Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/y2xvioMWYp4BS7TZjzGhvYWzb9Q.roa
File: y2xvioMWYp4BS7TZjzGhvYWzb9Q.roa (raw, json)
Hash identifier: UhO/r7kIdwwsQUUFCrtEb5x5PGlX7ZPPj10SpOTt8J0=
Subject key identifier: CB:6C:6F:8A:83:16:62:9E:01:4B:B4:D9:8F:31:A1:BD:85:B3:6F:D4
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FEC18013F0DB14DC3B97FB65BE0DF
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/y2xvioMWYp4BS7TZjzGhvYWzb9Q.roa
Signing time: Tue 02 Jan 2024 04:30:27 +0000
ROA not before: Tue 02 Jan 2024 04:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34418
IP address blocks: 176.236.215.0/24 maxlen: 24
85.153.153.0/24 maxlen: 24
85.153.154.0/24 maxlen: 24
212.252.211.0/24 maxlen: 24
212.252.208.0/23 maxlen: 23
212.252.210.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 20 May 2024 05:47:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ec:18:01:3f:0d:b1:4d:c3:b9:7f:b6:5b:e0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb6c6f8a8316629e014bb4d98f31a1bd85b36fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:81:55:bb:37:71:e9:f0:94:4c:56:60:a5:45:
a1:f5:79:83:4c:5e:46:b8:a5:0c:6b:46:38:2b:b0:
aa:a1:dd:4e:35:2d:ba:75:29:4a:0c:1f:77:75:9b:
c6:73:b6:40:1c:48:4d:53:e2:b2:0d:d4:65:64:37:
ea:5e:f4:80:7a:57:99:47:9a:4d:82:8c:2a:9d:20:
02:ce:2c:3c:de:4b:f8:e4:db:b0:3a:15:a9:68:f5:
f1:4f:c8:1f:e5:96:ca:fb:09:8c:38:99:12:02:43:
f1:d9:c3:42:4a:8c:2b:3a:f3:e7:f8:2b:e1:07:01:
3f:77:3b:b8:42:a5:16:5a:22:f4:19:97:0f:5f:d9:
5c:d7:7a:bc:27:f4:e8:2d:24:fa:73:04:98:66:1d:
9e:10:c1:91:62:21:44:3d:00:d7:10:ba:f3:e1:9f:
dc:35:56:4f:c7:e7:8c:96:be:e0:e5:d6:e0:e1:cc:
7b:64:90:a2:a5:34:6f:78:07:84:51:11:00:7f:91:
c4:2e:89:e1:ed:de:66:65:ed:a9:12:00:3f:d4:70:
ed:96:da:84:0f:26:e7:89:97:7f:27:44:89:55:de:
4a:52:d0:80:68:8c:6e:f6:26:61:1a:2f:e0:da:56:
cb:05:1e:e9:a7:31:7b:50:40:b6:20:2d:af:37:c9:
56:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6C:6F:8A:83:16:62:9E:01:4B:B4:D9:8F:31:A1:BD:85:B3:6F:D4
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/y2xvioMWYp4BS7TZjzGhvYWzb9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.153.0-85.153.154.255
176.236.215.0/24
212.252.208.0/22
Signature Algorithm: sha256WithRSAEncryption
06:58:ac:95:21:77:f7:9f:de:45:0c:fa:dd:21:f8:be:3d:e4:
2f:a7:0e:f1:69:7b:c8:32:a6:8c:d6:27:54:c9:2a:06:c8:26:
53:75:da:dc:a3:3c:58:0b:a1:f8:70:aa:a2:22:85:ea:87:cb:
f8:31:00:4b:6f:73:42:5d:71:8e:c3:53:80:7b:a2:53:48:92:
3a:08:42:26:1d:36:b5:b1:38:0e:b5:c0:42:2c:a2:3b:2b:8a:
e7:77:d1:23:56:45:c4:e9:b6:db:c3:45:19:86:6d:6e:0a:41:
d0:6e:50:4c:40:2b:a5:d1:e4:0a:f2:aa:89:59:bf:95:a3:c9:
df:28:60:84:eb:62:bc:bb:c4:55:7e:5c:44:9e:82:4c:8c:f5:
45:3e:0d:97:80:3e:59:fe:2a:1e:09:9b:35:ee:9d:c6:8f:d6:
6f:bf:81:d6:eb:1e:64:e9:52:59:fc:c1:31:fb:78:a5:71:b0:
3c:f3:72:c9:69:b4:56:eb:3b:b1:98:7f:85:09:38:50:d3:fd:
3a:44:ee:b3:47:25:4f:c1:58:06:81:2e:1c:60:13:07:e2:fa:
a9:85:c1:21:24:c5:67:92:e7:2e:5c:df:c7:df:07:57:58:85:
54:ed:46:9a:f0:c5:6f:5c:6e:2e:a5:a4:49:b2:3a:0d:f9:e4:
56:bd:43:a0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIb+wYAT8NsU3DuX+2W+DfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZjNmY4YTgzMTY2MjllMDE0YmI0ZDk4ZjMxYTFiZDg1YjM2ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYFVuzdx6fCUTFZgpUWh9XmDTF5G
uKUMa0Y4K7Cqod1ONS26dSlKDB93dZvGc7ZAHEhNU+KyDdRlZDfqXvSAeleZR5pN
gowqnSACziw83kv45NuwOhWpaPXxT8gf5ZbK+wmMOJkSAkPx2cNCSowrOvPn+Cvh
BwE/dzu4QqUWWiL0GZcPX9lc13q8J/ToLST6cwSYZh2eEMGRYiFEPQDXELrz4Z/c
NVZPx+eMlr7g5dbg4cx7ZJCipTRveAeEUREAf5HELonh7d5mZe2pEgA/1HDtltqE
DybniZd/J0SJVd5KUtCAaIxu9iZhGi/g2lbLBR7ppzF7UEC2IC2vN8lW8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMtsb4qDFmKeAUu02Y8xob2Fs2/UMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEveTJ4dmlvTVdZcDRCUzdUWmp6R2h2WVd6YjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVmZkD
BABVmZoDBACw7NcDBALU/NAwDQYJKoZIhvcNAQELBQADggEBAAZYrJUhd/ef3kUM
+t0h+L495C+nDvFpe8gypozWJ1TJKgbIJlN12tyjPFgLofhwqqIiheqHy/gxAEtv
c0JdcY7DU4B7olNIkjoIQiYdNrWxOA61wEIsojsriud30SNWRcTpttvDRRmGbW4K
QdBuUExAK6XR5AryqolZv5Wjyd8oYITrYry7xFV+XESegkyM9UU+DZeAPln+Kh4J
mzXuncaP1m+/gdbrHmTpUln8wTH7eKVxsDzzcslptFbrO7GYf4UJOFDT/TpE7rNH
JU/BWAaBLhxgEwfi+qmFwSEkxWeS5y5c38ffB1dYhVTtRprwxW9cbi6lpEmyOg35
5Fa9Q6A=
-----END CERTIFICATE-----
Generated at Mon May 20 06:55:20 2024 by rpki-client on console-ams.rpki-client.org