
ed:29:59:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY483kv6Pw7gFfkoCu74DQ23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzE0MTIwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM1NGQ2OTQ0NTFjYTdiZjNjNDkyNjg0NGZmZWEyOWE3MGIxZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyDyU5JVjXyr4tflwnIMb8EzJFvM
XRYTJr+Gh3qfuCUmDuPQlZQRfoV1extZUVKKMclojokWywad/UO0c6B41VIY7heh
1tn2nMpvKS0IwuPm8AsGZThvnZAN029lTah2XnB6ax/xv1njODTDBnvrf53A/pu2
WPgGkqMwbIasRssqlVoT9uOdUfLjxeBzF64WOrZHHlUKtbI0Cfve+30iku1eXFrn
2SSyMeGWbvycwOLtStdPIzvMQgeOJZiMwEevYulfMLjxqGLsZ0tW2jC1sRjKbPFm
6fgHupDZT1F1Q97zHhLRlckPcaeoK/6a+0X6UHjffXjQn2AyoinPoR29IwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGM1TWlEUcp788SSaET/6imnCx3eMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWXpWTmFVUlJ5bnZ6eEpKb1JQX3FLYWNMSGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwEfIAwQA
wbVHAwQAwbYGAwQAwbacAwQAwg7yAwQAwmf4MA0GCSqGSIb3DQEBCwUAA4IBAQAz
prT2VybZckoNXaQrFy+IWRihS1wSDqi63mv8nDS5K97XF3fQTqnDVSXk+FVk9yHO
tzjQz/LWHeYyTC2xc36iujb4hTvuaMm42PR79w+PQH7EPQ6GSYg8si7wMzktBRM6
TTvUvAz1Irgea3FaW0N5BZN2/cS23VLE5/J36gSbfS3NqAFA3tYsi+lAQrUOkK46
xIIEN4Yp6f+vyporF6IpITyCdt+8W5wo0Vv//ANC7MPfmWT5hAkFTmukxnBUNJ9E
qfp3vT0ic/0c4N4N/9buI1cvvAqkMykhuWN5R+fzUp7DyLyaGWZLF6K+NqhOoDtv
6KHXqGv3mFilwK/tKVm2
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:06:34 2025 by rpki-client