Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Yu5W193XkBwhMpgPSb4RbQXDOnQ.roa
File: Yu5W193XkBwhMpgPSb4RbQXDOnQ.roa (raw, json)
Hash identifier: nEjlXTFoVrUmrQU+GLT13BXivL5Igtj3yS3eb8TOfVs=
Subject key identifier: 62:EE:56:D7:DD:D7:90:1C:21:32:98:0F:49:BE:11:6D:05:C3:3A:74
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 018CC870905D8E5D73076C6F2970AF6F9DE9
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Yu5W193XkBwhMpgPSb4RbQXDOnQ.roa
Signing time: Tue 02 Jan 2024 04:31:09 +0000
ROA not before: Tue 02 Jan 2024 04:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5588
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:90:5d:8e:5d:73:07:6c:6f:29:70:af:6f:9d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Jan 2 04:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62ee56d7ddd7901c2132980f49be116d05c33a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:87:51:64:90:95:c0:a7:15:59:55:89:1f:ab:
4e:d8:85:cf:0c:2c:b8:84:37:7c:b9:fb:e8:d7:11:
57:e6:34:c0:68:c5:6b:96:89:5a:f4:ba:b2:e1:6b:
ac:3e:6d:b3:8e:74:8c:1d:5d:d0:bc:79:46:4d:06:
a8:06:06:c6:e4:f7:40:7e:05:76:9a:b4:d5:b8:17:
dd:9b:b1:21:05:a1:87:b5:3b:0e:68:6b:10:5e:9f:
15:23:58:cb:6e:06:06:f2:be:2e:00:22:ae:4a:12:
b8:dd:82:8d:20:0c:a2:de:65:4f:a6:b8:a6:0d:d1:
16:76:ba:31:d6:b4:9c:cc:43:b3:41:3f:49:f7:c9:
19:cc:e9:f8:44:01:dc:29:d6:4a:ec:92:d1:68:8f:
63:bf:b4:3c:5c:56:b9:29:e6:67:15:19:2f:90:d3:
20:45:b3:83:b8:ad:60:9b:ff:66:e1:72:fe:21:15:
50:04:85:1b:bd:b5:5b:b3:93:d5:b4:ce:c5:4b:7e:
fb:44:43:bd:ef:f2:9b:c7:54:4a:ac:07:74:99:ac:
36:f2:bf:9d:f5:d6:91:20:12:e4:ce:44:2e:33:86:
9d:80:7b:82:f4:7b:67:d3:bb:75:dd:b1:6c:b8:ba:
fd:e3:c2:d9:d7:50:a5:a5:af:41:99:c9:2c:0e:a4:
93:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:EE:56:D7:DD:D7:90:1C:21:32:98:0F:49:BE:11:6D:05:C3:3A:74
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Yu5W193XkBwhMpgPSb4RbQXDOnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1c:fb:b9:08:5e:29:d7:59:4b:b6:d9:01:5c:eb:a0:ac:45:43:
e1:76:8e:9e:db:77:cd:0e:cd:cf:3b:3f:b4:ac:16:de:5e:dd:
72:d1:c4:99:79:de:d0:e0:97:a9:fb:46:fa:fb:65:2d:a7:1d:
e4:9c:e2:c6:3e:ac:10:45:20:aa:d9:d3:db:86:68:70:1c:ff:
97:37:d8:12:ec:e8:73:2c:e0:53:f4:02:f5:09:8b:c6:74:29:
f5:3b:8d:73:90:19:93:0c:69:af:10:68:0d:15:26:4f:22:49:
61:62:56:c9:3a:d9:ec:29:3e:6e:13:81:2f:6c:da:3a:df:ad:
cb:c0:41:6d:ba:e3:3d:01:86:24:ea:76:5e:49:9f:2f:7e:a9:
94:97:39:bc:4e:b0:78:9e:76:6f:9e:c6:67:e0:8e:76:19:bd:
2c:8a:71:3b:7b:30:18:dd:ea:39:0b:44:33:3c:b6:a2:1d:e9:
82:57:72:99:1f:e3:ca:55:17:b8:93:7c:3f:19:14:d2:fe:ed:
86:35:92:5a:7c:54:87:5d:16:b6:fc:42:25:74:8e:8c:2e:13:
6e:f8:ac:0e:e2:31:a8:65:98:f2:4b:54:e7:46:76:82:f5:7d:
6b:0f:87:7b:a6:5f:64:b2:77:4c:8e:26:54:2b:65:1d:9c:19:
d8:e2:62:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIcJBdjl1zB2xvKXCvb53pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNl
OThlMjAwHhcNMjQwMTAyMDQzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmVlNTZkN2RkZDc5MDFjMjEzMjk4MGY0OWJlMTE2ZDA1YzMzYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIdRZJCVwKcVWVWJH6tO2IXPDCy4
hDd8ufvo1xFX5jTAaMVrlola9Lqy4WusPm2zjnSMHV3QvHlGTQaoBgbG5PdAfgV2
mrTVuBfdm7EhBaGHtTsOaGsQXp8VI1jLbgYG8r4uACKuShK43YKNIAyi3mVPprim
DdEWdrox1rSczEOzQT9J98kZzOn4RAHcKdZK7JLRaI9jv7Q8XFa5KeZnFRkvkNMg
RbODuK1gm/9m4XL+IRVQBIUbvbVbs5PVtM7FS377REO97/Kbx1RKrAd0maw28r+d
9daRIBLkzkQuM4adgHuC9Htn07t13bFsuLr948LZ11Clpa9BmcksDqSTQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGLuVtfd15AcITKYD0m+EW0Fwzp0MB8GA1UdIwQY
MBaAFD4L6OSNugffIXEXRbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5Zjgt
MjBmOWYwZGJmNDU4LzEvWXU1VzE5M1hrQndoTXBnUFNiNFJiUVhET25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4
LzEvUGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF
1CbAAwQH1MuAAwQF1dpgMA0GCSqGSIb3DQEBCwUAA4IBAQAc+7kIXinXWUu22QFc
66CsRUPhdo6e23fNDs3POz+0rBbeXt1y0cSZed7Q4Jep+0b6+2Utpx3knOLGPqwQ
RSCq2dPbhmhwHP+XN9gS7OhzLOBT9AL1CYvGdCn1O41zkBmTDGmvEGgNFSZPIklh
YlbJOtnsKT5uE4EvbNo6363LwEFtuuM9AYYk6nZeSZ8vfqmUlzm8TrB4nnZvnsZn
4I52Gb0sinE7ezAY3eo5C0QzPLaiHemCV3KZH+PKVRe4k3w/GRTS/u2GNZJafFSH
XRa2/EIldI6MLhNu+KwO4jGoZZjyS1TnRnaC9X1rD4d7pl9ksndMjiZUK2UdnBnY
4mLx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:44 2025 by rpki-client