Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ygnPqsEuR32M-cxqsV4egs7a7vE.roa
File: ygnPqsEuR32M-cxqsV4egs7a7vE.roa (raw, json)
Hash identifier: Wg72RLNsDy9zIo8PlgjGCdEfSmlF5cxDlQr2WSCYy8I=
Subject key identifier: CA:09:CF:AA:C1:2E:47:7D:8C:F9:CC:6A:B1:5E:1E:82:CE:DA:EE:F1
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018F0A95A03B9D376F572286578937AB7162
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ygnPqsEuR32M-cxqsV4egs7a7vE.roa
Signing time: Tue 23 Apr 2024 10:52:09 +0000
ROA not before: Tue 23 Apr 2024 10:52:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
31.172.192.0/19 maxlen: 19
31.172.192.0/20 maxlen: 20
31.172.192.0/21 maxlen: 21
31.172.200.0/21 maxlen: 21
31.172.208.0/20 maxlen: 20
31.172.208.0/21 maxlen: 21
31.172.216.0/21 maxlen: 21
62.148.128.0/19 maxlen: 19
62.148.128.0/20 maxlen: 20
62.148.144.0/20 maxlen: 20
94.242.128.0/18 maxlen: 18
94.242.128.0/19 maxlen: 19
94.242.128.0/20 maxlen: 20
94.242.144.0/20 maxlen: 20
94.242.144.0/24 maxlen: 24
94.242.145.0/24 maxlen: 24
94.242.146.0/24 maxlen: 24
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
109.225.0.0/18 maxlen: 18
109.225.0.0/19 maxlen: 19
109.225.0.0/20 maxlen: 20
109.225.16.0/20 maxlen: 20
109.225.32.0/19 maxlen: 20
212.106.32.0/19 maxlen: 19
212.106.32.0/20 maxlen: 20
212.106.32.0/21 maxlen: 21
212.106.40.0/21 maxlen: 21
212.106.48.0/20 maxlen: 20
212.106.48.0/21 maxlen: 21
212.106.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 26 Aug 2024 11:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:95:a0:3b:9d:37:6f:57:22:86:57:89:37:ab:71:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 23 10:52:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca09cfaac12e477d8cf9cc6ab15e1e82cedaeef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:03:b7:b0:cd:ee:1b:1b:a1:0d:13:fb:c7:34:
9f:cb:34:06:87:b4:31:d3:03:47:17:de:2a:08:2d:
48:4f:2f:dc:d2:8b:69:92:ae:93:89:5c:ba:62:c9:
e3:be:7a:da:73:bb:d0:e3:8a:14:27:3b:f7:54:db:
d0:e9:9a:76:92:45:0e:fc:79:96:26:ba:da:7b:89:
90:76:5a:1f:92:fc:98:94:1f:ba:00:28:86:d5:04:
d5:a0:b5:31:07:86:18:9b:c8:9d:b5:04:a3:5c:2d:
f2:52:95:10:d7:52:42:49:c2:54:77:e5:cc:cb:da:
ea:fa:63:86:0d:2d:6c:69:d9:80:9d:e9:a9:bc:ed:
69:a0:0d:00:c7:1d:7e:1b:4c:55:1b:a5:65:9e:55:
00:c2:e9:e1:c7:ea:ae:2e:d4:01:d0:19:23:8e:4d:
ec:7b:55:2b:80:94:bc:bf:e3:65:2e:5a:3f:b2:5e:
8d:07:a7:e6:db:59:33:75:35:11:56:fe:4a:ae:d6:
70:d8:f6:2b:a1:22:11:8a:02:de:d2:46:ae:9a:82:
0e:3a:52:1b:47:21:6d:04:3f:3b:ba:18:8e:a0:e9:
e2:5e:cc:f9:b7:0d:d9:51:7a:13:6c:9c:e5:81:a1:
d3:03:ce:29:7b:45:19:00:9c:24:23:3d:66:3d:33:
dd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:09:CF:AA:C1:2E:47:7D:8C:F9:CC:6A:B1:5E:1E:82:CE:DA:EE:F1
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ygnPqsEuR32M-cxqsV4egs7a7vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
31.172.192.0/19
62.148.128.0/19
94.242.128.0/18
95.107.16.0/20
95.107.112.0/20
109.225.0.0/18
212.106.32.0/19
Signature Algorithm: sha256WithRSAEncryption
53:8e:26:61:19:71:13:ae:4c:28:12:69:41:c1:96:1d:ff:c3:
ed:a8:c6:4c:48:c8:20:ed:62:ed:6a:42:e4:f0:44:86:0c:34:
64:10:d5:06:d7:0c:71:66:14:6b:0e:e6:f4:86:ba:67:29:28:
de:72:66:2b:57:b0:7c:6f:e3:1e:17:1e:cb:cb:7b:02:26:6e:
cb:cd:56:43:12:e0:bf:e7:0f:81:eb:1f:81:12:08:b8:e8:f5:
78:c4:86:bd:31:62:e3:97:f8:08:6a:50:7f:51:d6:aa:cc:a3:
7d:13:8b:d6:61:27:4b:f4:e9:0d:86:fd:37:c8:7c:56:3d:eb:
c0:42:52:20:90:00:89:5b:0a:46:fc:5e:04:d5:10:a6:d7:3c:
d6:70:85:9a:bf:b0:1c:41:81:2c:09:c5:ac:c7:1d:d7:d3:30:
02:47:89:64:1f:82:fd:77:e8:a2:35:1b:12:ad:55:59:46:94:
8c:1e:01:14:3a:dd:13:52:fc:ef:56:19:31:56:56:47:97:60:
20:33:df:81:01:c0:25:40:6b:1f:3e:07:3b:2b:3b:93:72:89:
9d:89:a8:51:dc:9a:dc:5b:e0:ff:a1:a7:1b:08:04:45:ed:16:
9c:84:0c:97:be:da:6f:c0:67:93:93:7c:3f:2c:d9:78:73:2a:
c8:e9:48:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY8KlaA7nTdvVyKGV4k3q3FiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDIzMTA1MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTA5Y2ZhYWMxMmU0NzdkOGNmOWNjNmFiMTVlMWU4MmNlZGFlZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AO3sM3uGxuhDRP7xzSfyzQGh7Qx
0wNHF94qCC1ITy/c0otpkq6TiVy6Ysnjvnrac7vQ44oUJzv3VNvQ6Zp2kkUO/HmW
Jrrae4mQdlofkvyYlB+6ACiG1QTVoLUxB4YYm8idtQSjXC3yUpUQ11JCScJUd+XM
y9rq+mOGDS1sadmAnempvO1poA0Axx1+G0xVG6VlnlUAwunhx+quLtQB0Bkjjk3s
e1UrgJS8v+NlLlo/sl6NB6fm21kzdTURVv5KrtZw2PYroSIRigLe0kaumoIOOlIb
RyFtBD87uhiOoOniXsz5tw3ZUXoTbJzlgaHTA84pe0UZAJwkIz1mPTPdcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMoJz6rBLkd9jPnMarFeHoLO2u7xMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEveWduUHFzRXVSMzJNLWN4cXNWNGVnczdhN3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBY+wAwQF
H6zAAwQFPpSAAwQGXvKAAwQEX2sQAwQEX2twAwQGbeEAAwQF1GogMA0GCSqGSIb3
DQEBCwUAA4IBAQBTjiZhGXETrkwoEmlBwZYd/8PtqMZMSMgg7WLtakLk8ESGDDRk
ENUG1wxxZhRrDub0hrpnKSjecmYrV7B8b+MeFx7Ly3sCJm7LzVZDEuC/5w+B6x+B
Egi46PV4xIa9MWLjl/gIalB/UdaqzKN9E4vWYSdL9OkNhv03yHxWPevAQlIgkACJ
WwpG/F4E1RCm1zzWcIWav7AcQYEsCcWsxx3X0zACR4lkH4L9d+iiNRsSrVVZRpSM
HgEUOt0TUvzvVhkxVlZHl2AgM9+BAcAlQGsfPgc7KzuTcomdiahR3JrcW+D/oacb
CARF7RachAyXvtpvwGeTk3w/LNl4cyrI6Uhp
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:18:14 2025 by rpki-client