Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y-lnyWqGrzmRaKAN0ovlYYXFbBo.roa
File: y-lnyWqGrzmRaKAN0ovlYYXFbBo.roa (raw, json)
Hash identifier: 2KB5I44IN2JewRTn3YwhdpE4OQwhhgE4u2YkSk0J98o=
Subject key identifier: CB:E9:67:C9:6A:86:AF:39:91:68:A0:0D:D2:8B:E5:61:85:C5:6C:1A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018AA9558B33E3260930F11E2C249C7B60CD
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y-lnyWqGrzmRaKAN0ovlYYXFbBo.roa
Signing time: Mon 18 Sep 2023 17:27:50 +0000
ROA not before: Mon 18 Sep 2023 17:27:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.185.0/24 maxlen: 24
45.8.184.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
5.180.234.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a9:55:8b:33:e3:26:09:30:f1:1e:2c:24:9c:7b:60:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 18 17:27:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbe967c96a86af399168a00dd28be56185c56c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:a0:d7:32:e6:ba:6c:45:98:dc:10:a4:59:
d6:93:15:78:e5:59:4e:bc:63:04:42:14:d8:d2:ff:
d1:5f:d2:c8:1a:90:32:d8:ce:d6:65:23:45:29:57:
73:e4:b0:0c:0b:12:df:6b:92:b3:d0:f5:71:39:83:
ca:19:15:04:17:f5:44:1c:17:ef:e2:2d:64:e2:18:
2d:be:62:0f:01:fd:89:2f:ee:c5:52:5d:e7:bb:13:
8f:02:0f:be:ff:64:41:34:a3:2c:21:58:50:ae:ad:
27:66:fe:11:32:1b:c1:c0:dc:75:d5:05:08:77:66:
08:da:c4:74:d5:64:31:d3:38:58:98:07:75:71:50:
3b:fb:8f:d4:68:bc:59:ab:fd:b3:c1:4a:de:26:c3:
50:1a:14:a0:b5:8b:79:27:36:17:a2:0e:ff:2c:96:
47:89:09:3f:78:bc:b6:be:ae:bc:ed:4c:75:e8:98:
72:90:d3:86:35:96:d9:38:64:d8:c2:2f:61:7b:39:
af:f7:b1:bd:0b:24:d7:62:bd:34:69:1b:7a:b5:c6:
68:35:69:e0:c8:2e:17:0c:d4:58:69:56:d1:32:29:
73:f7:03:ab:64:71:9f:86:1b:20:40:22:c8:11:8e:
54:4f:07:df:f2:cc:64:da:44:12:84:59:e0:9e:53:
33:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E9:67:C9:6A:86:AF:39:91:68:A0:0D:D2:8B:E5:61:85:C5:6C:1A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/y-lnyWqGrzmRaKAN0ovlYYXFbBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/24
5.180.50.0/23
5.180.80.0/24
5.180.234.0/23
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.184.0/23
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:5c:b1:93:2d:21:ae:ed:dc:b2:04:4e:fb:26:c5:7f:ba:35:
f3:a7:db:33:a0:3c:8b:1b:50:3c:13:45:c2:88:c2:70:47:6c:
9b:2c:ff:57:2f:87:60:75:62:25:9f:3b:3f:35:33:55:75:54:
01:5b:f8:ab:f4:55:42:1d:98:74:00:89:83:a6:c2:ba:fa:a1:
aa:ed:1f:ab:53:f5:97:48:c2:78:0c:10:f5:3f:9e:89:af:9c:
06:9f:75:88:a6:24:69:f0:89:53:c7:2a:81:8b:02:3b:ea:84:
34:4a:41:13:c5:af:67:11:f2:ca:a1:27:2d:99:fc:3e:8f:54:
88:60:34:63:74:a8:2e:d4:13:fd:dd:e0:a0:e4:39:7d:e7:79:
8e:92:a8:55:b1:96:ba:20:46:7b:d4:68:37:0d:48:e4:24:88:
dd:94:95:45:c3:3a:69:1f:84:4e:67:f8:c1:e1:d5:b4:2b:76:
60:e4:bf:0c:76:89:24:65:ec:ef:bd:a3:fb:57:44:09:7c:59:
04:43:08:fa:b0:c5:d5:00:67:4a:0c:6f:e3:02:53:af:b6:31:
ce:6e:7a:7b:2a:2b:74:2f:52:78:d5:87:f5:25:6b:b5:89:a6:
ad:80:10:d6:24:8f:27:ca:03:f9:66:f6:03:04:8b:a6:6e:7e:
0e:d5:83:60
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYqpVYsz4yYJMPEeLCSce2DNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTE4MTcyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmU5NjdjOTZhODZhZjM5OTE2OGEwMGRkMjhiZTU2MTg1YzU2YzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSyg1zLmumxFmNwQpFnWkxV45VlO
vGMEQhTY0v/RX9LIGpAy2M7WZSNFKVdz5LAMCxLfa5Kz0PVxOYPKGRUEF/VEHBfv
4i1k4hgtvmIPAf2JL+7FUl3nuxOPAg++/2RBNKMsIVhQrq0nZv4RMhvBwNx11QUI
d2YI2sR01WQx0zhYmAd1cVA7+4/UaLxZq/2zwUreJsNQGhSgtYt5JzYXog7/LJZH
iQk/eLy2vq687Ux16JhykNOGNZbZOGTYwi9hezmv97G9CyTXYr00aRt6tcZoNWng
yC4XDNRYaVbRMilz9wOrZHGfhhsgQCLIEY5UTwff8sxk2kQShFngnlMzmwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFMvpZ8lqhq85kWigDdKL5WGFxWwaMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveS1sbnlXcUdyem1SYUtBTjBvdmxZWVhGYkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAEF/SwDBAAF/S8DBAEt
CLgwDAMEAi0IvAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAt
CP8DBAEtCQADBAAtCQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV
0HEDBABV0HMDBABV0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAAxcsZMtIa7t
3LIETvsmxX+6NfOn2zOgPIsbUDwTRcKIwnBHbJss/1cvh2B1YiWfOz81M1V1VAFb
+Kv0VUIdmHQAiYOmwrr6oartH6tT9ZdIwngMEPU/nomvnAafdYimJGnwiVPHKoGL
AjvqhDRKQRPFr2cR8sqhJy2Z/D6PVIhgNGN0qC7UE/3d4KDkOX3neY6SqFWxlrog
RnvUaDcNSOQkiN2UlUXDOmkfhE5n+MHh1bQrdmDkvwx2iSRl7O+9o/tXRAl8WQRD
CPqwxdUAZ0oMb+MCU6+2Mc5uensqK3QvUnjVh/Ula7WJpq2AENYkjyfKA/lm9gME
i6Zufg7Vg2A=
-----END CERTIFICATE-----
Generated at Thu Nov 30 10:36:37 2023 by rpki-client on console-ams.rpki-client.org