Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YMGo4DmFFJDo95j5YzDtYuZ4D38.roa
File: YMGo4DmFFJDo95j5YzDtYuZ4D38.roa (raw, json)
Hash identifier: lTeMp7qUDAY+DnD+GSv/2o+cIkUNiOomHRaS2O67ENw=
Subject key identifier: 60:C1:A8:E0:39:85:14:90:E8:F7:98:F9:63:30:ED:62:E6:78:0F:7F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CD8D7C52CB098747390380A514563F02D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YMGo4DmFFJDo95j5YzDtYuZ4D38.roa
Signing time: Fri 05 Jan 2024 08:57:48 +0000
ROA not before: Fri 05 Jan 2024 08:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 194.87.40.0/24 maxlen: 24
195.58.35.0/24 maxlen: 24
195.133.40.0/22 maxlen: 22
194.87.66.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 12:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:d7:c5:2c:b0:98:74:73:90:38:0a:51:45:63:f0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 5 08:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60c1a8e039851490e8f798f96330ed62e6780f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dd:87:09:08:c7:b1:8b:86:4e:78:92:b5:f7:
4e:44:48:d7:9d:f5:3c:0f:d6:68:96:7f:ef:b6:c7:
a1:9b:93:2c:31:a6:ce:a4:03:49:b3:98:b8:61:65:
fd:86:4e:14:67:35:44:ac:07:4f:8f:9b:05:c0:58:
1c:54:cb:41:5f:9e:58:80:87:01:71:6c:d8:a8:bc:
ec:91:85:8d:d5:45:cb:1c:c4:20:27:96:c3:8a:65:
87:49:54:3a:8c:d0:a0:07:07:1f:01:65:86:60:00:
74:78:9c:c8:cb:09:82:89:84:5b:4a:c3:ee:b0:06:
5d:68:61:e1:38:1d:c5:40:01:c2:1d:4e:5a:2a:f4:
8e:fd:c2:54:39:27:cd:f8:ac:84:d7:ba:21:1d:a1:
3a:95:5a:cb:ea:ae:aa:02:40:fb:a2:55:77:37:69:
2f:c4:57:b4:e7:05:fe:c6:2d:d5:06:ea:b3:88:2b:
be:8f:3a:52:69:e7:4f:1d:bb:fb:d4:3c:65:b5:f3:
96:fd:77:9e:cf:55:8c:c8:09:02:d7:dd:a1:1f:03:
aa:3e:f4:f3:74:8d:5b:b8:a2:70:5d:ab:ec:dc:75:
96:50:e1:5d:7c:68:47:df:a2:e1:60:76:2e:bc:9d:
37:aa:c2:42:50:47:65:ec:3c:f7:3a:37:d2:88:24:
1c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C1:A8:E0:39:85:14:90:E8:F7:98:F9:63:30:ED:62:E6:78:0F:7F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YMGo4DmFFJDo95j5YzDtYuZ4D38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.40.0/24
194.87.66.0/24
195.58.35.0/24
195.58.60.0/24
195.133.40.0/22
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d7:fe:29:64:3f:91:41:24:f2:ff:f4:75:6e:e9:3c:8b:c6:
96:68:9a:cc:5b:42:d6:44:7b:e1:ad:22:4d:ba:60:23:8e:df:
61:6b:72:07:71:96:e6:bc:39:cf:aa:96:ff:76:23:02:a2:20:
38:33:26:f0:e6:eb:73:ff:94:e7:31:59:45:60:ef:be:7d:03:
da:de:62:bb:82:5c:04:fb:9e:99:71:3b:00:50:a3:98:d4:50:
dc:e1:aa:45:54:4d:da:54:86:e7:80:c9:54:b9:0c:d4:31:3a:
0c:26:82:3a:a1:5b:1f:26:64:4b:b8:77:a8:be:12:f9:ba:4e:
8f:e7:82:9a:a7:9f:1c:bf:90:ed:c1:48:00:86:5e:75:0c:1b:
9a:c8:4c:61:a4:b5:90:c5:a9:3d:df:d3:72:d9:58:04:af:d0:
c6:60:51:30:72:d7:14:bb:cf:12:f4:e6:48:8e:9b:87:40:f8:
e8:f5:c4:8d:9f:bc:87:e9:ca:20:ed:8b:e6:02:b2:d8:3c:4a:
9b:06:64:2c:ca:56:3f:80:57:c4:4a:0b:08:7b:f8:c4:93:b2:
16:af:9f:80:5c:49:c9:65:07:0a:50:4a:2e:8e:d4:44:68:a9:
e5:f7:cf:4f:8c:fe:f8:dd:88:d4:95:a3:1b:a6:26:c5:8f:96:
c1:6a:08:a9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzY18UssJh0c5A4ClFFY/AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTA1MDg1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMxYThlMDM5ODUxNDkwZThmNzk4Zjk2MzMwZWQ2MmU2NzgwZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN2HCQjHsYuGTniStfdOREjXnfU8
D9Zoln/vtsehm5MsMabOpANJs5i4YWX9hk4UZzVErAdPj5sFwFgcVMtBX55YgIcB
cWzYqLzskYWN1UXLHMQgJ5bDimWHSVQ6jNCgBwcfAWWGYAB0eJzIywmCiYRbSsPu
sAZdaGHhOB3FQAHCHU5aKvSO/cJUOSfN+KyE17ohHaE6lVrL6q6qAkD7olV3N2kv
xFe05wX+xi3VBuqziCu+jzpSaedPHbv71DxltfOW/Xeez1WMyAkC192hHwOqPvTz
dI1buKJwXavs3HWWUOFdfGhH36LhYHYuvJ03qsJCUEdl7Dz3OjfSiCQcywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGDBqOA5hRSQ6PeY+WMw7WLmeA9/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWU1HbzREbUZGSkRvOTVqNVl6RHRZdVo0RDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwlcoAwQA
wldCAwQAwzojAwQAwzo8AwQCw4UoAwQA1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQAs
1/4pZD+RQSTy//R1buk8i8aWaJrMW0LWRHvhrSJNumAjjt9ha3IHcZbmvDnPqpb/
diMCoiA4Mybw5utz/5TnMVlFYO++fQPa3mK7glwE+56ZcTsAUKOY1FDc4apFVE3a
VIbngMlUuQzUMToMJoI6oVsfJmRLuHeovhL5uk6P54Kap58cv5DtwUgAhl51DBua
yExhpLWQxak939Ny2VgEr9DGYFEwctcUu88S9OZIjpuHQPjo9cSNn7yH6cog7Yvm
ArLYPEqbBmQsylY/gFfESgsIe/jEk7IWr5+AXEnJZQcKUEoujtREaKnl989PjP74
3YjUlaMbpibFj5bBagip
-----END CERTIFICATE-----
Generated at Mon Jan 8 17:51:36 2024 by rpki-client on console-ams.rpki-client.org