Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YRaWjyQw3O3bqUwNvaK1HkVYy7c.roa
File: YRaWjyQw3O3bqUwNvaK1HkVYy7c.roa (raw, json)
Hash identifier: rGNAdY2YS/JuisszpHg2Msbjr3QBBGJRfOSuaclTVfM=
Subject key identifier: 61:16:96:8F:24:30:DC:ED:DB:A9:4C:0D:BD:A2:B5:1E:45:58:CB:B7
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018EBDC0CB5C3C7628371B615E273CA66E49
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YRaWjyQw3O3bqUwNvaK1HkVYy7c.roa
Signing time: Mon 08 Apr 2024 12:48:32 +0000
ROA not before: Mon 08 Apr 2024 12:48:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25381
IP address blocks: 85.234.108.0/24 maxlen: 24
85.234.109.0/24 maxlen: 24
85.234.110.0/24 maxlen: 24
185.154.192.0/24 maxlen: 24
185.154.193.0/24 maxlen: 24
185.154.194.0/24 maxlen: 24
185.154.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 08:51:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:c0:cb:5c:3c:76:28:37:1b:61:5e:27:3c:a6:6e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Apr 8 12:48:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6116968f2430dceddba94c0dbda2b51e4558cbb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:42:fa:5e:53:08:cc:c3:97:13:e1:08:31:e9:
37:30:76:7f:30:52:c4:d1:9d:32:f4:a2:57:b6:bf:
9b:3c:e6:0e:27:b0:00:c5:68:ef:b6:c4:31:8a:99:
c4:43:29:25:2e:92:dc:5a:1c:f3:87:55:2d:70:0c:
53:dd:b6:b9:18:b1:59:89:a8:15:9c:56:2d:40:89:
38:d4:52:1e:52:a3:41:3d:00:85:3f:d8:8f:98:19:
14:be:79:a9:84:03:d5:94:7d:cf:05:b9:4c:b2:ee:
16:3d:d1:bd:d9:88:65:c4:04:d4:7e:03:25:29:c4:
57:da:ba:31:08:61:68:95:35:3d:f8:9c:9b:90:13:
f6:b0:76:f6:dd:54:48:40:57:7f:62:73:78:f8:f6:
1e:cf:ff:26:97:8e:4b:15:bb:cb:e0:6b:5d:50:33:
92:ec:76:e8:bb:19:94:17:ae:d1:c1:99:d8:21:a7:
df:fa:9b:8b:49:8d:88:0c:7b:12:11:bb:f3:90:8c:
fb:2b:eb:56:2c:83:f8:f0:c3:e7:f1:a5:d9:cb:50:
15:56:2d:98:03:97:4b:23:c8:6f:66:c4:98:64:f8:
7e:42:1a:c6:b5:f8:26:cc:65:b8:82:f6:a1:2c:4b:
ae:af:b1:81:a3:51:6f:9e:7b:c0:eb:6f:83:37:38:
aa:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:16:96:8F:24:30:DC:ED:DB:A9:4C:0D:BD:A2:B5:1E:45:58:CB:B7
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/YRaWjyQw3O3bqUwNvaK1HkVYy7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.108.0-85.234.110.255
185.154.192.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ca:ac:8b:a4:bb:b2:ca:c7:a6:97:97:73:61:bb:39:d4:fb:
8f:02:21:68:96:06:1b:82:64:9a:5a:1f:f8:c5:ac:38:9d:1a:
7d:cc:98:99:90:b7:e8:07:31:97:da:56:5e:81:de:ea:29:60:
c7:e0:fb:39:47:6e:e1:01:c0:e0:d6:82:cf:34:5e:0d:f1:da:
87:b1:ee:68:4f:77:04:93:d1:8d:98:d2:87:68:75:a7:1c:a2:
6e:71:1c:91:25:4f:ce:85:77:59:6c:fa:18:4e:5e:5c:85:d7:
5e:8f:55:e9:2e:cc:23:5a:e2:d1:03:8e:1e:3e:2a:7f:b0:1d:
9f:1d:b8:91:fd:bb:65:3a:62:68:ec:c8:00:b4:75:23:ca:60:
5a:a4:9c:c4:de:0c:0f:e8:da:1e:f6:7a:4c:73:c8:bf:29:be:
d3:78:37:cc:0e:93:95:7b:02:ff:bf:79:f3:67:36:dc:2d:f2:
ff:a7:86:0d:53:6e:33:8b:5e:a6:09:1f:0a:71:38:9f:fa:3e:
1e:ad:50:f9:08:18:f1:57:fc:39:94:8e:c3:39:14:82:8a:66:
f8:cb:04:32:ce:5e:e4:35:9e:70:03:25:2a:48:4e:f5:5c:19:
1c:8f:1a:14:97:b8:cd:0d:55:65:40:ef:fe:7d:18:27:b0:e8:
f0:33:bb:9b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY69wMtcPHYoNxthXic8pm5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjQwNDA4MTI0ODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE2OTY4ZjI0MzBkY2VkZGJhOTRjMGRiZGEyYjUxZTQ1NThjYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0L6XlMIzMOXE+EIMek3MHZ/MFLE
0Z0y9KJXtr+bPOYOJ7AAxWjvtsQxipnEQyklLpLcWhzzh1UtcAxT3ba5GLFZiagV
nFYtQIk41FIeUqNBPQCFP9iPmBkUvnmphAPVlH3PBblMsu4WPdG92YhlxATUfgMl
KcRX2roxCGFolTU9+JybkBP2sHb23VRIQFd/YnN4+PYez/8ml45LFbvL4GtdUDOS
7HbouxmUF67RwZnYIaff+puLSY2IDHsSEbvzkIz7K+tWLIP48MPn8aXZy1AVVi2Y
A5dLI8hvZsSYZPh+QhrGtfgmzGW4gvahLEuur7GBo1FvnnvA62+DNziqCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGEWlo8kMNzt26lMDb2itR5FWMu3MB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvWVJhV2p5UXczTzNicVV3TnZhSzFIa1ZZeTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJV6mwD
BABV6m4DBAK5msAwDQYJKoZIhvcNAQELBQADggEBAIjKrIuku7LKx6aXl3NhuznU
+48CIWiWBhuCZJpaH/jFrDidGn3MmJmQt+gHMZfaVl6B3uopYMfg+zlHbuEBwODW
gs80Xg3x2oex7mhPdwST0Y2Y0ododaccom5xHJElT86Fd1ls+hhOXlyF116PVeku
zCNa4tEDjh4+Kn+wHZ8duJH9u2U6YmjsyAC0dSPKYFqknMTeDA/o2h72ekxzyL8p
vtN4N8wOk5V7Av+/efNnNtwt8v+nhg1TbjOLXqYJHwpxOJ/6Ph6tUPkIGPFX/DmU
jsM5FIKKZvjLBDLOXuQ1nnADJSpITvVcGRyPGhSXuM0NVWVA7/59GCew6PAzu5s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org