Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YenlZolRcAUghsuaXiA0yLVERcc.roa
File: YenlZolRcAUghsuaXiA0yLVERcc.roa (raw, json)
Hash identifier: WlLdgNDgyF/0Qazd4U29iTrPxQKgAL3wydqxPhLlH6c=
Subject key identifier: 61:E9:E5:66:89:51:70:05:20:86:CB:9A:5E:20:34:C8:B5:44:45:C7
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0190EF100CDC329822629F9781793CD166A9
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YenlZolRcAUghsuaXiA0yLVERcc.roa
Signing time: Fri 26 Jul 2024 12:42:04 +0000
ROA not before: Fri 26 Jul 2024 12:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207023
IP address blocks: 37.97.116.0/22 maxlen: 24
77.36.72.0/21 maxlen: 21
91.229.147.0/24 maxlen: 24
91.232.18.0/24 maxlen: 24
91.234.122.0/23 maxlen: 24
91.237.92.0/24 maxlen: 24
91.245.88.0/23 maxlen: 23
176.116.238.0/23 maxlen: 24
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
192.162.186.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 26 Jul 2024 12:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:10:0c:dc:32:98:22:62:9f:97:81:79:3c:d1:66:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jul 26 12:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61e9e566895170052086cb9a5e2034c8b54445c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3b:18:3e:34:e4:0b:d8:49:1a:ab:d9:14:6b:
c0:bc:58:85:9f:59:fe:fb:62:89:b1:a8:9c:33:dc:
4a:1b:1f:b3:cb:79:bb:12:de:de:98:76:61:04:0a:
50:b3:a8:4e:f2:be:5c:5c:ac:4a:2e:ea:1d:94:59:
6f:41:e1:99:7b:de:f0:51:a4:ed:fc:9e:5c:bc:c8:
60:9d:32:08:c8:86:cc:d0:c5:82:fb:27:cc:dd:25:
86:8b:a8:71:6e:3e:f6:8a:1c:b3:b4:64:ce:24:fa:
fe:83:cf:84:a7:e4:3e:5a:82:36:c9:d3:11:2f:ca:
fe:cc:45:ba:60:5f:d2:37:25:9e:18:b8:b6:1a:ae:
d3:e3:cc:72:7e:b5:ad:46:03:a9:cb:22:ee:6f:f5:
59:23:d4:7a:f7:d2:9b:03:30:5c:6b:91:75:2f:d9:
38:c2:b0:44:08:e2:b4:3b:b2:e6:ff:98:b4:5a:7b:
11:bb:02:c1:a3:4f:c2:84:8c:9a:d2:72:71:23:f9:
29:c8:08:bc:9e:db:28:ee:69:ae:5b:51:43:75:44:
25:76:fc:68:96:ec:46:e0:25:40:71:7c:65:43:29:
c8:ad:a2:72:e5:c1:a5:d1:ef:38:7c:5d:cd:16:9e:
d8:4f:d6:2d:23:49:32:52:63:ab:d2:6b:c5:dc:2c:
10:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E9:E5:66:89:51:70:05:20:86:CB:9A:5E:20:34:C8:B5:44:45:C7
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/YenlZolRcAUghsuaXiA0yLVERcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
77.36.72.0/21
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
91.237.92.0/24
91.245.88.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
91:27:59:ab:29:b0:3e:0c:cd:b6:db:0e:16:73:82:41:d3:5c:
26:05:ff:c9:cf:04:4b:dd:a1:2d:8a:d9:ad:49:bf:9b:53:42:
9c:b7:50:3b:7c:9a:3c:68:0e:bc:7e:ea:26:f1:52:01:8e:f5:
9c:a0:ca:17:c4:e8:f8:f1:e7:82:a5:6c:55:f4:2e:2c:7c:b0:
bd:8e:74:a9:98:52:f5:96:50:d7:72:85:e5:a9:f2:84:4c:03:
d5:92:9f:16:0a:29:84:5f:58:ae:0b:a1:0c:de:62:98:6f:3e:
f2:a0:43:64:b2:ce:df:b8:b8:e3:ab:da:ea:8b:1a:be:eb:81:
40:c2:a3:79:5d:9c:f7:6b:8e:cb:91:77:68:06:ba:7a:1e:fb:
6c:ed:3c:50:3a:e5:70:5a:d3:02:d4:a0:86:57:40:d2:e7:59:
a2:79:f8:ec:ba:9d:9c:9f:2c:f9:52:64:ca:63:45:95:1a:9f:
83:60:93:31:28:f5:f0:07:b1:1d:e4:1d:40:8e:12:f7:d1:57:
a1:c2:c9:af:d2:b2:2e:eb:92:bb:62:52:0e:ab:dd:8b:2d:cb:
8a:9f:e7:b6:0c:75:3d:e6:c0:98:59:4c:af:7f:da:20:da:16:
e4:79:3e:12:09:9a:d1:d1:4a:02:9c:6c:72:52:f4:03:26:43:
b5:9d:d5:90
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZDvEAzcMpgiYp+XgXk80WapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwNzI2MTI0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWU5ZTU2Njg5NTE3MDA1MjA4NmNiOWE1ZTIwMzRjOGI1NDQ0NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zsYPjTkC9hJGqvZFGvAvFiFn1n+
+2KJsaicM9xKGx+zy3m7Et7emHZhBApQs6hO8r5cXKxKLuodlFlvQeGZe97wUaTt
/J5cvMhgnTIIyIbM0MWC+yfM3SWGi6hxbj72ihyztGTOJPr+g8+Ep+Q+WoI2ydMR
L8r+zEW6YF/SNyWeGLi2Gq7T48xyfrWtRgOpyyLub/VZI9R699KbAzBca5F1L9k4
wrBECOK0O7Lm/5i0WnsRuwLBo0/ChIya0nJxI/kpyAi8ntso7mmuW1FDdUQldvxo
luxG4CVAcXxlQynIraJy5cGl0e84fF3NFp7YT9YtI0kyUmOr0mvF3CwQvQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGHp5WaJUXAFIIbLml4gNMi1REXHMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWWVubFpvbFJjQVVnaHN1YVhpQTB5TFZFUmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCJWF0AwQD
TSRIAwQAW+WTAwQAW+gSAwQBW+p6AwQAW+1cAwQBW/VYAwQBsHTuAwQDsHbIAwQB
wKK6AwQBwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQCRJ1mrKbA+DM222w4Wc4JB01wm
Bf/JzwRL3aEtitmtSb+bU0Kct1A7fJo8aA68fuom8VIBjvWcoMoXxOj48eeCpWxV
9C4sfLC9jnSpmFL1llDXcoXlqfKETAPVkp8WCimEX1iuC6EM3mKYbz7yoENkss7f
uLjjq9rqixq+64FAwqN5XZz3a47LkXdoBrp6Hvts7TxQOuVwWtMC1KCGV0DS51mi
efjsup2cnyz5UmTKY0WVGp+DYJMxKPXwB7Ed5B1AjhL30Vehwsmv0rIu65K7YlIO
q92LLcuKn+e2DHU95sCYWUyvf9og2hbkeT4SCZrR0UoCnGxyUvQDJkO1ndWQ
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:49:03 2025 by rpki-client