Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/yNsKgFvbkh4aKC4GNW774i4wKsQ.roa
File: yNsKgFvbkh4aKC4GNW774i4wKsQ.roa (raw, json)
Hash identifier: BsPOaQYLiLgltAj4ZWjVxzCUMwA3HZdbxNq8SETGpUI=
Subject key identifier: C8:DB:0A:80:5B:DB:92:1E:1A:28:2E:06:35:6E:FB:E2:2E:30:2A:C4
Certificate issuer: /CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Certificate serial: 018CC649A339A676EA321D9DF92E3B3360C6
Authority key identifier: 94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/yNsKgFvbkh4aKC4GNW774i4wKsQ.roa
Signing time: Mon 01 Jan 2024 18:29:23 +0000
ROA not before: Mon 01 Jan 2024 18:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61098
IP address blocks: 159.100.240.0/22 maxlen: 24
159.100.245.0/24 maxlen: 24
159.100.246.0/23 maxlen: 24
159.100.244.0/24 maxlen: 24
159.100.248.0/21 maxlen: 24
91.92.224.0/23 maxlen: 24
91.92.227.0/24 maxlen: 24
85.217.160.0/22 maxlen: 24
85.217.172.0/23 maxlen: 24
185.150.8.0/22 maxlen: 24
91.92.202.0/23 maxlen: 24
91.92.200.0/23 maxlen: 24
85.217.174.0/23 maxlen: 24
85.217.186.0/23 maxlen: 24
85.217.184.0/23 maxlen: 24
185.19.28.0/22 maxlen: 24
194.182.188.0/22 maxlen: 24
91.92.118.0/23 maxlen: 24
91.92.116.0/23 maxlen: 24
91.92.142.0/23 maxlen: 24
91.92.140.0/23 maxlen: 24
91.92.152.0/23 maxlen: 24
91.92.154.0/23 maxlen: 24
138.124.208.0/22 maxlen: 24
194.182.164.0/22 maxlen: 24
194.182.160.0/22 maxlen: 24
194.182.172.0/22 maxlen: 24
194.182.168.0/22 maxlen: 24
89.145.164.0/23 maxlen: 24
194.182.176.0/22 maxlen: 24
89.145.160.0/22 maxlen: 24
194.182.184.0/22 maxlen: 24
89.145.166.0/23 maxlen: 24
194.182.180.0/22 maxlen: 24
2a07:6cc0:11::/48 maxlen: 48
2a07:6cc0:70::/48 maxlen: 48
2a07:6cc0:30::/48 maxlen: 48
2a04:c42::/32 maxlen: 48
2a07:6cc0:12::/48 maxlen: 48
2a07:6cc0:41::/48 maxlen: 48
2a04:c42:f12::/48 maxlen: 48
2a04:c41::/32 maxlen: 48
2a07:6cc0:20::/48 maxlen: 48
2a07:6cc0:60::/48 maxlen: 48
2a04:c44::/32 maxlen: 48
2a04:c47::/32 maxlen: 48
2a07:6cc0:71::/48 maxlen: 48
2a07:6cc0:31::/48 maxlen: 48
2a04:c46::/32 maxlen: 48
2a04:c42:f11::/48 maxlen: 48
2a04:c45::/32 maxlen: 48
2a07:6cc0:50::/48 maxlen: 48
2a07:6cc0:10::/48 maxlen: 48
2a04:c47:f12::/48 maxlen: 48
2a07:6cc2::/32 maxlen: 48
2a04:c43::/32 maxlen: 48
2a07:6cc0:21::/48 maxlen: 48
2a07:6cc1::/32 maxlen: 48
2a07:6cc2:f12::/48 maxlen: 48
2a07:6cc0:40::/48 maxlen: 48
2a04:c47:f11::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 09 Jan 2024 13:36:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:a3:39:a6:76:ea:32:1d:9d:f9:2e:3b:33:60:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=945b73df7e6fe1100f1d13a07c18d59af228428c
Validity
Not Before: Jan 1 18:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8db0a805bdb921e1a282e06356efbe22e302ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b0:64:9c:26:41:6e:4e:1a:db:5c:c3:d5:de:
58:0d:d6:86:c4:eb:af:6a:86:d3:13:9b:68:1b:68:
ae:7a:e4:49:bf:cc:e8:9a:51:2b:4d:2e:90:cd:49:
8f:fb:ae:02:90:7b:73:5e:c0:e8:ad:e8:4f:02:fa:
f0:46:45:98:29:3f:d8:b9:c7:d5:1d:fe:7a:7b:77:
d4:54:1e:db:47:99:b9:f0:74:05:c3:c2:db:13:74:
fb:a7:ef:cc:d6:26:c1:ca:dd:d1:08:06:74:58:40:
7e:83:5a:e9:55:c0:4d:c8:1c:4f:07:de:fb:74:e1:
d7:34:7f:6b:34:25:bf:cf:76:ea:17:04:97:e2:15:
58:49:34:5f:e3:a8:17:21:07:1b:8c:af:24:2d:28:
55:4e:de:a7:b8:fa:b9:1a:98:6a:88:16:c4:d5:fd:
e2:c8:a8:47:0a:76:5f:d8:49:c2:08:b0:0d:3e:18:
50:d1:e7:02:0d:f9:32:bb:04:9c:b2:ec:ff:73:08:
b6:d2:13:14:0a:4e:1e:62:1c:4a:fc:5c:91:44:ab:
7e:65:a9:04:8b:2b:94:58:8d:0a:0c:ca:2c:c4:62:
f2:0c:91:2b:30:13:0a:8b:9d:b8:7a:7f:f2:98:e6:
67:01:24:55:2d:88:2a:1e:cd:24:ea:b0:db:d5:a4:
be:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:0A:80:5B:DB:92:1E:1A:28:2E:06:35:6E:FB:E2:2E:30:2A:C4
X509v3 Authority Key Identifier:
keyid:94:5B:73:DF:7E:6F:E1:10:0F:1D:13:A0:7C:18:D5:9A:F2:28:42:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lFtz335v4RAPHROgfBjVmvIoQow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/yNsKgFvbkh4aKC4GNW774i4wKsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ec618f-9f61-4185-ba0d-6e452425a193/1/lFtz335v4RAPHROgfBjVmvIoQow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.160.0/22
85.217.172.0/22
85.217.184.0/22
89.145.160.0/21
91.92.116.0/22
91.92.140.0/22
91.92.152.0/22
91.92.200.0/22
91.92.224.0/23
91.92.227.0/24
138.124.208.0/22
159.100.240.0/20
185.19.28.0/22
185.150.8.0/22
194.182.160.0/19
IPv6:
2a04:c41::-2a04:c47:ffff:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:10::-2a07:6cc0:12:ffff:ffff:ffff:ffff:ffff
2a07:6cc0:20::/47
2a07:6cc0:30::/47
2a07:6cc0:40::/47
2a07:6cc0:50::/48
2a07:6cc0:60::/48
2a07:6cc0:70::/47
2a07:6cc1::-2a07:6cc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:89:62:16:e7:d8:22:b2:af:c2:70:4d:0f:e6:08:23:bb:57:
1c:6e:94:b1:95:a9:98:27:63:7f:e4:17:ae:3a:dd:90:b5:15:
71:9b:cb:aa:d7:8a:5f:53:42:e7:f4:77:4c:b4:9b:28:95:6b:
30:4e:15:5e:e8:e4:3c:ab:a8:95:cf:9c:bc:72:c1:b1:b6:c5:
c3:5f:5e:f1:a6:9e:40:fa:d4:8c:2d:83:e3:cd:35:9a:e0:d6:
1b:48:47:0d:e0:09:f3:58:96:44:c9:47:86:b6:68:58:9f:f3:
59:7a:1d:8f:70:07:d0:76:8c:7a:00:30:a6:58:a7:ea:c2:12:
ab:22:cf:a9:5b:d0:70:e6:4e:5b:a8:60:ff:5b:bd:db:2c:39:
33:bd:8d:01:c9:a0:dd:93:22:c4:ec:ce:cf:07:8c:8c:5c:e4:
54:79:4b:1f:ef:c1:b3:49:eb:0b:d5:6a:33:a2:7b:33:20:4c:
17:c0:d0:9f:bc:01:69:d5:5a:35:d9:3d:f6:dc:39:07:44:38:
16:36:4b:bc:fd:4c:04:36:9a:26:a5:d6:69:b2:27:c5:89:14:
46:5a:cc:0e:58:97:7a:86:45:b3:8b:3d:84:76:29:10:10:31:
09:32:f1:c0:a5:1b:01:90:50:e6:41:74:bb:70:88:ce:3d:d2:
56:b8:11:5d
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYzGSaM5pnbqMh2d+S47M2DGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NWI3M2RmN2U2ZmUxMTAwZjFkMTNhMDdjMThkNTlhZjIy
ODQyOGMwHhcNMjQwMTAxMTgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRiMGE4MDViZGI5MjFlMWEyODJlMDYzNTZlZmJlMjJlMzAyYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7BknCZBbk4a21zD1d5YDdaGxOuv
aobTE5toG2iueuRJv8zomlErTS6QzUmP+64CkHtzXsDorehPAvrwRkWYKT/YucfV
Hf56e3fUVB7bR5m58HQFw8LbE3T7p+/M1ibByt3RCAZ0WEB+g1rpVcBNyBxPB977
dOHXNH9rNCW/z3bqFwSX4hVYSTRf46gXIQcbjK8kLShVTt6nuPq5GphqiBbE1f3i
yKhHCnZf2EnCCLANPhhQ0ecCDfkyuwScsuz/cwi20hMUCk4eYhxK/FyRRKt+ZakE
iyuUWI0KDMosxGLyDJErMBMKi524en/ymOZnASRVLYgqHs0k6rDb1aS+KwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFMjbCoBb25IeGiguBjVu++IuMCrEMB8GA1UdIwQY
MBaAFJRbc99+b+EQDx0ToHwY1ZryKEKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQt
NmU0NTI0MjVhMTkzLzEveU5zS2dGdmJraDRhS0M0R05XNzc0aTR3S3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYzYxOGYtOWY2MS00MTg1LWJhMGQtNmU0NTI0MjVhMTkz
LzEvbEZ0ejMzNXY0UkFQSFJPZ2ZCalZtdklvUW93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DBgBAIAATBaAwQCVdmg
AwQCVdmsAwQCVdm4AwQDWZGgAwQCW1x0AwQCW1yMAwQCW1yYAwQCW1zIAwQBW1zg
AwQAW1zjAwQCinzQAwQEn2TwAwQCuRMcAwQCuZYIAwQFwragMHAEAgACMGowDgMF
ACoEDEEDBQMqBAxAMBIDBwQqB2zAABADBwAqB2zAABIDBwEqB2zAACADBwEqB2zA
ADADBwEqB2zAAEADBwAqB2zAAFADBwAqB2zAAGADBwEqB2zAAHAwDgMFACoHbMED
BQAqB2zCMA0GCSqGSIb3DQEBCwUAA4IBAQAuiWIW59gisq/CcE0P5ggju1ccbpSx
lamYJ2N/5BeuOt2QtRVxm8uq14pfU0Ln9HdMtJsolWswThVe6OQ8q6iVz5y8csGx
tsXDX17xpp5A+tSMLYPjzTWa4NYbSEcN4AnzWJZEyUeGtmhYn/NZeh2PcAfQdox6
ADCmWKfqwhKrIs+pW9Bw5k5bqGD/W73bLDkzvY0ByaDdkyLE7M7PB4yMXORUeUsf
78GzSesL1WozonszIEwXwNCfvAFp1Vo12T323DkHRDgWNku8/UwENpompdZpsifF
iRRGWswOWJd6hkWziz2EdikQEDEJMvHApRsBkFDmQXS7cIjOPdJWuBFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:46 2024 by rpki-client on console-ams.rpki-client.org