Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YLVI_9O4whvxtrT69nx0SIk2qA8.roa
File: YLVI_9O4whvxtrT69nx0SIk2qA8.roa (raw, json)
Hash identifier: 9FtROQA17YzE/yjPEijwXH4VTNJsfAGwJISrMlyoz1E=
Subject key identifier: 60:B5:48:FF:D3:B8:C2:1B:F1:B6:B4:FA:F6:7C:74:48:89:36:A8:0F
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018572CCB4FEB5DBF0C4550FFE45726839DC
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YLVI_9O4whvxtrT69nx0SIk2qA8.roa
Signing time: Mon 02 Jan 2023 14:04:56 +0000
ROA not before: Mon 02 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25381
IP address blocks: 185.154.192.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
85.234.108.0/24 maxlen: 24
85.234.107.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
85.234.109.0/24 maxlen: 24
85.234.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 03:09:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b4:fe:b5:db:f0:c4:55:0f:fe:45:72:68:39:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 2 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60b548ffd3b8c21bf1b6b4faf67c74488936a80f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:57:18:c6:bc:c5:f4:c6:c0:f0:e6:89:31:80:
81:f6:74:a6:98:a9:09:6d:17:a8:ae:4e:ea:d6:16:
bd:09:c7:98:e1:75:21:2c:b0:cd:f3:09:f7:38:33:
8d:83:1b:44:a0:e1:fe:f3:37:61:6d:15:ba:b8:28:
18:df:08:14:d0:c7:fc:08:fc:25:6d:2f:42:d6:9c:
67:d4:d6:70:45:0b:d5:59:a4:3e:28:8c:e8:39:7a:
05:6a:78:ab:e7:e0:30:e6:1d:a8:86:df:5f:a5:b3:
0c:f6:3c:82:73:94:e5:e0:2f:7d:70:c4:35:46:0d:
9f:65:84:5b:9f:15:c2:08:e9:5d:17:c9:72:cb:76:
10:a5:63:ca:1d:3a:08:4c:a5:e8:16:52:c5:02:b1:
87:ec:43:17:0d:97:b5:f2:d0:c3:5e:f2:26:2e:39:
d8:b9:98:18:3c:ae:9b:48:b0:fd:ba:c5:3b:ab:e7:
00:5c:dc:cc:13:b9:b1:e7:d8:12:19:67:2b:fb:cf:
f7:e5:a7:76:54:d4:bf:4e:06:d2:10:09:94:a6:64:
a8:f2:ef:8b:e0:1e:6d:68:f5:b4:0a:54:ad:b7:0a:
7f:dc:7c:3f:17:bd:45:6f:da:e4:f9:a1:8e:34:f7:
b4:e8:8d:bd:1e:fb:bd:a4:32:7c:06:bb:96:4c:98:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B5:48:FF:D3:B8:C2:1B:F1:B6:B4:FA:F6:7C:74:48:89:36:A8:0F
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YLVI_9O4whvxtrT69nx0SIk2qA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.106.0-85.234.110.255
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
10:c5:24:58:67:0b:27:bd:56:3e:c6:88:b9:5c:1d:34:cd:b1:
fe:7a:30:dd:04:f9:d8:19:3f:aa:10:0b:d1:ed:37:da:b4:d6:
91:17:a1:85:d3:a1:80:bb:da:7b:f6:15:1d:1d:24:c8:42:8e:
47:55:a9:24:c4:1f:10:23:d2:e3:c3:52:1c:43:c6:26:54:9f:
c1:47:f4:b5:4f:09:0b:e7:34:d0:bf:70:6a:1f:83:6e:2d:a0:
c0:d5:df:3b:7a:d1:54:6b:b0:64:9d:77:61:9e:cf:4a:c5:d5:
9f:e6:ec:5f:0f:75:a5:67:88:19:e6:f4:eb:48:13:ad:1e:2c:
ba:ca:09:7e:f7:f8:52:2b:f5:f2:e0:81:3f:a0:14:67:44:ef:
6e:2e:9f:41:5e:46:57:4f:b7:c0:03:29:68:0f:8f:f3:bd:5a:
59:05:38:f7:96:23:44:7a:57:5b:94:4b:eb:9f:53:8a:9e:88:
c2:cf:b4:b1:d2:5f:83:c4:7d:29:4e:68:e4:0b:12:40:a4:18:
36:d9:0d:40:05:93:5a:7f:72:5a:55:c8:d1:0a:07:19:6e:56:
fa:ca:72:47:d5:76:a2:69:62:92:02:90:95:14:e2:d6:a8:73:
1c:4d:81:40:38:e3:1e:92:c4:85:cc:ec:4c:7e:68:2b:f0:b7:
a3:f9:9c:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyzLT+tdvwxFUP/kVyaDncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI1NDhmZmQzYjhjMjFiZjFiNmI0ZmFmNjdjNzQ0ODg5MzZhODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFcYxrzF9MbA8OaJMYCB9nSmmKkJ
bReork7q1ha9CceY4XUhLLDN8wn3ODONgxtEoOH+8zdhbRW6uCgY3wgU0Mf8CPwl
bS9C1pxn1NZwRQvVWaQ+KIzoOXoFanir5+Aw5h2oht9fpbMM9jyCc5Tl4C99cMQ1
Rg2fZYRbnxXCCOldF8lyy3YQpWPKHToITKXoFlLFArGH7EMXDZe18tDDXvImLjnY
uZgYPK6bSLD9usU7q+cAXNzME7mx59gSGWcr+8/35ad2VNS/TgbSEAmUpmSo8u+L
4B5taPW0ClSttwp/3Hw/F71Fb9rk+aGONPe06I29Hvu9pDJ8BruWTJi11QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGC1SP/TuMIb8ba0+vZ8dEiJNqgPMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvWUxWSV85TzR3aHZ4dHJUNjlueDBTSWsycUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFV6moD
BABV6m4DBAK5msAwDQYJKoZIhvcNAQELBQADggEBABDFJFhnCye9Vj7GiLlcHTTN
sf56MN0E+dgZP6oQC9HtN9q01pEXoYXToYC72nv2FR0dJMhCjkdVqSTEHxAj0uPD
UhxDxiZUn8FH9LVPCQvnNNC/cGofg24toMDV3zt60VRrsGSdd2Gez0rF1Z/m7F8P
daVniBnm9OtIE60eLLrKCX73+FIr9fLggT+gFGdE724un0FeRldPt8ADKWgPj/O9
WlkFOPeWI0R6V1uUS+ufU4qeiMLPtLHSX4PEfSlOaOQLEkCkGDbZDUAFk1p/clpV
yNEKBxluVvrKckfVdqJpYpICkJUU4taocxxNgUA44x6SxIXM7Ex+aCvwt6P5nHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org