Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Yh_Gw6IIAhNipMrFJXF01kkfqa8.roa
File: Yh_Gw6IIAhNipMrFJXF01kkfqa8.roa (raw, json)
Hash identifier: ENH5bsUmapK4jKFZhq72yVC6WptAzUuHLBkoZ7rjao4=
Subject key identifier: 62:1F:C6:C3:A2:08:02:13:62:A4:CA:C5:25:71:74:D6:49:1F:A9:AF
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018BCE7999B3027DD4403A2CFDDFCD4EAC23
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Yh_Gw6IIAhNipMrFJXF01kkfqa8.roa
Signing time: Tue 14 Nov 2023 15:35:57 +0000
ROA not before: Tue 14 Nov 2023 15:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31334
IP address blocks: 37.4.0.0/15 maxlen: 23
77.20.0.0/14 maxlen: 24
31.16.0.0/14 maxlen: 24
91.64.0.0/14 maxlen: 24
95.88.0.0/14 maxlen: 24
178.24.0.0/14 maxlen: 24
88.134.0.0/16 maxlen: 24
77.25.0.0/17 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ce:79:99:b3:02:7d:d4:40:3a:2c:fd:df:cd:4e:ac:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Nov 14 15:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=621fc6c3a208021362a4cac5257174d6491fa9af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6e:19:a5:8d:0e:95:bd:69:f7:b3:c8:35:de:
98:cf:31:ac:61:7a:17:65:3d:b4:7a:06:62:7f:92:
1d:bb:59:ed:69:67:6d:11:a1:6a:1c:6f:fa:02:e9:
7e:f7:a6:2d:91:52:f5:83:b3:51:97:e2:c8:6e:03:
f8:6b:69:d8:a1:af:ee:65:ad:c6:be:b0:13:ac:78:
9c:72:98:4a:fe:51:3e:cc:f4:f3:e1:c8:b0:7d:5d:
5c:bc:b2:ed:ee:3d:8d:b0:f7:9c:28:e4:58:05:7e:
a3:cf:e0:82:9a:fa:46:66:ba:3c:1e:f6:dc:ea:35:
c9:dd:da:fc:25:5f:9b:cf:91:2e:c7:77:74:30:59:
c4:ab:a5:82:66:92:e1:06:51:96:86:5c:d6:8e:e0:
43:84:04:18:6f:4b:1f:f9:eb:f2:82:c2:4f:11:04:
59:2d:e4:36:e7:8a:29:ed:5b:a8:3d:dd:8c:b8:b6:
f2:b3:31:39:f3:7c:80:84:35:cf:69:c4:aa:81:9d:
e1:d1:75:9f:36:94:5b:ca:7c:d8:85:6b:6f:31:76:
f7:3f:07:55:01:08:fe:39:6c:7c:40:8b:af:eb:a5:
21:e1:89:af:12:cf:64:f8:43:e7:7a:0f:b9:d2:83:
d5:46:8d:4c:78:c2:17:4e:41:77:76:fb:c8:96:6f:
06:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1F:C6:C3:A2:08:02:13:62:A4:CA:C5:25:71:74:D6:49:1F:A9:AF
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/Yh_Gw6IIAhNipMrFJXF01kkfqa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.16.0.0/14
37.4.0.0/15
77.20.0.0/14
77.25.0.0/17
88.134.0.0/16
91.64.0.0/14
95.88.0.0/14
178.24.0.0/14
Signature Algorithm: sha256WithRSAEncryption
39:1d:c6:03:a9:5c:61:f5:1b:1f:9d:d1:62:37:85:fb:bc:e3:
38:c4:89:71:4f:5f:07:19:14:42:35:17:2e:03:3b:bd:9e:85:
b9:d9:60:08:d9:4c:7a:f5:21:e0:71:09:d1:ae:73:06:ea:7d:
92:11:6a:15:9c:b9:a4:00:a3:c2:f6:ed:9f:c9:be:78:48:84:
44:3a:e2:c2:72:6b:85:88:13:a8:04:18:68:26:f8:4e:82:9a:
65:bf:a1:60:3c:f2:ac:d9:1f:a0:bb:2e:1e:dd:65:26:6f:9a:
d1:d0:8f:c1:5f:a9:1e:1a:9d:f3:ad:f8:74:33:7d:dd:11:e0:
19:84:3c:cc:89:59:9f:89:e0:ee:85:12:cc:19:01:b1:0f:ed:
5a:17:24:68:30:69:54:da:b3:48:c4:77:03:5e:86:99:b2:b9:
30:b9:e0:aa:d3:bd:b6:e9:10:ac:47:a9:29:07:f8:15:9f:3c:
7c:77:92:83:95:67:e8:62:78:d1:f6:e5:c5:ee:d1:8d:e6:21:
ec:f2:37:06:30:61:35:fa:bd:25:5e:7c:97:51:33:ea:e4:36:
c4:3d:89:a2:5c:bf:95:d9:f3:6f:b8:b7:42:ac:f5:09:78:21:
27:f7:d2:d5:c3:e1:1a:f4:d4:d9:ca:ff:8f:9d:1c:97:80:aa:
85:84:21:cd
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYvOeZmzAn3UQDos/d/NTqwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjMxMTE0MTUzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFmYzZjM2EyMDgwMjEzNjJhNGNhYzUyNTcxNzRkNjQ5MWZhOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm4ZpY0Olb1p97PINd6YzzGsYXoX
ZT20egZif5Idu1ntaWdtEaFqHG/6Aul+96YtkVL1g7NRl+LIbgP4a2nYoa/uZa3G
vrATrHiccphK/lE+zPTz4ciwfV1cvLLt7j2NsPecKORYBX6jz+CCmvpGZro8Hvbc
6jXJ3dr8JV+bz5Eux3d0MFnEq6WCZpLhBlGWhlzWjuBDhAQYb0sf+evygsJPEQRZ
LeQ254op7VuoPd2MuLbyszE583yAhDXPacSqgZ3h0XWfNpRbynzYhWtvMXb3PwdV
AQj+OWx8QIuv66Uh4YmvEs9k+EPneg+50oPVRo1MeMIXTkF3dvvIlm8GOQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGIfxsOiCAITYqTKxSVxdNZJH6mvMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvWWhfR3c2SUlBaE5pcE1yRkpYRjAxa2tmcWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAATApAwMCHxADAwEl
BAMDAk0UAwQHTRkAAwMAWIYDAwJbQAMDAl9YAwMCshgwDQYJKoZIhvcNAQELBQAD
ggEBADkdxgOpXGH1Gx+d0WI3hfu84zjEiXFPXwcZFEI1Fy4DO72ehbnZYAjZTHr1
IeBxCdGucwbqfZIRahWcuaQAo8L27Z/JvnhIhEQ64sJya4WIE6gEGGgm+E6CmmW/
oWA88qzZH6C7Lh7dZSZvmtHQj8FfqR4anfOt+HQzfd0R4BmEPMyJWZ+J4O6FEswZ
AbEP7VoXJGgwaVTas0jEdwNehpmyuTC54KrTvbbpEKxHqSkH+BWfPHx3koOVZ+hi
eNH25cXu0Y3mIezyNwYwYTX6vSVefJdRM+rkNsQ9iaJcv5XZ82+4t0Ks9Ql4ISf3
0tXD4Rr01NnK/4+dHJeAqoWEIc0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:52 2023 by rpki-client on console.sobornost.net