Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/yhvWzWYvWQp0ZTM2eIt9hyeYwbA.roa
File: yhvWzWYvWQp0ZTM2eIt9hyeYwbA.roa (raw, json)
Hash identifier: ypaqpXbyKIvlk1p/XunYhzOCgv7UQCw2vcafc6Nh9xg=
Subject key identifier: CA:1B:D6:CD:66:2F:59:0A:74:65:33:36:78:8B:7D:87:27:98:C1:B0
Certificate issuer: /CN=27e711ce34026e57af3290c7de2cd21dc671e0fc
Certificate serial: 01856C1CABBFAC721F38288FD5A07B2213CA
Authority key identifier: 27:E7:11:CE:34:02:6E:57:AF:32:90:C7:DE:2C:D2:1D:C6:71:E0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J-cRzjQCblevMpDH3izSHcZx4Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/yhvWzWYvWQp0ZTM2eIt9hyeYwbA.roa
Signing time: Sun 01 Jan 2023 06:54:56 +0000
ROA not before: Sun 01 Jan 2023 06:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48173
IP address blocks: 79.174.136.0/21 maxlen: 24
79.174.144.0/21 maxlen: 24
185.68.124.0/22 maxlen: 24
94.198.56.0/21 maxlen: 24
5.39.240.0/21 maxlen: 24
46.231.176.0/21 maxlen: 24
194.13.68.0/23 maxlen: 24
212.45.104.0/21 maxlen: 24
194.11.188.0/22 maxlen: 24
5.179.200.0/21 maxlen: 24
5.179.208.0/21 maxlen: 24
194.9.184.0/22 maxlen: 24
5.179.216.0/21 maxlen: 24
5.179.224.0/21 maxlen: 24
5.179.232.0/21 maxlen: 24
194.9.216.0/22 maxlen: 24
5.179.240.0/21 maxlen: 24
5.179.248.0/21 maxlen: 24
80.82.200.0/21 maxlen: 24
46.23.232.0/21 maxlen: 24
194.13.124.0/22 maxlen: 24
194.13.136.0/22 maxlen: 24
194.15.76.0/22 maxlen: 24
194.11.248.0/22 maxlen: 24
194.13.232.0/22 maxlen: 24
2a03:7a40::/32 maxlen: 48
2a03:7c40::/32 maxlen: 48
2a03:8a40::/32 maxlen: 48
2a00:cd0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:ab:bf:ac:72:1f:38:28:8f:d5:a0:7b:22:13:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27e711ce34026e57af3290c7de2cd21dc671e0fc
Validity
Not Before: Jan 1 06:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca1bd6cd662f590a74653336788b7d872798c1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:88:4d:ca:c5:ee:f2:e6:6b:f2:fa:2f:69:57:
f8:71:21:ae:78:84:e4:4b:52:79:7d:8c:5a:90:38:
73:f8:28:81:b2:03:df:86:65:fd:e0:20:a8:06:d1:
93:ec:b5:f4:c7:23:d7:c5:02:9c:30:1b:5f:6f:4b:
1b:97:de:d3:0f:25:a5:3e:47:62:4a:53:a9:4e:62:
98:75:23:e4:f9:45:91:73:8b:fd:75:24:2a:35:10:
27:3c:5a:28:fe:54:31:56:a2:ca:73:3f:5f:30:d0:
ad:63:0d:eb:b9:03:3d:e1:d4:8b:ee:cc:53:18:69:
01:df:be:78:3f:9a:05:94:29:32:fc:1c:2b:a5:e4:
d2:22:63:ad:22:35:b6:8c:3f:c4:91:44:61:c8:de:
f9:a7:12:6e:e9:ea:43:d3:d6:41:17:e6:54:cc:f9:
c2:91:9e:5a:3c:82:fe:bb:5d:44:8d:00:41:f6:32:
77:df:6f:b2:4a:91:4e:9c:01:5b:8b:2b:5c:8a:53:
57:78:d5:e2:5c:88:42:1d:c5:99:a6:e5:17:de:25:
3b:e9:ca:f8:79:79:aa:89:0f:0a:c9:e1:76:3a:97:
d2:f4:fd:c3:df:63:f2:9f:9c:4f:a7:c8:87:eb:75:
f6:7a:9a:98:33:0d:cb:ab:30:2d:9a:48:cc:86:ac:
46:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:1B:D6:CD:66:2F:59:0A:74:65:33:36:78:8B:7D:87:27:98:C1:B0
X509v3 Authority Key Identifier:
keyid:27:E7:11:CE:34:02:6E:57:AF:32:90:C7:DE:2C:D2:1D:C6:71:E0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-cRzjQCblevMpDH3izSHcZx4Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/yhvWzWYvWQp0ZTM2eIt9hyeYwbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/26c0f9-24a4-46fd-8042-b72e5fef886a/1/J-cRzjQCblevMpDH3izSHcZx4Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.240.0/21
5.179.200.0-5.179.255.255
46.23.232.0/21
46.231.176.0/21
79.174.136.0-79.174.151.255
80.82.200.0/21
94.198.56.0/21
185.68.124.0/22
194.9.184.0/22
194.9.216.0/22
194.11.188.0/22
194.11.248.0/22
194.13.68.0/23
194.13.124.0/22
194.13.136.0/22
194.13.232.0/22
194.15.76.0/22
212.45.104.0/21
IPv6:
2a00:cd0::/32
2a03:7a40::/32
2a03:7c40::/32
2a03:8a40::/32
Signature Algorithm: sha256WithRSAEncryption
92:87:90:53:ef:aa:9a:3c:38:6c:85:0b:29:48:ed:a9:45:84:
9c:52:56:74:7a:12:2d:e3:ee:d9:0c:48:18:aa:77:3d:4a:6e:
ec:a6:ed:f3:d7:f7:75:0c:62:40:ca:eb:62:76:db:a0:fc:37:
17:b9:ee:a3:a7:f6:01:0b:9f:e2:c0:21:8c:a6:ba:0e:3b:02:
26:90:f1:cf:2e:fe:1e:a3:99:56:7a:45:94:5f:df:8d:b8:02:
71:3c:da:e1:b5:cb:46:c9:d5:09:6b:52:92:89:10:d9:ba:8a:
e2:20:52:be:1d:05:6a:62:0e:6d:15:50:38:9d:89:9a:c5:7c:
79:c0:82:05:24:65:ce:62:85:67:3d:6b:ca:48:42:9a:21:d8:
90:62:60:da:e2:6a:30:0f:a9:3b:d0:c2:4e:73:44:7d:f0:b8:
c5:38:c3:99:15:8b:7e:76:71:7d:29:48:02:e6:ee:89:df:ca:
f4:9a:a6:74:22:b8:da:28:89:02:33:67:18:b6:97:75:eb:b6:
0e:80:b2:76:7f:2e:de:c2:fe:b5:92:54:40:21:9e:69:bf:d9:
48:de:51:04:2b:c0:99:f5:04:9c:b2:3c:06:e1:5e:51:ef:b7:
2f:5c:3a:99:3c:1e:64:fc:47:14:2f:80:b3:5f:b4:82:8d:ca:
85:85:94:ab
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVsHKu/rHIfOCiP1aB7IhPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTcxMWNlMzQwMjZlNTdhZjMyOTBjN2RlMmNkMjFkYzY3
MWUwZmMwHhcNMjMwMTAxMDY1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTFiZDZjZDY2MmY1OTBhNzQ2NTMzMzY3ODhiN2Q4NzI3OThjMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwohNysXu8uZr8vovaVf4cSGueITk
S1J5fYxakDhz+CiBsgPfhmX94CCoBtGT7LX0xyPXxQKcMBtfb0sbl97TDyWlPkdi
SlOpTmKYdSPk+UWRc4v9dSQqNRAnPFoo/lQxVqLKcz9fMNCtYw3ruQM94dSL7sxT
GGkB3754P5oFlCky/BwrpeTSImOtIjW2jD/EkURhyN75pxJu6epD09ZBF+ZUzPnC
kZ5aPIL+u11EjQBB9jJ332+ySpFOnAFbiytcilNXeNXiXIhCHcWZpuUX3iU76cr4
eXmqiQ8KyeF2OpfS9P3D32Pyn5xPp8iH63X2epqYMw3LqzAtmkjMhqxGqQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFMob1s1mL1kKdGUzNniLfYcnmMGwMB8GA1UdIwQY
MBaAFCfnEc40Am5XrzKQx94s0h3GceD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1jUnpqUUNibGV2TXBESDNpelNIY1p4NFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8yNmMwZjktMjRhNC00NmZkLTgwNDIt
YjcyZTVmZWY4ODZhLzEveWh2V3pXWXZXUXAwWlRNMmVJdDloeWVZd2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8yNmMwZjktMjRhNC00NmZkLTgwNDItYjcyZTVmZWY4ODZh
LzEvSi1jUnpqUUNibGV2TXBESDNpelNIY1p4NFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBgQQCAAEwewMEAwUn
8DALAwQDBbPIAwMCBbADBAMuF+gDBAMu57AwDAMEA0+uiAMEA0+ukAMEA1BSyAME
A17GOAMEArlEfAMEAsIJuAMEAsIJ2AMEAsILvAMEAsIL+AMEAcINRAMEAsINfAME
AsINiAMEAsIN6AMEAsIPTAMEA9QtaDAiBAIAAjAcAwUAKgAM0AMFACoDekADBQAq
A3xAAwUAKgOKQDANBgkqhkiG9w0BAQsFAAOCAQEAkoeQU++qmjw4bIULKUjtqUWE
nFJWdHoSLePu2QxIGKp3PUpu7Kbt89f3dQxiQMrrYnbboPw3F7nuo6f2AQuf4sAh
jKa6DjsCJpDxzy7+HqOZVnpFlF/fjbgCcTza4bXLRsnVCWtSkokQ2bqK4iBSvh0F
amIObRVQOJ2JmsV8ecCCBSRlzmKFZz1rykhCmiHYkGJg2uJqMA+pO9DCTnNEffC4
xTjDmRWLfnZxfSlIAubuid/K9JqmdCK42iiJAjNnGLaXdeu2DoCydn8u3sL+tZJU
QCGeab/ZSN5RBCvAmfUEnLI8BuFeUe+3L1w6mTweZPxHFC+As1+0go3KhYWUqw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:57 2024 by rpki-client on console-fra.rpki-client.org