Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/YKfY56KsATlu-oDSCRssVEelQG4.roa
File: YKfY56KsATlu-oDSCRssVEelQG4.roa (raw, json)
Hash identifier: YBvLSSuws0fd8xb5zDOjDSEqfBL05J3nFFmszZF56FA=
Subject key identifier: 60:A7:D8:E7:A2:AC:01:39:6E:FA:80:D2:09:1B:2C:54:47:A5:40:6E
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 018697F95816FD84A2DBE891840B9AF65ECA
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/YKfY56KsATlu-oDSCRssVEelQG4.roa
Signing time: Tue 28 Feb 2023 12:22:25 +0000
ROA not before: Tue 28 Feb 2023 12:22:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205694
IP address blocks: 185.208.186.0/24 maxlen: 24
185.208.186.0/23 maxlen: 23
185.208.184.0/22 maxlen: 22
185.208.185.0/24 maxlen: 24
185.208.184.0/23 maxlen: 23
185.208.184.0/24 maxlen: 24
185.208.187.0/24 maxlen: 24
185.160.152.0/24 maxlen: 24
185.160.152.0/23 maxlen: 23
185.160.155.0/24 maxlen: 24
185.160.154.0/23 maxlen: 23
185.160.154.0/24 maxlen: 24
185.160.153.0/24 maxlen: 24
2a07:c2c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:f9:58:16:fd:84:a2:db:e8:91:84:0b:9a:f6:5e:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Feb 28 12:22:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60a7d8e7a2ac01396efa80d2091b2c5447a5406e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:17:8e:b5:10:36:63:8a:85:ca:ef:11:14:
51:cc:c5:41:35:7c:3a:15:55:c7:32:0f:55:7e:b1:
61:e6:46:f9:f5:78:d6:6b:98:e4:c9:c8:c2:38:9b:
1f:69:b5:64:94:36:be:4c:47:b2:01:dd:f5:a7:7c:
88:57:4d:02:bf:99:b9:9d:c9:fb:82:53:50:75:06:
28:4f:82:d3:71:ec:dd:15:9d:cf:de:2d:cf:74:d4:
36:fd:9d:bd:50:53:11:c4:c7:4d:0c:80:f3:66:ce:
ed:cd:e9:75:ac:58:46:28:8d:b8:39:fe:ba:da:ad:
ed:f8:ba:d9:f8:51:7c:61:62:f6:8d:c9:22:b7:ae:
bc:15:a8:3a:0a:65:58:f7:63:c9:45:cc:29:44:50:
20:66:4b:87:df:4d:96:ff:7d:f4:c5:3a:6d:15:59:
a1:dd:15:ea:0a:1a:f7:29:77:b9:c0:17:79:f1:50:
60:74:e9:01:07:c7:ca:96:30:b7:d2:36:d7:10:a4:
cd:81:15:3c:c0:7e:43:34:99:75:6e:83:cb:2b:8b:
f2:8e:09:7d:0d:6c:26:97:57:74:14:50:88:9d:f3:
09:45:e4:51:58:ff:8d:29:a7:9d:9f:1c:46:49:f4:
e5:25:52:c5:67:38:9d:2b:40:c6:21:a9:d2:49:c9:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A7:D8:E7:A2:AC:01:39:6E:FA:80:D2:09:1B:2C:54:47:A5:40:6E
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/YKfY56KsATlu-oDSCRssVEelQG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.152.0/22
185.208.184.0/22
IPv6:
2a07:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:9b:3d:7d:ea:c9:de:69:fb:2c:c2:4c:3d:ef:5b:20:f7:43:
b0:7e:68:01:7a:b0:10:e5:11:c8:c7:95:5d:42:a3:90:c7:45:
33:dd:23:49:91:0a:b5:e0:89:6e:0a:9f:de:59:77:46:07:44:
10:c6:5c:5d:9a:45:25:f6:04:64:04:7f:32:69:9f:c9:da:8b:
d9:17:0a:3f:8a:76:cd:74:f0:b9:2c:1a:08:3b:d6:ff:da:b0:
26:dc:39:e5:e6:5d:b4:99:ee:4f:27:af:45:05:a4:f9:7b:4a:
4b:44:c4:f9:61:d5:fa:39:83:a6:a1:06:ad:49:9b:36:ea:fd:
c8:57:5e:66:77:cf:e0:dd:ad:24:5e:13:54:0f:5e:ca:0e:9a:
64:8e:6e:f2:28:53:06:45:82:a5:44:9b:2e:66:91:1f:4b:b9:
44:50:ef:e6:03:89:3f:f8:8f:2f:0e:e9:ea:19:89:10:2d:4a:
41:ce:7a:65:0f:35:97:27:95:f7:55:fe:46:46:36:d9:ca:d1:
97:4c:8d:55:00:f5:82:ef:f9:ea:b5:be:31:59:b5:9e:b6:1d:
c5:a0:c0:06:00:1a:1d:4b:2c:8d:2a:c6:49:de:fa:a5:2c:2e:
a8:6d:dc:82:d0:01:a3:16:b7:04:a3:ab:10:5c:c3:e0:85:8e:
c4:43:e3:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYaX+VgW/YSi2+iRhAua9l7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODFkMGM0MDk1MWE0ZjkwMGU0ZDlkZDljMjBlNDg1NjM1
MDkyMGUwHhcNMjMwMjI4MTIyMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGE3ZDhlN2EyYWMwMTM5NmVmYTgwZDIwOTFiMmM1NDQ3YTU0MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWoXjrUQNmOKhcrvERRRzMVBNXw6
FVXHMg9VfrFh5kb59XjWa5jkycjCOJsfabVklDa+TEeyAd31p3yIV00Cv5m5ncn7
glNQdQYoT4LTcezdFZ3P3i3PdNQ2/Z29UFMRxMdNDIDzZs7tzel1rFhGKI24Of66
2q3t+LrZ+FF8YWL2jckit668Fag6CmVY92PJRcwpRFAgZkuH302W/330xTptFVmh
3RXqChr3KXe5wBd58VBgdOkBB8fKljC30jbXEKTNgRU8wH5DNJl1boPLK4vyjgl9
DWwml1d0FFCInfMJReRRWP+NKaednxxGSfTlJVLFZzidK0DGIanSScku3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGCn2OeirAE5bvqA0gkbLFRHpUBuMB8GA1UdIwQY
MBaAFNGB0MQJUaT5AOTZ3Zwg5IVjUJIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEt
Mzg4YjgxYzBjOTBjLzEvWUtmWTU2S3NBVGx1LW9EU0NSc3NWRWVsUUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hOWQ3OWUtYjI4Mi00M2MxLThiOGEtMzg4YjgxYzBjOTBj
LzEvMFlIUXhBbFJwUGtBNU5uZG5DRGtoV05Ra2c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuaCYAwQC
udC4MA0EAgACMAcDBQMqB8LAMA0GCSqGSIb3DQEBCwUAA4IBAQCfmz196sneafss
wkw971sg90OwfmgBerAQ5RHIx5VdQqOQx0Uz3SNJkQq14IluCp/eWXdGB0QQxlxd
mkUl9gRkBH8yaZ/J2ovZFwo/inbNdPC5LBoIO9b/2rAm3Dnl5l20me5PJ69FBaT5
e0pLRMT5YdX6OYOmoQatSZs26v3IV15md8/g3a0kXhNUD17KDppkjm7yKFMGRYKl
RJsuZpEfS7lEUO/mA4k/+I8vDunqGYkQLUpBznplDzWXJ5X3Vf5GRjbZytGXTI1V
APWC7/nqtb4xWbWeth3FoMAGABodSyyNKsZJ3vqlLC6obdyC0AGjFrcEo6sQXMPg
hY7EQ+NV
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:29 2024 by rpki-client on console-fra.rpki-client.org