Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/y6Dpzantet4YUOwtKy_bDHpFIoA.roa
File: y6Dpzantet4YUOwtKy_bDHpFIoA.roa (raw, json)
Hash identifier: Vtk4TSQzBNMEv5hFoeXbba7STODl8hzdluH3DRG63WA=
Subject key identifier: CB:A0:E9:CD:A9:ED:7A:DE:18:50:EC:2D:2B:2F:DB:0C:7A:45:22:80
Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial: 018CC348FE039A6D2ABA50E608B889B16426
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/y6Dpzantet4YUOwtKy_bDHpFIoA.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41872
IP address blocks: 185.161.20.0/22 maxlen: 22
94.198.248.0/21 maxlen: 22
94.100.144.0/20 maxlen: 20
37.209.176.0/20 maxlen: 20
37.110.200.0/21 maxlen: 24
212.35.0.0/19 maxlen: 19
91.190.0.0/19 maxlen: 19
81.92.96.0/20 maxlen: 20
2a02:6500::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 11 Feb 2024 18:05:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fe:03:9a:6d:2a:ba:50:e6:08:b8:89:b1:64:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cba0e9cda9ed7ade1850ec2d2b2fdb0c7a452280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:f4:7a:7d:95:e0:7f:ba:16:f8:45:cc:aa:
35:3a:cc:9e:aa:42:50:74:89:5d:ee:e6:5f:24:99:
40:30:eb:c7:35:df:8c:12:13:a8:6d:f6:ae:4b:fa:
c9:99:f7:3a:c4:93:fc:41:a5:b4:d1:02:1c:56:13:
b2:eb:89:49:aa:01:83:84:05:bb:97:ad:b6:4d:ab:
31:81:23:8e:2e:ff:21:ca:ee:73:19:a5:d7:e5:3a:
b6:90:bd:2d:bc:b1:6c:c9:db:4b:5e:b1:a3:53:ae:
b0:4b:63:da:22:7c:d7:60:c8:47:99:66:4e:6d:a4:
6b:53:7f:71:17:7d:1b:91:3b:6d:2e:1d:11:95:2e:
6f:98:31:14:0a:79:44:96:1d:52:3d:93:7b:84:a3:
ef:3d:02:99:a4:fc:e0:84:c0:4e:94:0c:e3:a0:87:
4b:d5:29:f7:29:5d:1f:82:70:d4:9a:8a:fb:05:80:
3b:42:4d:93:4e:cd:5c:fc:c8:de:6f:66:af:6e:b8:
6b:39:0c:01:0e:fd:bc:9a:d0:2a:5c:e1:6e:38:9d:
f9:3f:b7:52:7b:e5:b4:da:3a:f0:72:36:15:e8:b6:
10:2e:12:f9:6e:59:8a:30:ec:02:2f:63:88:da:a1:
02:40:c2:2f:f9:76:39:95:01:f6:a3:6b:27:60:51:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A0:E9:CD:A9:ED:7A:DE:18:50:EC:2D:2B:2F:DB:0C:7A:45:22:80
X509v3 Authority Key Identifier:
keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/y6Dpzantet4YUOwtKy_bDHpFIoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.110.200.0/21
37.209.176.0/20
81.92.96.0/20
91.190.0.0/19
94.100.144.0/20
94.198.248.0/21
185.161.20.0/22
212.35.0.0/19
IPv6:
2a02:6500::/32
Signature Algorithm: sha256WithRSAEncryption
10:95:d0:3e:b6:f8:5d:fd:98:40:3c:bf:48:e1:59:12:bd:b6:
22:a6:07:33:a6:da:cf:25:83:cf:6d:2c:7d:bf:82:7b:9d:f0:
29:44:d6:94:c6:22:95:af:0f:17:4f:5c:09:38:78:46:9e:92:
e3:34:31:4b:d9:cd:4b:55:d2:b4:bd:44:1b:67:05:39:6d:94:
16:7d:5b:ec:a9:a2:8a:2c:80:6d:15:b5:c8:b2:c2:bb:13:db:
60:dd:4e:cb:04:f5:31:3c:d0:7c:5b:a2:fa:6f:a1:e8:1c:dd:
59:10:88:6b:b3:bb:1b:1a:e2:99:a0:fb:19:0e:2d:2c:a2:a9:
78:ac:0f:c1:76:65:dc:f0:d1:4b:6d:a8:9f:6d:cc:df:61:4d:
c2:20:c9:e2:03:83:dd:c4:4f:05:57:fc:e6:07:97:77:b9:02:
a8:6e:13:b2:85:2e:2a:49:d1:4b:d3:ab:3e:c8:9b:a4:6a:b6:
e1:60:d9:51:30:a5:e1:45:b3:69:9d:56:33:12:86:4c:06:ab:
e3:7d:d2:8d:ec:6f:aa:75:4f:08:77:e5:e5:2f:47:d0:44:89:
6f:76:3b:86:8c:6a:7d:55:7b:ee:a4:fc:39:a1:79:03:a2:6f:
97:41:8d:36:68:47:48:a6:f1:63:83:c8:54:45:34:ea:08:a2:
c9:88:83:52
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzDSP4Dmm0qulDmCLiJsWQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmY5MzUwNTdjM2JkYmFkYmRmNDlmMzQzNTYyYzVlMzAw
MTYwNDQwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmEwZTljZGE5ZWQ3YWRlMTg1MGVjMmQyYjJmZGIwYzdhNDUyMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGX0en2V4H+6FvhFzKo1OsyeqkJQ
dIld7uZfJJlAMOvHNd+MEhOobfauS/rJmfc6xJP8QaW00QIcVhOy64lJqgGDhAW7
l622TasxgSOOLv8hyu5zGaXX5Tq2kL0tvLFsydtLXrGjU66wS2PaInzXYMhHmWZO
baRrU39xF30bkTttLh0RlS5vmDEUCnlElh1SPZN7hKPvPQKZpPzghMBOlAzjoIdL
1Sn3KV0fgnDUmor7BYA7Qk2TTs1c/Mjeb2avbrhrOQwBDv28mtAqXOFuOJ35P7dS
e+W02jrwcjYV6LYQLhL5blmKMOwCL2OI2qECQMIv+XY5lQH2o2snYFGr3wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFMug6c2p7XreGFDsLSsv2wx6RSKAMB8GA1UdIwQY
MBaAFMT/k1BXw726299J80NWLF4wAWBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYt
MTdlMWEyNTY5NTY4LzEveTZEcHphbnRldDRZVU93dEt5X2JESHBGSW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYjA1OWEtMzI1ZC00Mzg1LTgxMWYtMTdlMWEyNTY5NTY4
LzEveFAtVFVGZkR2YnJiMzBuelExWXNYakFCWUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJW7IAwQE
JdGwAwQEUVxgAwQFW74AAwQEXmSQAwQDXsb4AwQCuaEUAwQF1CMAMA0EAgACMAcD
BQAqAmUAMA0GCSqGSIb3DQEBCwUAA4IBAQAQldA+tvhd/ZhAPL9I4VkSvbYipgcz
ptrPJYPPbSx9v4J7nfApRNaUxiKVrw8XT1wJOHhGnpLjNDFL2c1LVdK0vUQbZwU5
bZQWfVvsqaKKLIBtFbXIssK7E9tg3U7LBPUxPNB8W6L6b6HoHN1ZEIhrs7sbGuKZ
oPsZDi0soql4rA/BdmXc8NFLbaifbczfYU3CIMniA4PdxE8FV/zmB5d3uQKobhOy
hS4qSdFL06s+yJukarbhYNlRMKXhRbNpnVYzEoZMBqvjfdKN7G+qdU8Id+XlL0fQ
RIlvdjuGjGp9VXvupPw5oXkDom+XQY02aEdIpvFjg8hURTTqCKLJiINS
-----END CERTIFICATE-----
Generated at Sun Feb 11 19:07:07 2024 by rpki-client on console-fra.rpki-client.org