Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ySkioYK9CZCdr1rfi2bhoYojvEk.roa
File: ySkioYK9CZCdr1rfi2bhoYojvEk.roa (raw, json)
Hash identifier: t0pGREn9IerkdJJkfECMc1gzyZ1Q8sx7/l1VRFM2ZfQ=
Subject key identifier: C9:29:22:A1:82:BD:09:90:9D:AF:5A:DF:8B:66:E1:A1:8A:23:BC:49
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018612DC40FB79C90A53A84CECE91B78F99E
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ySkioYK9CZCdr1rfi2bhoYojvEk.roa
Signing time: Thu 02 Feb 2023 16:01:09 +0000
ROA not before: Thu 02 Feb 2023 16:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Feb 2023 09:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:dc:40:fb:79:c9:0a:53:a8:4c:ec:e9:1b:78:f9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 16:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92922a182bd09909daf5adf8b66e1a18a23bc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b0:00:20:84:a0:f7:a8:62:b9:1d:b4:b8:9a:
93:47:cb:6c:73:79:28:b1:8c:19:2e:84:fc:e7:db:
07:06:5c:67:d6:32:0d:ae:5f:2e:f8:c0:ab:fa:0d:
e6:b4:95:06:2f:33:aa:32:0a:27:34:d2:b5:7f:cc:
cd:e0:6b:b9:5e:04:57:fc:a2:c7:96:d1:30:d0:ee:
b5:9c:8f:70:1a:f9:d3:b1:d3:46:57:38:de:ef:d1:
e0:92:e8:ea:c3:ac:e1:c1:e2:59:28:0a:ee:42:33:
9e:38:3f:a4:87:42:62:31:88:d7:b6:d1:9b:a6:bc:
0f:66:06:4d:2a:d9:32:36:58:0a:60:9f:3b:38:ee:
4f:72:f9:c7:51:54:ce:40:58:28:7a:0d:73:61:bb:
93:49:09:73:e3:7b:95:b7:17:74:c4:85:b6:ad:66:
11:a7:59:c2:4a:ba:57:02:36:3c:b9:6a:f1:eb:ef:
f5:d0:e7:0e:e5:4c:ba:68:5a:76:bf:78:15:6b:4c:
ee:94:10:e4:00:f2:96:ca:5b:3c:cb:2a:0a:07:13:
10:83:08:a8:19:17:67:ee:66:eb:e0:b1:ba:83:06:
87:fb:c0:72:65:d7:64:52:48:e8:2d:ea:e6:34:e3:
d2:0d:7e:a4:26:73:fe:40:8e:0d:6b:d9:24:33:b0:
e8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:29:22:A1:82:BD:09:90:9D:AF:5A:DF:8B:66:E1:A1:8A:23:BC:49
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ySkioYK9CZCdr1rfi2bhoYojvEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.82.0/23
81.200.154.0-81.200.157.255
185.166.196.0/23
194.31.173.0-194.31.174.255
Signature Algorithm: sha256WithRSAEncryption
5c:9c:8e:74:9d:a4:5b:c4:33:f3:6c:46:5e:5e:a2:fe:0b:a8:
03:c9:47:66:bc:a3:08:cc:f4:f9:72:ac:cd:bb:3c:50:e4:6f:
a6:87:41:37:19:b5:28:00:4c:ca:ff:6a:5f:ef:e4:99:38:31:
c2:ee:a7:94:b2:8f:66:89:68:93:ff:e6:80:36:83:06:ff:1f:
40:8d:33:92:15:c1:c0:0e:2a:bc:0e:0a:9a:60:f1:c8:76:ba:
96:f9:15:94:b0:3b:81:7f:2e:0d:46:b3:70:d4:db:c3:f9:07:
47:f0:ff:b5:99:a1:8f:3c:2a:52:63:c6:d2:44:89:25:aa:8e:
67:d3:e3:8f:28:eb:ce:25:a1:7f:60:a4:7d:ee:73:e2:1f:5c:
6b:fd:31:06:8d:37:bb:5f:40:d7:50:20:e7:9d:b9:d0:b9:7c:
3d:36:c1:99:e1:ec:b6:54:d3:e8:6f:77:a2:cd:fc:99:1e:77:
d7:ee:96:e0:62:1f:3f:79:ea:53:15:53:95:71:6e:37:e3:7c:
5a:0b:f0:df:ed:fb:c4:8b:e1:35:aa:0b:4d:41:98:3d:21:e8:
5c:5f:c0:54:6c:ac:25:78:16:c3:22:65:eb:f9:ad:8f:1a:57:
a8:d1:19:4f:5c:fa:3e:b7:d6:67:82:ba:e1:e7:1b:4c:df:d1:
c4:2c:15:62
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYYS3ED7eckKU6hM7OkbePmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAyMTYwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTI5MjJhMTgyYmQwOTkwOWRhZjVhZGY4YjY2ZTFhMThhMjNiYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbAAIISg96hiuR20uJqTR8tsc3ko
sYwZLoT859sHBlxn1jINrl8u+MCr+g3mtJUGLzOqMgonNNK1f8zN4Gu5XgRX/KLH
ltEw0O61nI9wGvnTsdNGVzje79Hgkujqw6zhweJZKAruQjOeOD+kh0JiMYjXttGb
prwPZgZNKtkyNlgKYJ87OO5PcvnHUVTOQFgoeg1zYbuTSQlz43uVtxd0xIW2rWYR
p1nCSrpXAjY8uWrx6+/10OcO5Uy6aFp2v3gVa0zulBDkAPKWyls8yyoKBxMQgwio
GRdn7mbr4LG6gwaH+8ByZddkUkjoLermNOPSDX6kJnP+QI4Na9kkM7DopQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMkpIqGCvQmQna9a34tm4aGKI7xJMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEveVNraW9ZSzlDWkNkcjFyZmkyYmhvWW9qdkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBJdxSMAwD
BAFRyJoDBAFRyJwDBAG5psQwDAMEAMIfrQMEAMIfrjANBgkqhkiG9w0BAQsFAAOC
AQEAXJyOdJ2kW8Qz82xGXl6i/guoA8lHZryjCMz0+XKszbs8UORvpodBNxm1KABM
yv9qX+/kmTgxwu6nlLKPZolok//mgDaDBv8fQI0zkhXBwA4qvA4KmmDxyHa6lvkV
lLA7gX8uDUazcNTbw/kHR/D/tZmhjzwqUmPG0kSJJaqOZ9PjjyjrziWhf2Ckfe5z
4h9ca/0xBo03u19A11Ag55250Ll8PTbBmeHstlTT6G93os38mR531+6W4GIfP3nq
UxVTlXFuN+N8Wgvw3+37xIvhNaoLTUGYPSHoXF/AVGysJXgWwyJl6/mtjxpXqNEZ
T1z6PrfWZ4K64ecbTN/RxCwVYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org