Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/yeVS9-vgCwKCiubVb8avr1par7M.roa
File: yeVS9-vgCwKCiubVb8avr1par7M.roa (raw, json)
Hash identifier: uLA3InZvdwVJneK+3BYUwexqIIhjEpPbXn5VhKJru+w=
Subject key identifier: C9:E5:52:F7:EB:E0:0B:02:82:8A:E6:D5:6F:C6:AF:AF:5A:5A:AF:B3
Certificate issuer: /CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Certificate serial: 01859769034BC6D40F203060B8DBC59A3011
Authority key identifier: 3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/yeVS9-vgCwKCiubVb8avr1par7M.roa
Signing time: Mon 09 Jan 2023 16:41:59 +0000
ROA not before: Mon 09 Jan 2023 16:41:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41765
IP address blocks: 185.233.48.10/32 maxlen: 32
193.33.46.0/23 maxlen: 23
31.172.164.0/22 maxlen: 22
185.4.63.0/24 maxlen: 24
185.233.48.0/24 maxlen: 24
185.233.48.0/22 maxlen: 22
185.233.50.0/23 maxlen: 23
188.65.168.0/21 maxlen: 21
45.8.233.0/24 maxlen: 24
45.8.234.0/24 maxlen: 24
45.8.235.0/24 maxlen: 24
193.37.150.0/24 maxlen: 24
2a02:2288::/29 maxlen: 29
2a02:2288::/32 maxlen: 32
2a0c:d500::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 26 Oct 2023 16:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:69:03:4b:c6:d4:0f:20:30:60:b8:db:c5:9a:30:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Validity
Not Before: Jan 9 16:41:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9e552f7ebe00b02828ae6d56fc6afaf5a5aafb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ba:b6:fa:76:19:87:90:6f:51:48:44:79:27:
b8:4c:24:84:f0:bd:08:4d:50:4a:f5:3b:2d:b0:35:
62:b4:98:67:97:7f:0b:fd:be:a4:b2:d2:a8:0d:44:
77:66:28:5a:b1:8c:65:ea:66:6e:0f:23:1a:49:2b:
ef:a1:44:ec:67:7a:7b:9c:2c:f5:57:d7:89:3f:f1:
cf:00:1f:23:fe:d6:89:9a:95:67:68:c5:c2:33:70:
b0:08:96:85:e9:89:ff:b8:a7:93:c0:8c:bb:98:89:
e8:f1:86:d9:c2:af:65:c9:71:aa:1c:32:31:69:72:
fc:72:e3:9e:bb:3e:41:48:9c:ef:8e:7b:6c:62:6e:
7c:d7:3f:d3:15:eb:57:1d:2d:9f:23:ed:48:33:9d:
c8:70:bb:80:83:14:b1:42:e0:7a:1d:40:eb:6c:39:
a5:58:b8:03:46:4c:8f:bd:c4:23:15:cb:a7:d3:97:
3b:e3:4b:c3:74:49:1d:52:b4:86:ad:aa:9f:ea:e2:
91:18:08:5e:41:62:d7:af:f9:f8:6e:1b:18:ff:65:
ea:7f:cd:ad:e1:14:72:6f:26:12:4a:cd:7b:71:b4:
f3:28:27:11:93:b9:e7:c3:0a:cb:29:82:90:fc:65:
47:94:63:15:4c:2d:16:d3:e1:4b:dd:6b:1e:15:39:
c4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E5:52:F7:EB:E0:0B:02:82:8A:E6:D5:6F:C6:AF:AF:5A:5A:AF:B3
X509v3 Authority Key Identifier:
keyid:3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/yeVS9-vgCwKCiubVb8avr1par7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.164.0/22
45.8.233.0-45.8.235.255
185.4.63.0/24
185.233.48.0/22
188.65.168.0/21
193.33.46.0/23
193.37.150.0/24
IPv6:
2a02:2288::/29
2a0c:d500::/29
Signature Algorithm: sha256WithRSAEncryption
96:32:bc:c6:7a:3e:25:fd:ac:e3:ba:26:98:3a:5d:a3:ce:30:
b2:f7:ec:c7:fa:6f:61:2f:82:d0:55:87:2b:d4:9c:82:fa:01:
ae:11:b5:46:d4:68:e8:a9:d8:d6:41:38:3e:3d:89:ef:ef:62:
e0:a4:61:c4:3a:8c:3f:36:7f:3f:c5:72:31:13:52:84:ee:08:
3c:38:84:ec:f8:69:c0:22:86:e8:f5:03:02:21:56:2e:20:f3:
4a:07:19:34:fb:ac:d2:8f:5b:38:13:a3:53:cf:5b:19:17:b8:
41:43:a8:a7:b9:7c:05:a6:41:1e:d7:b0:17:a8:9a:62:32:f1:
de:22:f9:4c:9e:bf:57:0c:2f:70:c4:8c:b9:03:39:f1:26:90:
be:12:8e:cc:45:78:e4:ed:68:ca:60:65:28:a7:fe:a0:41:9d:
62:ed:6d:db:6a:b2:12:9b:48:ea:0d:aa:7f:2f:5a:93:bc:24:
f5:5e:01:0c:ad:b2:3b:59:b9:49:ec:22:84:e0:7c:76:99:63:
da:07:6b:0e:b6:bd:25:b4:a7:c2:6e:36:03:98:d7:9a:f0:58:
7a:54:c8:5b:26:61:9b:a7:ea:93:14:56:b7:70:33:38:55:2d:
bf:e0:26:68:d3:1a:38:63:86:34:8b:9b:23:74:c6:07:74:e7:
95:29:1b:cb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYWXaQNLxtQPIDBguNvFmjARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNzk1NGQ4OGMwYWUzZjYzOTg2OTdiZmRmYzE5NTZhNzUz
ZTgzZDgwHhcNMjMwMTA5MTY0MTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU1NTJmN2ViZTAwYjAyODI4YWU2ZDU2ZmM2YWZhZjVhNWFhZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rq2+nYZh5BvUUhEeSe4TCSE8L0I
TVBK9TstsDVitJhnl38L/b6kstKoDUR3ZihasYxl6mZuDyMaSSvvoUTsZ3p7nCz1
V9eJP/HPAB8j/taJmpVnaMXCM3CwCJaF6Yn/uKeTwIy7mIno8YbZwq9lyXGqHDIx
aXL8cuOeuz5BSJzvjntsYm581z/TFetXHS2fI+1IM53IcLuAgxSxQuB6HUDrbDml
WLgDRkyPvcQjFcun05c740vDdEkdUrSGraqf6uKRGAheQWLXr/n4bhsY/2Xqf82t
4RRybyYSSs17cbTzKCcRk7nnwwrLKYKQ/GVHlGMVTC0W0+FL3WseFTnEWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMnlUvfr4AsCgorm1W/Gr69aWq+zMB8GA1UdIwQY
MBaAFD95VNiMCuP2OYaXv9/BlWp1PoPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUt
YWY0MDYwODZiODliLzEveWVWUzktdmdDd0tDaXViVmI4YXZyMXBhcjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUtYWY0MDYwODZiODli
LzEvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQCH6ykMAwD
BAAtCOkDBAItCOgDBAC5BD8DBAK56TADBAO8QagDBAHBIS4DBADBJZYwFAQCAAIw
DgMFAyoCIogDBQMqDNUAMA0GCSqGSIb3DQEBCwUAA4IBAQCWMrzGej4l/azjuiaY
Ol2jzjCy9+zH+m9hL4LQVYcr1JyC+gGuEbVG1GjoqdjWQTg+PYnv72LgpGHEOow/
Nn8/xXIxE1KE7gg8OITs+GnAIobo9QMCIVYuIPNKBxk0+6zSj1s4E6NTz1sZF7hB
Q6inuXwFpkEe17AXqJpiMvHeIvlMnr9XDC9wxIy5AznxJpC+Eo7MRXjk7WjKYGUo
p/6gQZ1i7W3barISm0jqDap/L1qTvCT1XgEMrbI7WblJ7CKE4Hx2mWPaB2sOtr0l
tKfCbjYDmNea8Fh6VMhbJmGbp+qTFFa3cDM4VS2/4CZo0xo4Y4Y0i5sjdMYHdOeV
KRvL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:08 2024 by rpki-client on console-ams.rpki-client.org