Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/yr0g-D6VEBSCU85AyOt90_J0340.roa
File: yr0g-D6VEBSCU85AyOt90_J0340.roa (raw, json)
Hash identifier: Jw1gidNSR/qqNFVX8z14cxZuVUxR6eOXCFv6OwgpHn8=
Subject key identifier: CA:BD:20:F8:3E:95:10:14:82:53:CE:40:C8:EB:7D:D3:F2:74:DF:8D
Certificate issuer: /CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Certificate serial: 018570B07C2D76E4EAABDC83E246514E704A
Authority key identifier: 29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/yr0g-D6VEBSCU85AyOt90_J0340.roa
Signing time: Mon 02 Jan 2023 04:14:52 +0000
ROA not before: Mon 02 Jan 2023 04:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16019
IP address blocks: 62.245.64.0/18 maxlen: 18
46.167.224.0/19 maxlen: 19
62.245.96.0/19 maxlen: 19
46.167.192.0/19 maxlen: 19
46.167.192.0/18 maxlen: 18
62.245.64.0/19 maxlen: 19
84.242.96.0/19 maxlen: 19
109.107.192.0/19 maxlen: 19
93.90.160.0/20 maxlen: 20
84.242.64.0/19 maxlen: 19
31.30.0.0/16 maxlen: 17
84.242.64.0/18 maxlen: 18
213.220.224.0/19 maxlen: 19
88.146.192.0/18 maxlen: 18
89.103.0.0/16 maxlen: 16
84.42.128.0/17 maxlen: 17
141.170.128.0/18 maxlen: 18
84.42.128.0/18 maxlen: 18
141.170.128.0/19 maxlen: 19
213.220.192.0/19 maxlen: 19
213.220.192.0/18 maxlen: 18
93.99.128.0/17 maxlen: 17
86.49.0.0/17 maxlen: 17
86.49.0.0/16 maxlen: 16
94.113.0.0/16 maxlen: 16
89.177.0.0/16 maxlen: 16
86.49.128.0/17 maxlen: 17
84.42.192.0/18 maxlen: 18
141.170.160.0/19 maxlen: 19
80.95.96.0/19 maxlen: 19
31.169.128.0/17 maxlen: 17
31.169.128.0/18 maxlen: 18
188.95.120.0/21 maxlen: 21
78.45.0.0/16 maxlen: 16
81.27.200.0/21 maxlen: 21
77.48.0.0/17 maxlen: 17
77.48.0.0/16 maxlen: 16
94.112.0.0/16 maxlen: 16
89.176.0.0/16 maxlen: 16
94.112.0.0/15 maxlen: 15
89.176.0.0/15 maxlen: 15
78.102.0.0/17 maxlen: 17
89.102.0.0/16 maxlen: 16
78.102.0.0/16 maxlen: 16
89.102.0.0/15 maxlen: 15
62.240.160.0/20 maxlen: 20
62.240.160.0/19 maxlen: 19
62.240.176.0/20 maxlen: 20
88.146.128.0/18 maxlen: 18
88.146.128.0/17 maxlen: 17
93.99.0.0/17 maxlen: 17
31.169.192.0/18 maxlen: 18
77.48.128.0/17 maxlen: 17
93.99.0.0/16 maxlen: 16
78.102.128.0/17 maxlen: 17
78.44.0.0/16 maxlen: 16
178.77.192.0/19 maxlen: 19
78.44.0.0/15 maxlen: 15
46.135.0.0/16 maxlen: 16
178.77.192.0/18 maxlen: 18
178.77.224.0/19 maxlen: 19
213.192.0.0/18 maxlen: 18
213.192.0.0/19 maxlen: 19
213.192.32.0/19 maxlen: 19
217.77.160.0/20 maxlen: 20
62.24.64.0/19 maxlen: 19
62.24.64.0/20 maxlen: 20
62.24.80.0/20 maxlen: 20
82.142.64.0/18 maxlen: 18
81.27.192.0/21 maxlen: 21
81.27.192.0/20 maxlen: 20
2a02:8300::/28 maxlen: 28
2a00:11b0::/29 maxlen: 29
2a02:8300::/29 maxlen: 29
2a02:8308::/29 maxlen: 29
2a01:5e0:8000::/33 maxlen: 33
2a01:5e0::/33 maxlen: 33
2a01:5e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Jan 2023 08:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:7c:2d:76:e4:ea:ab:dc:83:e2:46:51:4e:70:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Validity
Not Before: Jan 2 04:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cabd20f83e9510148253ce40c8eb7dd3f274df8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:04:6a:c3:e1:94:9b:01:c3:b5:51:96:bd:3b:
d9:38:91:f4:5d:6f:3d:6d:90:5b:46:27:fa:42:81:
30:bc:ad:34:63:28:a8:de:ab:16:f9:3c:c0:5b:39:
76:82:2b:d6:ea:28:f5:98:4e:fa:8e:8d:d9:11:1e:
57:24:58:22:9e:17:6c:d8:95:90:d0:77:c5:b5:0f:
a3:08:5c:e2:a5:f5:d2:78:f7:46:7a:75:8f:09:17:
0e:c0:1e:d8:32:1e:4c:7c:e2:5e:6f:b3:ff:68:18:
5d:ac:1d:91:c6:45:4e:cd:c9:35:8a:e0:da:73:78:
30:cb:8d:39:45:8d:ae:a0:c0:eb:a2:0d:76:c4:d7:
3d:58:99:ff:64:45:78:a0:48:3e:aa:99:d1:34:8b:
d7:3a:e5:ff:29:97:86:7f:2c:88:fe:7f:3b:59:69:
83:e4:ad:fe:93:a7:50:d6:7f:33:7b:28:6a:e6:c4:
d5:02:b9:9e:32:14:a0:87:bc:24:60:76:6c:a6:6c:
fd:0b:5b:fe:95:4b:8c:8c:d4:f9:b2:3e:ff:21:97:
3f:b0:53:ca:f0:30:05:bc:64:85:59:27:ef:34:3f:
5e:bb:a8:a1:10:98:45:ec:a3:31:83:2b:fa:86:b6:
c1:0c:9f:57:36:9f:62:30:98:27:3c:13:b0:44:e8:
3a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BD:20:F8:3E:95:10:14:82:53:CE:40:C8:EB:7D:D3:F2:74:DF:8D
X509v3 Authority Key Identifier:
keyid:29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/yr0g-D6VEBSCU85AyOt90_J0340.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.30.0.0/16
31.169.128.0/17
46.135.0.0/16
46.167.192.0/18
62.24.64.0/19
62.240.160.0/19
62.245.64.0/18
77.48.0.0/16
78.44.0.0/15
78.102.0.0/16
80.95.96.0/19
81.27.192.0/20
82.142.64.0/18
84.42.128.0/17
84.242.64.0/18
86.49.0.0/16
88.146.128.0/17
89.102.0.0/15
89.176.0.0/15
93.90.160.0/20
93.99.0.0/16
94.112.0.0/15
109.107.192.0/19
141.170.128.0/18
178.77.192.0/18
188.95.120.0/21
213.192.0.0/18
213.220.192.0/18
217.77.160.0/20
IPv6:
2a00:11b0::/29
2a01:5e0::/32
2a02:8300::/28
Signature Algorithm: sha256WithRSAEncryption
47:ce:0c:f4:4b:7f:f1:4e:60:47:fd:cd:72:99:12:14:e9:91:
dc:30:35:a8:59:e2:75:54:f8:5f:2e:39:b1:37:cc:f6:60:a8:
28:49:2a:34:41:eb:e5:b4:b6:8f:e8:8b:35:ce:98:24:81:fe:
55:c1:7e:60:bb:19:80:6a:78:7f:be:c7:27:e2:93:43:9f:73:
fb:46:fa:2f:a3:31:70:47:d8:cc:20:ea:c9:52:c9:6d:d6:41:
21:37:22:91:92:24:d6:d2:87:33:de:37:79:2a:d9:c0:7d:e2:
49:60:0b:5f:e9:4c:3d:78:1b:c0:e2:ff:50:bd:f3:34:a4:4c:
0b:1a:61:6f:52:d1:4c:b4:f0:d7:6f:24:6b:ef:b4:8c:8b:e1:
9c:93:b7:eb:18:50:07:43:b5:be:1e:1c:63:21:18:b8:d3:1e:
12:1c:ba:bc:fb:08:b5:bf:6b:6c:bd:f3:db:ae:72:53:96:f3:
83:7d:56:fd:e5:fe:c5:cc:03:fb:58:8d:f2:c6:4b:d4:3a:70:
ac:65:67:62:be:b7:c1:59:ad:ca:96:30:79:78:44:bc:68:0f:
54:51:f0:57:ae:2d:00:55:f3:0e:58:e7:4c:4f:b5:d6:e0:0f:
cb:ac:c9:ea:00:20:f6:ac:b4:42:28:e9:77:8d:08:4b:dd:6f:
42:93:7a:a7
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYVwsHwtduTqq9yD4kZRTnBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmI3ZGEzYjQ0ZTQxYjMyMzY5ZTRhNWM3OTBkMzA4MWZj
NjlhYTkwHhcNMjMwMTAyMDQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJkMjBmODNlOTUxMDE0ODI1M2NlNDBjOGViN2RkM2YyNzRkZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQRqw+GUmwHDtVGWvTvZOJH0XW89
bZBbRif6QoEwvK00Yyio3qsW+TzAWzl2givW6ij1mE76jo3ZER5XJFginhds2JWQ
0HfFtQ+jCFzipfXSePdGenWPCRcOwB7YMh5MfOJeb7P/aBhdrB2RxkVOzck1iuDa
c3gwy405RY2uoMDrog12xNc9WJn/ZEV4oEg+qpnRNIvXOuX/KZeGfyyI/n87WWmD
5K3+k6dQ1n8zeyhq5sTVArmeMhSgh7wkYHZspmz9C1v+lUuMjNT5sj7/IZc/sFPK
8DAFvGSFWSfvND9eu6ihEJhF7KMxgyv6hrbBDJ9XNp9iMJgnPBOwROg69wIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFMq9IPg+lRAUglPOQMjrfdPydN+NMB8GA1UdIwQY
MBaAFCn7faO0TkGzI2nkpceQ0wgfxpqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYt
YmNhYzhiNTUyYTlhLzEveXIwZy1ENlZFQlNDVTg1QXlPdDkwX0owMzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYtYmNhYzhiNTUyYTlh
LzEvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDAwAf
HgMEBx+pgAMDAC6HAwQGLqfAAwQFPhhAAwQFPvCgAwQGPvVAAwMATTADAwFOLAMD
AE5mAwQFUF9gAwQEURvAAwQGUo5AAwQHVCqAAwQGVPJAAwMAVjEDBAdYkoADAwFZ
ZgMDAVmwAwQEXVqgAwMAXWMDAwFecAMEBW1rwAMEBo2qgAMEBrJNwAMEA7xfeAME
BtXAAAMEBtXcwAMEBNlNoDAbBAIAAjAVAwUDKgARsAMFACoBBeADBQQqAoMAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHzgz0S3/xTmBH/c1ymRIU6ZHcMDWoWeJ1VPhfLjmx
N8z2YKgoSSo0QevltLaP6Is1zpgkgf5VwX5guxmAanh/vscn4pNDn3P7RvovozFw
R9jMIOrJUslt1kEhNyKRkiTW0ocz3jd5KtnAfeJJYAtf6Uw9eBvA4v9QvfM0pEwL
GmFvUtFMtPDXbyRr77SMi+Gck7frGFAHQ7W+HhxjIRi40x4SHLq8+wi1v2tsvfPb
rnJTlvODfVb95f7FzAP7WI3yxkvUOnCsZWdivrfBWa3KljB5eES8aA9UUfBXri0A
VfMOWOdMT7XW4A/LrMnqACD2rLRCKOl3jQhL3W9Ck3qn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:03 2024 by rpki-client on console-ams.rpki-client.org