Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/YtdKhfi6Q075talgFYZtbR9fzXo.roa
File: YtdKhfi6Q075talgFYZtbR9fzXo.roa (raw, json)
Hash identifier: P0ehwRSmvxd32YDk35ITOnaQhslcMi5D2PwlQ37FJ04=
Subject key identifier: 62:D7:4A:85:F8:BA:43:4E:F9:B5:A9:60:15:86:6D:6D:1F:5F:CD:7A
Certificate issuer: /CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Certificate serial: 018CC3B68AA6D10556737D5E0BDECA63C463
Authority key identifier: E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/YtdKhfi6Q075talgFYZtbR9fzXo.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207594
IP address blocks: 85.116.152.0/22 maxlen: 22
85.116.152.0/21 maxlen: 21
85.116.148.0/22 maxlen: 22
85.116.158.0/24 maxlen: 24
85.116.159.0/24 maxlen: 24
85.116.156.0/23 maxlen: 23
185.30.80.0/22 maxlen: 22
185.68.192.0/22 maxlen: 22
2a00:a2a0::/32 maxlen: 32
2a05:10c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Apr 2024 16:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8a:a6:d1:05:56:73:7d:5e:0b:de:ca:63:c4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62d74a85f8ba434ef9b5a96015866d6d1f5fcd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e6:f2:22:5a:b8:2a:ec:e7:40:7f:e4:a0:3e:
36:39:d6:8c:5b:8a:63:e6:f2:e0:21:3e:fc:d8:51:
bf:34:42:c2:b2:5f:28:5c:ca:13:37:ab:c6:1d:ce:
85:a3:79:64:89:93:61:df:01:04:45:1f:f2:57:dd:
49:23:0f:6c:cc:f7:59:ce:14:63:8b:a2:3d:8e:54:
cb:02:56:e2:5a:17:0c:8f:3a:00:91:25:fa:79:cc:
81:5e:fd:7e:c8:fa:44:03:4c:4c:c1:7c:03:8e:8e:
60:c8:fe:18:05:78:ae:cc:e7:b5:e6:24:78:4b:18:
cf:4c:25:f2:ce:a0:09:42:d9:0e:2e:be:f2:58:97:
c0:37:3f:f7:13:03:32:61:4f:47:23:96:9c:7c:3d:
4f:24:e1:ff:a6:7f:79:16:c2:e1:0f:dd:f0:de:c7:
36:7b:b8:10:ab:85:57:02:a8:90:72:85:3b:84:41:
c5:b3:fd:41:35:6e:5c:13:3c:68:fd:58:87:e3:70:
e2:6c:8f:1e:9c:87:7d:cb:20:02:5a:0e:99:f9:eb:
b7:d3:3d:ed:37:a5:e0:76:9f:a8:27:c7:dc:9d:54:
86:eb:9f:1d:4f:83:ed:ef:ec:31:f3:f4:da:32:e8:
5e:46:c4:47:56:1c:20:93:57:37:d5:82:50:80:16:
54:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D7:4A:85:F8:BA:43:4E:F9:B5:A9:60:15:86:6D:6D:1F:5F:CD:7A
X509v3 Authority Key Identifier:
keyid:E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/YtdKhfi6Q075talgFYZtbR9fzXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.148.0-85.116.159.255
185.30.80.0/22
185.68.192.0/22
IPv6:
2a00:a2a0::/32
2a05:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:68:88:1a:4e:28:9a:6a:22:33:a8:32:d3:24:3b:27:56:a9:
b8:89:6d:39:da:6b:bb:f7:2f:61:04:6d:46:8d:73:9b:99:7d:
2b:30:a5:5a:2a:3e:81:29:3c:ff:7d:cb:8a:ae:bb:ee:f7:10:
b6:52:0d:7e:6b:c3:c6:34:39:1b:34:2a:94:18:c6:c4:57:c0:
e5:c5:a9:81:f2:79:9f:05:24:77:8a:14:e4:5f:d3:02:1b:35:
75:38:f2:1d:99:af:f8:d3:50:3f:08:7f:92:b7:bd:6a:10:cc:
3e:8a:1a:b9:ff:9d:85:9f:fa:9d:8e:75:ca:9b:9b:4b:ac:6a:
c9:fb:3a:4b:b1:f8:95:4d:f0:25:51:30:96:f0:e9:70:73:b8:
79:13:ff:fc:92:b7:28:fc:f1:27:e5:2b:6f:91:95:26:7a:3d:
32:b1:3f:e5:76:0b:e9:53:32:56:4e:3b:7c:f3:49:a0:9a:05:
77:10:b1:ed:27:90:39:4e:3a:43:58:ed:f2:d6:0a:3e:fb:15:
af:65:a4:6c:59:a5:af:e1:56:d0:5b:2b:b2:27:23:7c:e9:ee:
9e:90:78:d5:f5:b9:ac:fe:7d:23:bc:26:10:51:d8:1e:7c:df:
16:9d:95:87:ae:5b:f3:9e:f8:e7:52:e7:cd:a0:c2:db:5f:3d:
d2:79:74:91
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzDtoqm0QVWc31eC97KY8RjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGYyNjRmYTRhNGM5MGRjYjRhOTljY2NlYzUwYzU1MDhm
NDQ0OTgwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQ3NGE4NWY4YmE0MzRlZjliNWE5NjAxNTg2NmQ2ZDFmNWZjZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+byIlq4KuznQH/koD42OdaMW4pj
5vLgIT782FG/NELCsl8oXMoTN6vGHc6Fo3lkiZNh3wEERR/yV91JIw9szPdZzhRj
i6I9jlTLAlbiWhcMjzoAkSX6ecyBXv1+yPpEA0xMwXwDjo5gyP4YBXiuzOe15iR4
SxjPTCXyzqAJQtkOLr7yWJfANz/3EwMyYU9HI5acfD1PJOH/pn95FsLhD93w3sc2
e7gQq4VXAqiQcoU7hEHFs/1BNW5cEzxo/ViH43DibI8enId9yyACWg6Z+eu30z3t
N6Xgdp+oJ8fcnVSG658dT4Pt7+wx8/TaMuheRsRHVhwgk1c31YJQgBZUrwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGLXSoX4ukNO+bWpYBWGbW0fX816MB8GA1UdIwQY
MBaAFOFPJk+kpMkNy0qZzM7FDFUI9ESYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1Mjct
MTM5MDQzNzQ5YzQ4LzEvWXRkS2hmaTZRMDc1dGFsZ0ZZWnRiUjlmelhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1MjctMTM5MDQzNzQ5YzQ4
LzEvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaMAwDBAJVdJQD
BAVVdIADBAK5HlADBAK5RMAwFAQCAAIwDgMFACoAoqADBQMqBRDAMA0GCSqGSIb3
DQEBCwUAA4IBAQAeaIgaTiiaaiIzqDLTJDsnVqm4iW052mu79y9hBG1GjXObmX0r
MKVaKj6BKTz/fcuKrrvu9xC2Ug1+a8PGNDkbNCqUGMbEV8DlxamB8nmfBSR3ihTk
X9MCGzV1OPIdma/401A/CH+St71qEMw+ihq5/52Fn/qdjnXKm5tLrGrJ+zpLsfiV
TfAlUTCW8Olwc7h5E//8krco/PEn5StvkZUmej0ysT/ldgvpUzJWTjt880mgmgV3
ELHtJ5A5TjpDWO3y1go++xWvZaRsWaWv4VbQWyuyJyN86e6ekHjV9bms/n0jvCYQ
UdgefN8WnZWHrlvznvjnUufNoMLbXz3SeXSR
-----END CERTIFICATE-----
Generated at Thu Apr 4 20:08:13 2024 by rpki-client on console-ams.rpki-client.org