Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YlHkdheibCx2-eZ_HF0YfYx2ETY.roa
File: YlHkdheibCx2-eZ_HF0YfYx2ETY.roa (raw, json)
Hash identifier: +nc2QRGw6olnllmU6cY6V37XECPQirnH5GtPHfwDhq0=
Subject key identifier: 62:51:E4:76:17:A2:6C:2C:76:F9:E6:7F:1C:5D:18:7D:8C:76:11:36
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01894AEC5F67C5804380D14FC5A07A5EC0D1
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YlHkdheibCx2-eZ_HF0YfYx2ETY.roa
Signing time: Wed 12 Jul 2023 16:25:52 +0000
ROA not before: Wed 12 Jul 2023 16:25:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 93.152.208.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 07:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:ec:5f:67:c5:80:43:80:d1:4f:c5:a0:7a:5e:c0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 12 16:25:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6251e47617a26c2c76f9e67f1c5d187d8c761136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:48:bb:9f:cd:0a:88:59:5c:ed:c1:bf:82:3e:
9b:29:c2:9a:30:a1:e8:5e:3d:1b:84:5c:d1:9e:b1:
2a:78:6e:c6:51:83:28:f3:de:8d:b6:5e:04:ce:cc:
0a:b1:b7:5e:fd:6c:f4:2c:84:76:b2:e8:a3:aa:c8:
4a:40:67:e1:41:de:8d:ef:72:fc:94:0d:ff:d5:2c:
9e:3f:a3:95:ff:76:47:c1:ae:68:11:46:61:05:f7:
d1:0d:3a:b2:fc:29:34:4a:8f:b3:a4:a5:0c:80:7d:
46:97:a5:c2:ef:c7:9b:ab:19:fc:20:69:96:3c:d8:
30:1a:7e:ab:52:29:d9:38:6f:c1:03:97:55:ec:8e:
0e:a7:5c:1f:af:e4:b2:29:91:bf:af:70:f3:88:c6:
5f:d0:2b:9d:43:93:18:0e:54:a9:64:40:8c:4a:5e:
8e:ce:d2:66:c0:a0:a0:95:84:cd:bc:45:06:29:d5:
c1:c7:80:d7:ab:8e:72:7a:39:73:fc:d4:dc:a5:e9:
96:35:28:c8:5f:0e:e9:df:2c:49:38:79:bf:6c:11:
c0:c5:8b:9f:41:c0:d2:04:a1:9c:7f:82:35:91:76:
a3:45:0f:d4:cd:e8:37:f2:c1:30:aa:3c:40:98:72:
6f:eb:b0:24:b1:34:c0:01:db:59:69:5d:a5:38:82:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:51:E4:76:17:A2:6C:2C:76:F9:E6:7F:1C:5D:18:7D:8C:76:11:36
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/YlHkdheibCx2-eZ_HF0YfYx2ETY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.235.0/24
93.152.208.0/24
93.152.211.0/24
93.152.216.0/24
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:49:62:47:eb:23:0d:f3:47:97:33:f5:d9:0a:3e:71:31:50:
6d:d4:ea:fc:aa:ba:9f:3c:90:da:65:a8:07:85:3d:95:06:e1:
e4:1a:35:57:4a:7d:7c:0b:7f:1d:68:41:f6:eb:04:26:d2:20:
27:04:bb:a1:80:6a:1f:d8:b4:b0:6b:ba:fa:8e:df:68:82:42:
17:94:91:1d:70:3a:18:a1:9a:07:8d:8b:10:9d:30:b9:a6:01:
fa:49:15:af:a8:2c:09:78:0d:ad:ae:d5:b9:f8:c1:af:96:73:
98:5c:6d:e3:ac:83:10:fd:b4:6f:09:a6:9b:6a:57:95:8f:68:
f3:8d:40:46:ea:f0:2a:76:4c:8c:c6:89:8b:d4:3d:8f:6d:4b:
8b:53:a0:99:69:15:bd:d4:ca:37:bd:ec:f9:5c:38:df:9b:79:
cb:f4:36:35:50:ff:34:83:00:04:ac:7f:7e:32:1d:a3:d4:00:
eb:ef:f2:7b:79:3e:cd:f6:29:54:cd:a3:7a:1e:d2:a6:b8:be:
f5:e9:f7:84:7f:3d:7b:85:10:69:cb:1f:8b:73:cc:dd:8d:2e:
15:1f:a2:91:80:8c:69:91:e1:f2:84:c8:dc:36:8c:5c:9e:c5:
5f:60:bb:0c:7c:67:f0:ac:a9:64:e8:6f:0c:64:b4:5d:eb:04:
71:7a:d7:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYlK7F9nxYBDgNFPxaB6XsDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzEyMTYyNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUxZTQ3NjE3YTI2YzJjNzZmOWU2N2YxYzVkMTg3ZDhjNzYxMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgki7n80KiFlc7cG/gj6bKcKaMKHo
Xj0bhFzRnrEqeG7GUYMo896Ntl4EzswKsbde/Wz0LIR2suijqshKQGfhQd6N73L8
lA3/1SyeP6OV/3ZHwa5oEUZhBffRDTqy/Ck0So+zpKUMgH1Gl6XC78ebqxn8IGmW
PNgwGn6rUinZOG/BA5dV7I4Op1wfr+SyKZG/r3DziMZf0CudQ5MYDlSpZECMSl6O
ztJmwKCglYTNvEUGKdXBx4DXq45yejlz/NTcpemWNSjIXw7p3yxJOHm/bBHAxYuf
QcDSBKGcf4I1kXajRQ/Uzeg38sEwqjxAmHJv67AksTTAAdtZaV2lOIIzCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGJR5HYXomwsdvnmfxxdGH2MdhE2MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWWxIa2RoZWliQ3gyLWVaX0hGMFlmWXgyRVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY3rAwQA
XZjQAwQAXZjTAwQAXZjYAwQAXZjmMA0GCSqGSIb3DQEBCwUAA4IBAQA+SWJH6yMN
80eXM/XZCj5xMVBt1Or8qrqfPJDaZagHhT2VBuHkGjVXSn18C38daEH26wQm0iAn
BLuhgGof2LSwa7r6jt9ogkIXlJEdcDoYoZoHjYsQnTC5pgH6SRWvqCwJeA2trtW5
+MGvlnOYXG3jrIMQ/bRvCaabaleVj2jzjUBG6vAqdkyMxomL1D2PbUuLU6CZaRW9
1Mo3vez5XDjfm3nL9DY1UP80gwAErH9+Mh2j1ADr7/J7eT7N9ilUzaN6HtKmuL71
6feEfz17hRBpyx+Lc8zdjS4VH6KRgIxpkeHyhMjcNoxcnsVfYLsMfGfwrKlk6G8M
ZLRd6wRxetdk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org