Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/YAFVMLUD1ltcVppI0bVLAwmS58s.roa
File: YAFVMLUD1ltcVppI0bVLAwmS58s.roa (raw, json)
Hash identifier: yD6G+4sQGK7tJ1Wi04phXY4Zi+hI9I8dM9gtxoHyeOA=
Subject key identifier: 60:01:55:30:B5:03:D6:5B:5C:56:9A:48:D1:B5:4B:03:09:92:E7:CB
Certificate issuer: /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial: 018CB9F56CFEC998151DD73802F241F8EEDA
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/YAFVMLUD1ltcVppI0bVLAwmS58s.roa
Signing time: Sat 30 Dec 2023 09:01:58 +0000
ROA not before: Sat 30 Dec 2023 09:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48147
IP address blocks: 185.142.156.0/24 maxlen: 24
185.142.156.0/22 maxlen: 22
185.142.157.0/24 maxlen: 24
185.142.158.0/24 maxlen: 24
185.142.159.0/24 maxlen: 24
185.208.180.0/22 maxlen: 22
185.208.180.0/24 maxlen: 24
185.208.181.0/24 maxlen: 24
185.208.182.0/24 maxlen: 24
185.208.183.0/24 maxlen: 24
185.213.8.0/24 maxlen: 24
185.213.10.0/24 maxlen: 24
2a07:4284::/32 maxlen: 32
2a0b:3cc7::/32 maxlen: 32
2a07:4285::/32 maxlen: 32
2a07:4283::/32 maxlen: 32
2a0b:3cc0::/32 maxlen: 32
2a0b:3cc6::/32 maxlen: 32
2a07:4280::/29 maxlen: 29
2a07:4287::/32 maxlen: 32
2a0b:3cc5::/32 maxlen: 32
2a07:4281::/32 maxlen: 32
2a0b:3cc2::/32 maxlen: 32
2a0b:3cc3::/32 maxlen: 32
2a07:4280::/32 maxlen: 32
2a0b:3cc0::/29 maxlen: 29
2a07:4282:11:377::/64 maxlen: 64
2a0b:3cc1::/32 maxlen: 32
2a07:4282::/32 maxlen: 32
2a0b:3cc4::/32 maxlen: 32
2a07:4286::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 30 Dec 2023 09:19:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b9:f5:6c:fe:c9:98:15:1d:d7:38:02:f2:41:f8:ee:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Validity
Not Before: Dec 30 09:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60015530b503d65b5c569a48d1b54b030992e7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:78:43:5e:d0:9f:b2:20:6f:5f:8f:d7:aa:cc:
fd:6c:b6:a9:53:ff:21:bb:f7:f6:37:21:c1:84:15:
4d:9b:74:b2:ff:87:29:a2:f7:b4:a3:14:4b:33:50:
8d:39:76:52:48:31:07:20:44:57:71:79:86:0f:44:
48:95:b7:d4:f6:68:3a:00:8c:63:ff:e2:6d:74:4d:
b1:9a:25:c5:30:51:3d:6c:88:a5:11:b0:56:05:8e:
dc:5d:a4:57:6a:d2:a4:40:0a:29:ff:f3:84:ba:07:
3d:3e:72:ba:c7:b9:4b:0a:b5:61:1f:09:a9:37:d2:
d2:d1:a4:7e:3d:c6:e6:ff:33:48:7b:ee:57:c4:86:
31:10:7f:f6:88:90:8b:d2:b4:7d:a8:a5:20:3e:0e:
c8:0c:70:7f:f1:47:97:95:2d:06:ac:4b:82:93:5e:
25:30:a9:9d:23:87:19:67:f1:b0:3d:b7:18:22:a4:
7f:7b:2c:07:d2:b4:94:29:05:bb:e4:86:46:fa:1b:
08:3e:bf:ae:f4:71:4d:a5:e4:d5:3d:58:a5:4f:d2:
36:b5:da:0a:70:e8:0f:12:85:e7:29:9c:6a:54:b0:
b2:52:ed:03:1a:18:97:e4:48:b9:11:65:b6:ae:d7:
0f:56:a0:c1:36:73:b4:9b:a9:04:ec:b3:d7:52:c4:
b4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:01:55:30:B5:03:D6:5B:5C:56:9A:48:D1:B5:4B:03:09:92:E7:CB
X509v3 Authority Key Identifier:
keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/YAFVMLUD1ltcVppI0bVLAwmS58s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.156.0/22
185.208.180.0/22
185.213.8.0/24
185.213.10.0/24
IPv6:
2a07:4280::/29
2a0b:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
04:4a:2c:de:0d:c4:be:24:8e:a9:9a:f4:07:9a:5e:f6:b5:49:
3f:99:7d:57:ff:48:62:47:64:a1:84:9a:dd:85:91:9c:2f:50:
aa:15:df:f5:06:e7:0a:31:fa:c3:ab:6e:93:4c:ab:9f:4d:a7:
a7:e4:9c:d4:f2:9e:6c:2f:88:29:91:f4:e2:96:cf:06:dd:38:
d0:89:b3:10:e7:9c:4b:f1:82:33:63:ba:d2:36:8e:e9:a4:ae:
50:11:28:10:b6:6d:da:55:03:c2:2e:87:cd:f3:58:7c:7f:50:
46:6d:68:50:f1:e7:13:92:a2:1c:55:aa:91:a4:f6:f3:39:38:
0c:02:20:28:7e:17:47:66:a8:d8:ce:f6:ee:3d:74:87:57:02:
f6:b3:f2:5b:0c:05:aa:8c:91:f3:7e:f4:94:99:a5:e9:48:aa:
60:98:2f:de:d9:0e:b6:15:b2:49:68:83:a6:f4:6a:98:12:74:
56:b9:c2:7a:ca:e3:64:80:3a:26:e8:32:db:c8:40:31:81:0d:
30:3a:eb:2d:ec:33:81:f5:9c:37:2b:8d:93:15:33:ae:31:15:
26:59:cb:45:5e:33:5c:08:c2:a2:a2:a3:b8:fb:61:2c:e4:c1:
70:30:f5:d6:22:22:13:f8:17:fd:4a:b9:ae:99:6b:93:17:4c:
4a:82:a6:67
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYy59Wz+yZgVHdc4AvJB+O7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjMxMjMwMDkwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDAxNTUzMGI1MDNkNjViNWM1NjlhNDhkMWI1NGIwMzA5OTJlN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnhDXtCfsiBvX4/Xqsz9bLapU/8h
u/f2NyHBhBVNm3Sy/4cpove0oxRLM1CNOXZSSDEHIERXcXmGD0RIlbfU9mg6AIxj
/+JtdE2xmiXFMFE9bIilEbBWBY7cXaRXatKkQAop//OEugc9PnK6x7lLCrVhHwmp
N9LS0aR+Pcbm/zNIe+5XxIYxEH/2iJCL0rR9qKUgPg7IDHB/8UeXlS0GrEuCk14l
MKmdI4cZZ/GwPbcYIqR/eywH0rSUKQW75IZG+hsIPr+u9HFNpeTVPVilT9I2tdoK
cOgPEoXnKZxqVLCyUu0DGhiX5Ei5EWW2rtcPVqDBNnO0m6kE7LPXUsS01wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGABVTC1A9ZbXFaaSNG1SwMJkufLMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvWUFGVk1MVUQxbHRjVnBwSTBiVkxBd21TNThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuY6cAwQC
udC0AwQAudUIAwQAudUKMBQEAgACMA4DBQMqB0KAAwUDKgs8wDANBgkqhkiG9w0B
AQsFAAOCAQEABEos3g3EviSOqZr0B5pe9rVJP5l9V/9IYkdkoYSa3YWRnC9QqhXf
9QbnCjH6w6tuk0yrn02np+Sc1PKebC+IKZH04pbPBt040ImzEOecS/GCM2O60jaO
6aSuUBEoELZt2lUDwi6HzfNYfH9QRm1oUPHnE5KiHFWqkaT28zk4DAIgKH4XR2ao
2M727j10h1cC9rPyWwwFqoyR8370lJml6UiqYJgv3tkOthWySWiDpvRqmBJ0VrnC
esrjZIA6Jugy28hAMYENMDrrLewzgfWcNyuNkxUzrjEVJlnLRV4zXAjCoqKjuPth
LOTBcDD11iIiE/gX/Uq5rplrkxdMSoKmZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:00 2024 by rpki-client on console-ams.rpki-client.org