Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/lYVA4mifdVm_ILaid0y2bUpmr20.roa
File: lYVA4mifdVm_ILaid0y2bUpmr20.roa (raw, json)
Hash identifier: ZzeKtJJNn0BTnvmPF2dn/6XTDU3qm1YI9DGxRraP5Hw=
Subject key identifier: 95:85:40:E2:68:9F:75:59:BF:20:B6:A2:77:4C:B6:6D:4A:66:AF:6D
Certificate issuer: /CN=c3ab8f44fc356096b8e656fc8739871ec00d1f12
Certificate serial: 018CC3489738D51F994A99E0F0CA94C72480
Authority key identifier: C3:AB:8F:44:FC:35:60:96:B8:E6:56:FC:87:39:87:1E:C0:0D:1F:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6uPRPw1YJa45lb8hzmHHsANHxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/lYVA4mifdVm_ILaid0y2bUpmr20.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 185.155.64.0/24 maxlen: 24
185.155.67.0/24 maxlen: 24
176.98.223.0/24 maxlen: 24
176.98.220.0/24 maxlen: 24
185.187.183.0/24 maxlen: 24
185.187.182.0/24 maxlen: 24
185.187.181.0/24 maxlen: 24
185.187.180.0/24 maxlen: 24
2a0d:59c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 22 May 2024 11:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:97:38:d5:1f:99:4a:99:e0:f0:ca:94:c7:24:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3ab8f44fc356096b8e656fc8739871ec00d1f12
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=958540e2689f7559bf20b6a2774cb66d4a66af6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:09:29:1c:8b:7e:8d:a1:23:1b:a1:ab:0b:e2:
aa:a7:73:ec:b2:da:bb:06:ce:17:35:cb:62:ab:5f:
f2:76:80:96:05:44:0a:2e:08:af:28:3c:32:ad:72:
a2:5c:e5:99:5a:78:d3:cc:4f:72:a4:4f:08:f5:8a:
af:22:c7:a1:d1:8f:d9:e3:34:7a:f7:d9:1c:22:7e:
3c:d4:50:e1:45:82:4b:87:22:62:47:5f:c8:c6:66:
e6:49:34:b0:ed:bc:40:d7:f1:15:03:b2:55:42:66:
9e:da:d2:4a:92:bd:8d:07:cc:e3:16:d1:7f:63:c7:
7b:ff:67:30:b7:7d:bf:7f:d7:51:be:9e:b6:08:b0:
33:db:2c:e5:43:97:77:85:5a:3d:4c:6b:9d:25:0c:
38:d9:4f:3c:04:22:84:fd:87:2e:f5:a7:5d:db:69:
6a:53:22:87:d2:98:31:2e:9b:ac:f7:e8:5c:1f:64:
b3:9c:e3:8a:ce:aa:c0:23:82:40:58:4b:68:a8:fc:
d7:a1:24:36:46:f5:50:21:8e:f8:e3:7e:17:27:5d:
ca:d8:ae:ed:77:b5:f0:8b:4f:df:f7:5b:7a:61:d5:
88:a4:1a:f4:04:0a:90:bf:78:b9:ab:93:3b:31:97:
83:7d:06:dc:07:7e:17:1f:96:28:ca:87:31:7c:5d:
ca:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:85:40:E2:68:9F:75:59:BF:20:B6:A2:77:4C:B6:6D:4A:66:AF:6D
X509v3 Authority Key Identifier:
keyid:C3:AB:8F:44:FC:35:60:96:B8:E6:56:FC:87:39:87:1E:C0:0D:1F:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6uPRPw1YJa45lb8hzmHHsANHxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/lYVA4mifdVm_ILaid0y2bUpmr20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6e74e6-2603-4711-ace1-75ae1e6d9c31/1/w6uPRPw1YJa45lb8hzmHHsANHxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.220.0/24
176.98.223.0/24
185.155.64.0/24
185.155.67.0/24
185.187.180.0/22
IPv6:
2a0d:59c7::/32
Signature Algorithm: sha256WithRSAEncryption
8f:a7:75:49:74:a7:cf:47:fc:79:af:ce:ce:f5:de:39:54:e4:
ae:f0:76:ae:24:47:28:fd:1f:e2:c2:4e:20:c0:8a:68:e0:67:
0c:f2:7f:0c:35:c8:82:39:c0:f3:a9:7c:84:bb:de:92:70:30:
83:61:58:b2:40:a6:bb:8a:16:13:d6:34:78:27:d4:1d:a6:fc:
ba:71:af:51:39:4b:bb:6f:5e:6e:bc:76:2b:13:9c:e6:b2:5c:
c5:28:c6:f6:54:a1:50:a1:a6:e5:21:3b:1c:db:18:eb:10:56:
3a:de:05:b7:0b:90:df:26:e3:5f:0c:2f:16:26:4d:5f:f8:d5:
38:4e:ee:de:7f:36:9e:e3:52:86:ba:0c:18:99:1c:05:6f:39:
4c:6e:ca:f8:0d:74:95:da:1a:95:f2:da:fe:65:dd:44:d5:d3:
77:f5:d1:eb:ae:2e:b3:7f:ba:e2:5f:98:2a:26:7b:47:2e:c8:
96:2e:a4:82:d1:c8:10:64:c5:4b:7a:34:91:d7:45:f9:b1:a2:
49:95:45:6b:1f:a0:b4:cf:c7:a6:d4:9a:3f:fe:77:5b:5b:bb:
25:9c:8c:1a:8b:37:db:f7:6f:91:a9:0f:69:d9:9a:a8:c7:1b:
bb:b9:0f:6a:1e:eb:ef:bb:88:f8:97:ef:f2:41:0f:e4:da:49:
1d:d3:bd:e6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDSJc41R+ZSpng8MqUxySAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWI4ZjQ0ZmMzNTYwOTZiOGU2NTZmYzg3Mzk4NzFlYzAw
ZDFmMTIwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg1NDBlMjY4OWY3NTU5YmYyMGI2YTI3NzRjYjY2ZDRhNjZhZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgkpHIt+jaEjG6GrC+Kqp3Psstq7
Bs4XNctiq1/ydoCWBUQKLgivKDwyrXKiXOWZWnjTzE9ypE8I9YqvIseh0Y/Z4zR6
99kcIn481FDhRYJLhyJiR1/IxmbmSTSw7bxA1/EVA7JVQmae2tJKkr2NB8zjFtF/
Y8d7/2cwt32/f9dRvp62CLAz2yzlQ5d3hVo9TGudJQw42U88BCKE/Ycu9add22lq
UyKH0pgxLpus9+hcH2SznOOKzqrAI4JAWEtoqPzXoSQ2RvVQIY74434XJ13K2K7t
d7Xwi0/f91t6YdWIpBr0BAqQv3i5q5M7MZeDfQbcB34XH5YoyocxfF3KlQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJWFQOJon3VZvyC2ondMtm1KZq9tMB8GA1UdIwQY
MBaAFMOrj0T8NWCWuOZW/Ic5hx7ADR8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ1UFJQdzFZSmE0NWxiOGh6bUhIc0FOSHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZTc0ZTYtMjYwMy00NzExLWFjZTEt
NzVhZTFlNmQ5YzMxLzEvbFlWQTRtaWZkVm1fSUxhaWQweTJiVXBtcjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZTc0ZTYtMjYwMy00NzExLWFjZTEtNzVhZTFlNmQ5YzMx
LzEvdzZ1UFJQdzFZSmE0NWxiOGh6bUhIc0FOSHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAsGLcAwQA
sGLfAwQAuZtAAwQAuZtDAwQCubu0MA0EAgACMAcDBQAqDVnHMA0GCSqGSIb3DQEB
CwUAA4IBAQCPp3VJdKfPR/x5r87O9d45VOSu8HauJEco/R/iwk4gwIpo4GcM8n8M
NciCOcDzqXyEu96ScDCDYViyQKa7ihYT1jR4J9Qdpvy6ca9ROUu7b15uvHYrE5zm
slzFKMb2VKFQoablITsc2xjrEFY63gW3C5DfJuNfDC8WJk1f+NU4Tu7efzae41KG
ugwYmRwFbzlMbsr4DXSV2hqV8tr+Zd1E1dN39dHrri6zf7riX5gqJntHLsiWLqSC
0cgQZMVLejSR10X5saJJlUVrH6C0z8em1Jo//ndbW7slnIwaizfb92+RqQ9p2Zqo
xxu7uQ9qHuvvu4j4l+/yQQ/k2kkd073m
-----END CERTIFICATE-----
Generated at Wed May 22 15:21:16 2024 by rpki-client on console-ams.rpki-client.org