Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/YKnfD0UwZ2mGMv2CKhtIyGYZdnM.roa
File: YKnfD0UwZ2mGMv2CKhtIyGYZdnM.roa (raw, json)
Hash identifier: qbJfrm6Bx95fYayiqF1SXMBfzRv9wIQBGyQHhttEWEw=
Subject key identifier: 60:A9:DF:0F:45:30:67:69:86:32:FD:82:2A:1B:48:C8:66:19:76:73
Certificate issuer: /CN=5421ba4b539162d7ef191a5662049e51fdc3622b
Certificate serial: 01856EA69AE090C38CEBC35B61D75C7D17E2
Authority key identifier: 54:21:BA:4B:53:91:62:D7:EF:19:1A:56:62:04:9E:51:FD:C3:62:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCG6S1ORYtfvGRpWYgSeUf3DYis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/YKnfD0UwZ2mGMv2CKhtIyGYZdnM.roa
Signing time: Sun 01 Jan 2023 18:44:50 +0000
ROA not before: Sun 01 Jan 2023 18:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13243
IP address blocks: 217.18.192.0/20 maxlen: 20
185.226.100.0/22 maxlen: 22
195.245.202.0/24 maxlen: 24
62.148.32.0/19 maxlen: 19
195.254.192.0/19 maxlen: 19
146.192.128.0/17 maxlen: 17
193.36.191.0/24 maxlen: 24
77.94.232.0/21 maxlen: 21
2a00:97c0::/32 maxlen: 32
2a00:ef8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:9a:e0:90:c3:8c:eb:c3:5b:61:d7:5c:7d:17:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5421ba4b539162d7ef191a5662049e51fdc3622b
Validity
Not Before: Jan 1 18:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60a9df0f453067698632fd822a1b48c866197673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a7:21:1d:1f:8b:ea:af:dd:d7:dd:d2:03:56:
7c:f5:73:21:3b:a1:e4:90:ca:b8:b6:bb:b0:33:32:
f2:32:bb:b5:24:5c:b6:44:bb:20:9b:59:7b:09:ac:
59:28:5a:bc:2b:74:d3:ae:f5:08:62:28:07:5e:a7:
a2:a3:22:7d:b2:9d:e2:be:03:78:b2:cc:fb:cf:68:
c6:1f:62:e5:5f:11:67:4c:3e:c3:dc:2e:84:fb:e9:
fb:91:c5:2d:4a:6e:2e:55:18:37:8c:73:4f:31:6e:
6e:7b:ef:24:c5:4f:57:06:6a:f7:3b:8b:e2:e7:ea:
79:3a:cd:49:52:30:2b:62:33:f9:21:f4:90:a8:a5:
bc:4e:db:f6:a5:8b:85:ac:25:bb:af:5e:75:73:73:
1a:c8:88:d0:0b:61:39:7e:ac:b5:3b:99:ca:85:32:
71:a7:42:5e:32:87:ab:48:f4:e5:b8:ab:5b:de:6d:
30:34:c5:bb:9c:36:70:ab:6f:cc:9d:41:78:e9:75:
14:0e:9a:af:d2:2e:b4:1f:81:92:cb:1d:43:49:0a:
45:7f:76:82:a4:5c:22:e2:5e:4a:22:38:95:b9:d7:
9e:e8:9e:7c:6b:59:ed:b0:62:55:06:4a:73:36:8f:
da:51:bc:4d:1d:db:c2:c4:1e:72:2e:41:c1:84:59:
87:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A9:DF:0F:45:30:67:69:86:32:FD:82:2A:1B:48:C8:66:19:76:73
X509v3 Authority Key Identifier:
keyid:54:21:BA:4B:53:91:62:D7:EF:19:1A:56:62:04:9E:51:FD:C3:62:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCG6S1ORYtfvGRpWYgSeUf3DYis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/YKnfD0UwZ2mGMv2CKhtIyGYZdnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/3aee7a-15b5-43d6-8275-ef063e786e54/1/VCG6S1ORYtfvGRpWYgSeUf3DYis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.32.0/19
77.94.232.0/21
146.192.128.0/17
185.226.100.0/22
193.36.191.0/24
195.245.202.0/24
195.254.192.0/19
217.18.192.0/20
IPv6:
2a00:ef8::/32
2a00:97c0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:09:14:43:f8:42:74:e5:54:23:aa:f7:2e:00:49:f0:7d:64:
bc:43:56:4c:eb:10:f9:87:26:a7:33:b2:02:f5:1a:48:5f:b8:
a7:03:aa:fd:a7:22:d3:ca:89:f9:b8:22:7e:75:0a:3c:0d:ce:
b9:6f:db:18:71:4a:e5:4a:d5:b3:9e:05:24:ed:be:98:46:05:
bc:36:28:e0:b9:70:8e:05:35:a9:12:22:ee:3a:42:bc:86:3c:
f8:e2:42:16:f1:0d:ce:f9:c5:21:ba:3f:0e:00:33:78:a7:6f:
b1:ab:88:b4:1c:d4:5b:08:a1:01:6a:7d:24:4f:bb:3b:d5:5c:
db:e3:52:46:33:be:57:89:5d:5f:36:fe:a7:bb:e6:79:d7:71:
d8:18:3c:8e:70:f8:34:2b:d4:02:47:bf:86:4f:48:b1:26:5b:
10:1b:d0:32:a1:8f:a1:b6:e0:c3:0d:de:f9:a3:3d:93:9a:52:
43:22:8f:a3:4f:9c:e3:7c:b4:23:b9:71:a5:18:3f:99:6e:1c:
5f:c0:1b:98:a5:67:fd:fc:54:71:b2:f4:03:10:21:38:e9:2b:
70:b7:01:65:42:5f:fd:bf:32:9f:d9:35:94:da:9d:df:3f:1e:
ce:8c:91:0e:ae:09:5c:ac:57:73:bd:dc:4f:3a:c8:9b:79:fe:
a7:27:1c:20
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVupprgkMOM68NbYddcfRfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MjFiYTRiNTM5MTYyZDdlZjE5MWE1NjYyMDQ5ZTUxZmRj
MzYyMmIwHhcNMjMwMTAxMTg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE5ZGYwZjQ1MzA2NzY5ODYzMmZkODIyYTFiNDhjODY2MTk3NjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKchHR+L6q/d193SA1Z89XMhO6Hk
kMq4truwMzLyMru1JFy2RLsgm1l7CaxZKFq8K3TTrvUIYigHXqeioyJ9sp3ivgN4
ssz7z2jGH2LlXxFnTD7D3C6E++n7kcUtSm4uVRg3jHNPMW5ue+8kxU9XBmr3O4vi
5+p5Os1JUjArYjP5IfSQqKW8Ttv2pYuFrCW7r151c3MayIjQC2E5fqy1O5nKhTJx
p0JeMoerSPTluKtb3m0wNMW7nDZwq2/MnUF46XUUDpqv0i60H4GSyx1DSQpFf3aC
pFwi4l5KIjiVudee6J58a1ntsGJVBkpzNo/aUbxNHdvCxB5yLkHBhFmHQQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGCp3w9FMGdphjL9giobSMhmGXZzMB8GA1UdIwQY
MBaAFFQhuktTkWLX7xkaVmIEnlH9w2IrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNHNlMxT1JZdGZ2R1JwV1lnU2VVZjNEWWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8zYWVlN2EtMTViNS00M2Q2LTgyNzUt
ZWYwNjNlNzg2ZTU0LzEvWUtuZkQwVXdaMm1HTXYyQ0todEl5R1laZG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8zYWVlN2EtMTViNS00M2Q2LTgyNzUtZWYwNjNlNzg2ZTU0
LzEvVkNHNlMxT1JZdGZ2R1JwV1lnU2VVZjNEWWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFPpQgAwQD
TV7oAwQHksCAAwQCueJkAwQAwSS/AwQAw/XKAwQFw/7AAwQE2RLAMBQEAgACMA4D
BQAqAA74AwUAKgCXwDANBgkqhkiG9w0BAQsFAAOCAQEAPwkUQ/hCdOVUI6r3LgBJ
8H1kvENWTOsQ+YcmpzOyAvUaSF+4pwOq/aci08qJ+bgifnUKPA3OuW/bGHFK5UrV
s54FJO2+mEYFvDYo4LlwjgU1qRIi7jpCvIY8+OJCFvENzvnFIbo/DgAzeKdvsauI
tBzUWwihAWp9JE+7O9Vc2+NSRjO+V4ldXzb+p7vmeddx2Bg8jnD4NCvUAke/hk9I
sSZbEBvQMqGPobbgww3e+aM9k5pSQyKPo0+c43y0I7lxpRg/mW4cX8AbmKVn/fxU
cbL0AxAhOOkrcLcBZUJf/b8yn9k1lNqd3z8ezoyRDq4JXKxXc73cTzrIm3n+pycc
IA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:16 2024 by rpki-client on console-fra.rpki-client.org