Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa
File: YcnR809u3SaDpi3R2xOWIxLjmpY.roa (raw, json)
Hash identifier: 27e28swcjpJ7HbaAwIl2UJimOFL+9A7Zjq5lrsaahIc=
Subject key identifier: 61:C9:D1:F3:4F:6E:DD:26:83:A6:2D:D1:DB:13:96:23:12:E3:9A:96
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492E6D71AD94F76720D2302F5F7BDA3
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205207
IP address blocks: 185.14.160.0/22 maxlen: 22
46.209.58.0/24 maxlen: 24
77.104.106.0/24 maxlen: 24
5.160.49.0/24 maxlen: 24
77.237.68.0/24 maxlen: 24
77.104.64.0/19 maxlen: 19
77.104.66.0/24 maxlen: 24
77.237.80.0/20 maxlen: 20
77.104.64.0/18 maxlen: 18
77.237.87.0/24 maxlen: 24
77.104.73.0/24 maxlen: 24
77.104.75.0/24 maxlen: 24
77.104.72.0/21 maxlen: 21
77.104.80.0/20 maxlen: 24
46.209.95.0/24 maxlen: 24
77.237.64.0/20 maxlen: 20
77.237.64.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 11 Sep 2024 07:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e6:d7:1a:d9:4f:76:72:0d:23:02:f5:f7:bd:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61c9d1f34f6edd2683a62dd1db13962312e39a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:62:ce:64:62:b1:86:22:0b:9b:5f:9e:20:7f:
8f:24:9a:e5:5b:32:e1:d2:e4:d4:0b:5c:37:4c:f5:
2c:1a:9c:2b:33:b1:35:40:5a:12:49:c6:22:e5:f1:
19:32:0f:22:1e:8a:ba:01:d3:ad:78:c8:e8:69:c8:
c4:1d:7d:3b:ea:8c:cb:5c:20:fe:87:ce:d9:15:90:
6f:2f:a9:77:6a:5e:0a:04:69:6c:76:92:5b:1a:64:
4f:35:25:e2:a6:53:08:0d:5e:bf:f4:5e:d4:fc:f0:
46:fe:8e:53:5a:82:f4:1a:35:05:fe:42:71:a6:08:
4c:d8:5a:07:05:da:1b:32:7a:14:d5:cb:3a:94:76:
6a:0b:7f:6b:38:c2:a9:cd:c8:45:72:3e:b7:38:87:
9d:c1:06:b7:d9:87:f8:59:0b:a5:11:0e:20:22:99:
00:ab:1f:26:44:5e:ba:53:e0:04:41:d7:85:0b:5f:
a3:a3:f9:d9:60:34:43:55:9e:f9:0e:2c:09:0d:da:
1d:4c:aa:14:93:1f:b3:cf:d8:8e:c4:93:d6:a5:fa:
49:1f:ec:dc:47:60:5e:47:89:4e:60:0a:af:f6:c4:
5a:7e:f8:d3:ab:07:fe:20:4b:c5:0e:e2:c2:da:67:
a9:cf:55:7c:9d:1c:5d:4e:f2:53:06:ce:cd:46:32:
04:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C9:D1:F3:4F:6E:DD:26:83:A6:2D:D1:DB:13:96:23:12:E3:9A:96
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YcnR809u3SaDpi3R2xOWIxLjmpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.49.0/24
46.209.58.0/24
46.209.95.0/24
77.104.64.0/18
77.237.64.0/19
185.14.160.0/22
Signature Algorithm: sha256WithRSAEncryption
03:7c:6c:cd:f0:25:27:d8:1a:51:d9:ee:9d:4d:f1:39:dd:1f:
64:4b:c0:bb:f7:95:db:50:ac:1b:0b:ea:52:3e:fa:d0:d6:17:
97:46:b7:29:6c:a4:a1:4e:2b:9f:ad:23:46:65:47:44:74:35:
0d:8f:e9:ab:85:1f:8b:cb:22:bd:0c:f5:c4:d5:1e:4b:5e:fc:
cf:1e:9d:e4:a0:a2:18:44:ad:44:ca:6a:0e:e5:2f:43:f8:7b:
15:b7:33:93:dd:73:ab:a8:40:36:15:59:40:ed:55:14:fd:97:
a0:d1:ff:44:76:c4:1c:d7:38:3e:3b:bf:94:89:22:88:90:42:
94:db:5c:f5:22:b2:6c:ac:ed:81:e2:c0:16:35:f2:f4:03:23:
69:f5:ef:43:cd:33:1c:c9:7d:dc:44:f8:4f:89:fd:f2:36:3c:
c4:d4:24:a1:e0:5e:14:e4:9b:4e:11:c5:bc:02:f8:77:b8:69:
dc:62:80:db:64:ea:43:7d:13:46:6e:1b:1e:53:67:52:e9:9a:
a6:1e:52:c7:de:45:9f:4d:e6:88:f7:af:dc:5b:a6:2d:86:fb:
bf:e5:c3:f0:31:6d:39:53:a5:65:01:20:d2:45:bf:bb:42:4d:
44:b5:b6:da:a7:ae:e6:00:b1:bc:7d:ab:81:3a:ff:fd:3e:df:
44:7f:c7:45
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEkubXGtlPdnINIwL1972jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM5ZDFmMzRmNmVkZDI2ODNhNjJkZDFkYjEzOTYyMzEyZTM5YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmLOZGKxhiILm1+eIH+PJJrlWzLh
0uTUC1w3TPUsGpwrM7E1QFoSScYi5fEZMg8iHoq6AdOteMjoacjEHX076ozLXCD+
h87ZFZBvL6l3al4KBGlsdpJbGmRPNSXiplMIDV6/9F7U/PBG/o5TWoL0GjUF/kJx
pghM2FoHBdobMnoU1cs6lHZqC39rOMKpzchFcj63OIedwQa32Yf4WQulEQ4gIpkA
qx8mRF66U+AEQdeFC1+jo/nZYDRDVZ75DiwJDdodTKoUkx+zz9iOxJPWpfpJH+zc
R2BeR4lOYAqv9sRafvjTqwf+IEvFDuLC2mepz1V8nRxdTvJTBs7NRjIEoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGHJ0fNPbt0mg6Yt0dsTliMS45qWMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWWNuUjgwOXUzU2FEcGkzUjJ4T1dJeExqbXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABaAxAwQA
LtE6AwQALtFfAwQGTWhAAwQFTe1AAwQCuQ6gMA0GCSqGSIb3DQEBCwUAA4IBAQAD
fGzN8CUn2BpR2e6dTfE53R9kS8C795XbUKwbC+pSPvrQ1heXRrcpbKShTiufrSNG
ZUdEdDUNj+mrhR+LyyK9DPXE1R5LXvzPHp3koKIYRK1EymoO5S9D+HsVtzOT3XOr
qEA2FVlA7VUU/Zeg0f9EdsQc1zg+O7+UiSKIkEKU21z1IrJsrO2B4sAWNfL0AyNp
9e9DzTMcyX3cRPhPif3yNjzE1CSh4F4U5JtOEcW8Avh3uGncYoDbZOpDfRNGbhse
U2dS6ZqmHlLH3kWfTeaI96/cW6Ythvu/5cPwMW05U6VlASDSRb+7Qk1Etbbap67m
ALG8fauBOv/9Pt9Ef8dF
-----END CERTIFICATE-----
Generated at Wed Sep 11 08:42:23 2024 by rpki-client on console-ams.rpki-client.org