Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2YgL_BUJM7DJ8wzjnDhx5_U4d3s.roa
File: 2YgL_BUJM7DJ8wzjnDhx5_U4d3s.roa (raw, json)
Hash identifier: /8VZK0xWz7wbY5fLvTxpgM20UtewKEFajVUEJgFt3So=
Subject key identifier: D9:88:0B:FC:15:09:33:B0:C9:F3:0C:E3:9C:38:71:E7:F5:38:77:7B
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018732D5F26C1BBC3012112A4F8CEC229195
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2YgL_BUJM7DJ8wzjnDhx5_U4d3s.roa
Signing time: Thu 30 Mar 2023 14:04:54 +0000
ROA not before: Thu 30 Mar 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212826
IP address blocks: 185.232.84.0/23 maxlen: 24
45.154.238.0/23 maxlen: 24
45.152.11.0/24 maxlen: 24
45.157.32.0/23 maxlen: 24
213.185.86.0/23 maxlen: 24
45.130.52.0/24 maxlen: 24
194.40.246.0/23 maxlen: 24
46.161.208.0/23 maxlen: 23
45.128.158.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:32:d5:f2:6c:1b:bc:30:12:11:2a:4f:8c:ec:22:91:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 30 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9880bfc150933b0c9f30ce39c3871e7f538777b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:49:a5:ac:5e:e8:77:4d:62:36:b0:f0:32:
60:12:cd:62:ca:fb:21:12:44:6d:b4:cc:c5:d3:1f:
16:c5:31:21:5f:49:80:93:3b:09:20:ce:a7:80:e3:
90:99:4c:f5:74:75:c5:67:bc:41:51:73:05:c9:fe:
57:7a:16:03:27:0b:7c:26:52:d5:61:0f:e9:3b:88:
bf:c5:32:f9:d3:35:77:b2:16:e0:59:3b:f1:e9:bc:
b9:0c:ed:dc:5c:13:00:2f:1d:f2:e3:7d:df:9c:fb:
b4:a3:98:ed:e5:1d:94:0f:f0:10:7f:42:31:63:e9:
1d:cd:46:7c:7e:cd:24:70:13:07:29:29:53:3c:69:
e2:95:94:46:96:5d:c8:33:3e:e8:e7:21:70:e1:8f:
91:d3:4f:cc:1c:b5:da:d6:3d:22:d6:11:36:2b:ca:
a2:f9:c9:f2:e1:0b:0f:3f:a7:8b:b1:15:d9:9f:6b:
f3:53:58:72:46:45:1b:ba:92:51:6c:21:f1:4f:b6:
6a:bf:2e:10:08:50:99:58:6f:65:15:47:5b:64:7a:
70:ab:56:fa:e6:e4:09:29:cc:cd:6d:9a:e4:24:14:
a8:9b:8a:60:cf:01:03:35:0d:f8:74:89:ed:e9:10:
c7:cd:7a:93:a9:67:b9:b0:4d:8b:89:61:80:1e:9a:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:88:0B:FC:15:09:33:B0:C9:F3:0C:E3:9C:38:71:E7:F5:38:77:7B
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2YgL_BUJM7DJ8wzjnDhx5_U4d3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.158.0/23
45.130.52.0/24
45.152.11.0/24
45.154.238.0/23
45.157.32.0/23
46.161.208.0/23
185.232.84.0/23
194.40.246.0/23
213.185.86.0/23
Signature Algorithm: sha256WithRSAEncryption
29:4f:f8:fd:19:ca:c9:75:75:14:94:d0:78:a2:61:77:3d:ec:
68:09:c4:66:f5:52:69:58:51:85:db:b7:e3:b3:9a:8a:1b:a5:
2a:8d:17:b8:09:a8:1b:e2:21:ad:8d:13:83:5d:3b:5b:dc:e3:
44:23:f6:73:91:83:07:ac:42:4f:64:b8:ea:ef:1f:02:fe:0c:
3b:90:22:f8:ee:c0:20:70:69:82:72:72:63:5e:82:1f:13:ca:
49:64:b9:f0:3e:a5:21:50:95:5c:19:c5:4b:b1:65:66:74:12:
37:15:4e:f9:95:aa:13:13:66:82:ab:1b:d1:be:da:db:3f:1f:
e5:e1:d9:dd:e7:5e:73:95:d8:7a:f2:86:41:24:c5:6a:32:ee:
f1:7e:fa:ca:f6:a4:95:07:db:b8:39:06:64:e7:cd:57:d7:b6:
63:0d:9b:e7:04:91:0d:e1:d5:70:10:12:1d:51:8f:be:76:e6:
bd:89:86:25:06:ea:e1:ea:06:23:7c:4f:c9:16:5e:15:d8:f2:
34:2c:46:a2:d2:3c:b3:a9:ae:ab:a5:7e:88:b0:1c:a5:2a:43:
52:4e:74:08:f0:9f:69:5f:39:b4:88:4c:81:90:f8:f6:e2:9c:
fe:68:f5:81:a1:af:fe:f5:52:c9:2e:4a:a0:eb:13:9f:5c:05:
6d:6a:fe:c1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYcy1fJsG7wwEhEqT4zsIpGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMzMwMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg4MGJmYzE1MDkzM2IwYzlmMzBjZTM5YzM4NzFlN2Y1Mzg3NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnulJpaxe6HdNYjaw8DJgEs1iyvsh
EkRttMzF0x8WxTEhX0mAkzsJIM6ngOOQmUz1dHXFZ7xBUXMFyf5XehYDJwt8JlLV
YQ/pO4i/xTL50zV3shbgWTvx6by5DO3cXBMALx3y433fnPu0o5jt5R2UD/AQf0Ix
Y+kdzUZ8fs0kcBMHKSlTPGnilZRGll3IMz7o5yFw4Y+R00/MHLXa1j0i1hE2K8qi
+cny4QsPP6eLsRXZn2vzU1hyRkUbupJRbCHxT7Zqvy4QCFCZWG9lFUdbZHpwq1b6
5uQJKczNbZrkJBSom4pgzwEDNQ34dInt6RDHzXqTqWe5sE2LiWGAHpqjlwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNmIC/wVCTOwyfMM45w4cef1OHd7MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMllnTF9CVUpNN0RKOHd6am5EaHg1X1U0ZDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYCeAwQA
LYI0AwQALZgLAwQBLZruAwQBLZ0gAwQBLqHQAwQBuehUAwQBwij2AwQB1blWMA0G
CSqGSIb3DQEBCwUAA4IBAQApT/j9GcrJdXUUlNB4omF3PexoCcRm9VJpWFGF27fj
s5qKG6UqjRe4Cagb4iGtjRODXTtb3ONEI/ZzkYMHrEJPZLjq7x8C/gw7kCL47sAg
cGmCcnJjXoIfE8pJZLnwPqUhUJVcGcVLsWVmdBI3FU75laoTE2aCqxvRvtrbPx/l
4dnd515zldh68oZBJMVqMu7xfvrK9qSVB9u4OQZk581X17ZjDZvnBJEN4dVwEBId
UY++dua9iYYlBurh6gYjfE/JFl4V2PI0LEai0jyzqa6rpX6IsBylKkNSTnQI8J9p
Xzm0iEyBkPj24pz+aPWBoa/+9VLJLkqg6xOfXAVtav7B
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org