Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/YcIM50Xk3zvAMQC_60hI8MjGhbc.roa
File: YcIM50Xk3zvAMQC_60hI8MjGhbc.roa (raw, json)
Hash identifier: xht7a2Z3gDrGRL5leY1e/eNmS3okSkP9SShYL6Pkgm8=
Subject key identifier: 61:C2:0C:E7:45:E4:DF:3B:C0:31:00:BF:EB:48:48:F0:C8:C6:85:B7
Certificate issuer: /CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Certificate serial: 0185A035CF2555457A3D2792FB20FB12A8A4
Authority key identifier: 8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/YcIM50Xk3zvAMQC_60hI8MjGhbc.roa
Signing time: Wed 11 Jan 2023 09:42:39 +0000
ROA not before: Wed 11 Jan 2023 09:42:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202499
IP address blocks: 185.228.240.0/24 maxlen: 24
185.228.241.0/24 maxlen: 24
185.228.242.0/24 maxlen: 24
185.71.168.0/22 maxlen: 22
185.239.64.0/22 maxlen: 22
185.239.64.0/24 maxlen: 24
185.239.65.0/24 maxlen: 24
185.239.66.0/24 maxlen: 24
185.239.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:35:cf:25:55:45:7a:3d:27:92:fb:20:fb:12:a8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eee7a3ad152bb8725a7db9bb7520804b6f1155f
Validity
Not Before: Jan 11 09:42:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61c20ce745e4df3bc03100bfeb4848f0c8c685b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ff:cb:ab:55:f9:1b:ae:9b:89:fd:44:a6:fa:
b9:0d:9d:c2:35:82:b5:19:ca:b6:d6:e2:7d:09:75:
61:72:6f:f1:8d:66:0f:53:4e:f0:65:b9:85:d5:98:
ab:84:79:53:56:f8:55:41:52:24:38:50:a2:4e:dc:
8d:d6:2b:09:ac:2b:6d:55:43:55:1c:50:9b:fe:fa:
fd:8b:c3:90:0c:da:45:e9:85:32:67:dd:7d:96:6b:
98:10:e9:3d:3e:ec:de:67:4e:b5:f7:bf:2e:63:aa:
73:94:a1:47:af:66:6d:f2:9e:1f:3d:db:1a:1f:bb:
af:41:05:05:3e:c3:90:75:5e:13:e0:0a:51:97:3d:
3b:f3:bd:20:be:27:7a:bb:87:17:5d:1c:86:5b:91:
02:6e:17:34:fa:3d:21:5b:39:5d:d8:1f:22:cf:47:
e3:1b:83:2f:3e:db:bc:30:7a:68:0c:ae:ea:48:5a:
78:d2:21:ea:d5:ae:0c:23:59:9b:f6:90:15:52:af:
38:ed:be:f1:b7:13:0e:ec:9b:8c:7d:9d:ef:a9:71:
53:85:77:7b:ab:5a:b0:75:6a:0f:20:8a:59:0f:ee:
22:9e:78:e7:91:10:ea:af:dd:1b:91:61:00:36:2c:
2f:08:7f:a1:e8:51:e0:55:7e:e8:76:02:c9:c3:d8:
b1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C2:0C:E7:45:E4:DF:3B:C0:31:00:BF:EB:48:48:F0:C8:C6:85:B7
X509v3 Authority Key Identifier:
keyid:8E:EE:7A:3A:D1:52:BB:87:25:A7:DB:9B:B7:52:08:04:B6:F1:15:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ju56OtFSu4clp9ubt1IIBLbxFV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/YcIM50Xk3zvAMQC_60hI8MjGhbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7979b2-c3d9-4f33-a09f-49591afe17f0/1/ju56OtFSu4clp9ubt1IIBLbxFV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.168.0/22
185.228.240.0-185.228.242.255
185.239.64.0/22
Signature Algorithm: sha256WithRSAEncryption
37:62:b3:62:f0:10:95:f9:4a:d0:65:14:25:6a:22:1c:12:00:
2b:cb:bc:19:76:99:e6:76:54:5b:86:97:69:28:b3:ba:2f:8d:
7b:e3:92:38:3d:53:09:f6:94:50:c1:cc:e4:b9:0b:8f:ef:b4:
ae:fd:e0:27:9c:a6:32:33:ee:d3:da:f4:71:89:18:e3:ea:f8:
5a:4d:53:fc:cc:38:d7:eb:fe:78:ac:01:92:5d:ff:cf:da:86:
38:a5:94:2a:a2:46:2f:50:83:f3:1b:f6:ef:00:61:06:01:76:
53:0a:2f:58:bc:a8:71:32:9c:c9:09:9f:0e:e2:99:96:61:c3:
19:81:80:1d:a2:de:c4:a1:14:f3:db:7b:0e:ef:8c:11:0c:a0:
d8:5f:d9:c3:4e:05:a4:a9:67:60:9c:2a:a2:34:86:78:f7:8b:
fc:6d:5d:3f:9d:55:71:64:44:08:ba:78:e6:08:76:c1:ff:a1:
af:ae:ed:54:aa:30:c3:f2:22:80:4f:95:4b:3c:03:a2:64:47:
78:fc:ba:54:60:56:c3:d9:68:10:54:5f:f5:8e:19:7f:67:4c:
4f:04:8f:6a:6d:a5:1a:9f:28:b1:1a:a6:8d:c7:70:ae:28:76:
5f:41:81:24:dc:b0:f4:55:0a:f4:2b:01:f2:3b:dd:43:f0:25:
ff:d4:c7:88
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYWgNc8lVUV6PSeS+yD7EqikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZWU3YTNhZDE1MmJiODcyNWE3ZGI5YmI3NTIwODA0YjZm
MTE1NWYwHhcNMjMwMTExMDk0MjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWMyMGNlNzQ1ZTRkZjNiYzAzMTAwYmZlYjQ4NDhmMGM4YzY4NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo//Lq1X5G66bif1Epvq5DZ3CNYK1
Gcq21uJ9CXVhcm/xjWYPU07wZbmF1ZirhHlTVvhVQVIkOFCiTtyN1isJrCttVUNV
HFCb/vr9i8OQDNpF6YUyZ919lmuYEOk9PuzeZ061978uY6pzlKFHr2Zt8p4fPdsa
H7uvQQUFPsOQdV4T4ApRlz07870gvid6u4cXXRyGW5ECbhc0+j0hWzld2B8iz0fj
G4MvPtu8MHpoDK7qSFp40iHq1a4MI1mb9pAVUq847b7xtxMO7JuMfZ3vqXFThXd7
q1qwdWoPIIpZD+4innjnkRDqr90bkWEANiwvCH+h6FHgVX7odgLJw9ixpwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGHCDOdF5N87wDEAv+tISPDIxoW3MB8GA1UdIwQY
MBaAFI7uejrRUruHJafbm7dSCAS28RVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYt
NDk1OTFhZmUxN2YwLzEvWWNJTTUwWGszenZBTVFDXzYwaEk4TWpHaGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83OTc5YjItYzNkOS00ZjMzLWEwOWYtNDk1OTFhZmUxN2Yw
LzEvanU1Nk90RlN1NGNscDl1YnQxSUlCTGJ4RlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuUeoMAwD
BAS55PADBAC55PIDBAK570AwDQYJKoZIhvcNAQELBQADggEBADdis2LwEJX5StBl
FCVqIhwSACvLvBl2meZ2VFuGl2kos7ovjXvjkjg9Uwn2lFDBzOS5C4/vtK794Cec
pjIz7tPa9HGJGOPq+FpNU/zMONfr/nisAZJd/8/ahjillCqiRi9Qg/Mb9u8AYQYB
dlMKL1i8qHEynMkJnw7imZZhwxmBgB2i3sShFPPbew7vjBEMoNhf2cNOBaSpZ2Cc
KqI0hnj3i/xtXT+dVXFkRAi6eOYIdsH/oa+u7VSqMMPyIoBPlUs8A6JkR3j8ulRg
VsPZaBBUX/WOGX9nTE8Ej2ptpRqfKLEapo3HcK4odl9BgSTcsPRVCvQrAfI73UPw
Jf/Ux4g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:54 2024 by rpki-client on console-ams.rpki-client.org