Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/YJZFyCnKwuuWgo7qTV7Khp5stcg.roa
File: YJZFyCnKwuuWgo7qTV7Khp5stcg.roa (raw, json)
Hash identifier: TRz4u3mcoe+KyoIcILR2V4yJ5/06mIUWsCXBwg0sC1M=
Subject key identifier: 60:96:45:C8:29:CA:C2:EB:96:82:8E:EA:4D:5E:CA:86:9E:6C:B5:C8
Certificate issuer: /CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Certificate serial: 018CC8DF2AE6141C4681D370F35F08AB9ECE
Authority key identifier: C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/YJZFyCnKwuuWgo7qTV7Khp5stcg.roa
Signing time: Tue 02 Jan 2024 06:31:57 +0000
ROA not before: Tue 02 Jan 2024 06:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205272
IP address blocks: 185.221.71.0/24 maxlen: 24
185.221.70.0/24 maxlen: 24
185.221.69.0/24 maxlen: 24
185.221.68.0/24 maxlen: 24
2a06:bcc0:8::/48 maxlen: 48
2a06:bcc0:6::/48 maxlen: 48
2a06:bcc0:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 Apr 2024 11:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:2a:e6:14:1c:46:81:d3:70:f3:5f:08:ab:9e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Validity
Not Before: Jan 2 06:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609645c829cac2eb96828eea4d5eca869e6cb5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ed:fe:52:ca:33:52:03:e2:58:49:65:7e:db:
47:6e:76:c6:d3:cc:50:1d:3f:ee:4e:a7:8b:0d:90:
de:fd:15:87:b6:4a:e8:78:f7:0b:4b:f6:9a:5b:90:
bd:4e:f5:94:be:61:9a:c5:53:52:6a:d1:d6:a5:2b:
7e:d3:a8:d2:09:94:95:bc:00:2d:cc:eb:f9:bd:1a:
1b:4e:1f:69:40:92:ff:15:a4:f8:20:4f:f6:b2:64:
64:25:34:05:e5:57:8b:15:80:db:46:56:af:7a:b2:
fb:81:10:83:79:52:c9:ba:08:70:b4:dc:1b:7a:46:
37:ba:9d:11:19:e3:b4:f8:a0:d8:86:bc:e3:44:1a:
5a:fb:c2:bd:7c:9a:03:55:7c:b0:27:ce:82:c2:da:
04:71:6f:7c:1f:2c:06:34:ad:22:69:c0:f8:47:f6:
05:7c:7c:d0:d1:8c:56:d0:d7:2d:af:d8:ec:8b:3a:
67:2a:96:59:11:ac:33:de:7c:2b:42:2b:00:0d:d5:
24:7d:49:6b:64:60:5e:a7:d8:d3:0c:ab:69:88:37:
ef:03:8a:ed:f3:ae:05:cb:41:02:4d:0b:b9:86:39:
ab:a9:1e:5c:01:3d:cc:f9:c9:dc:29:6a:84:6a:a3:
d1:05:06:53:bd:66:b4:63:d4:4d:e1:23:cc:fe:03:
12:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:96:45:C8:29:CA:C2:EB:96:82:8E:EA:4D:5E:CA:86:9E:6C:B5:C8
X509v3 Authority Key Identifier:
keyid:C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/YJZFyCnKwuuWgo7qTV7Khp5stcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.68.0/22
IPv6:
2a06:bcc0:6::-2a06:bcc0:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:81:10:3c:fa:93:e3:e7:a7:19:2b:32:be:45:be:90:5e:79:
83:e0:bd:83:fc:c0:50:0e:45:b8:90:45:71:d7:22:c4:5e:eb:
ae:03:a7:5b:41:4e:f8:95:8f:b7:09:3f:42:f1:22:81:fd:b9:
65:2b:ba:ac:a9:67:b9:87:aa:79:b0:30:e8:0e:5a:8d:cd:62:
dd:e9:52:89:bd:f8:90:5a:b1:ac:20:b6:af:b5:6a:e4:3b:d5:
1b:aa:29:f2:19:00:95:0c:08:fb:2c:84:ee:6a:35:c1:dc:41:
6f:cf:93:52:6c:c3:8c:0e:ce:4b:58:50:88:3d:ad:b2:04:f9:
d3:3e:e1:25:04:7c:eb:27:ae:8a:5a:de:d5:12:34:b8:34:d3:
2f:49:f3:0d:86:f5:97:0d:97:81:e4:ae:c1:7e:05:fb:21:d4:
92:7e:3f:79:46:13:d9:a5:e3:c3:9d:b8:c2:83:f6:57:f4:26:
0e:98:05:71:7f:c2:63:a5:13:d6:b0:dc:16:12:b5:f7:e2:82:
f4:e7:34:64:72:da:92:fd:2b:c4:0d:05:8e:ee:fa:00:fe:d1:
e6:92:6d:11:15:9c:c3:20:1c:93:23:3b:dd:54:55:99:76:1c:
e8:4e:63:01:74:e0:db:a7:07:41:64:ed:7b:68:02:4e:6a:35:
99:16:c9:44
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzI3yrmFBxGgdNw818Iq57OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZmJkNTg3NjYxM2VkYzU2ZTBmNWRlNDY4Y2NlNWViMjg4
NWZmMjkwHhcNMjQwMTAyMDYzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk2NDVjODI5Y2FjMmViOTY4MjhlZWE0ZDVlY2E4NjllNmNiNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu3+UsozUgPiWEllfttHbnbG08xQ
HT/uTqeLDZDe/RWHtkroePcLS/aaW5C9TvWUvmGaxVNSatHWpSt+06jSCZSVvAAt
zOv5vRobTh9pQJL/FaT4IE/2smRkJTQF5VeLFYDbRlaverL7gRCDeVLJughwtNwb
ekY3up0RGeO0+KDYhrzjRBpa+8K9fJoDVXywJ86CwtoEcW98HywGNK0iacD4R/YF
fHzQ0YxW0Nctr9jsizpnKpZZEawz3nwrQisADdUkfUlrZGBep9jTDKtpiDfvA4rt
864Fy0ECTQu5hjmrqR5cAT3M+cncKWqEaqPRBQZTvWa0Y9RN4SPM/gMSTQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGCWRcgpysLrloKO6k1eyoaebLXIMB8GA1UdIwQY
MBaAFMD71YdmE+3Fbg9d5GjM5esohf8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzIt
YTNiNmJlNGE5ZTliLzEvWUpaRnlDbkt3dXVXZ283cVRWN0tocDVzdGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzItYTNiNmJlNGE5ZTli
LzEvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCud1EMBoE
AgACMBQwEgMHASoGvMAABgMHACoGvMAACDANBgkqhkiG9w0BAQsFAAOCAQEApIEQ
PPqT4+enGSsyvkW+kF55g+C9g/zAUA5FuJBFcdcixF7rrgOnW0FO+JWPtwk/QvEi
gf25ZSu6rKlnuYeqebAw6A5ajc1i3elSib34kFqxrCC2r7Vq5DvVG6op8hkAlQwI
+yyE7mo1wdxBb8+TUmzDjA7OS1hQiD2tsgT50z7hJQR86yeuilre1RI0uDTTL0nz
DYb1lw2XgeSuwX4F+yHUkn4/eUYT2aXjw524woP2V/QmDpgFcX/CY6UT1rDcFhK1
9+KC9Oc0ZHLakv0rxA0Fju76AP7R5pJtERWcwyAckyM73VRVmXYc6E5jAXTg26cH
QWTte2gCTmo1mRbJRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:45 2024 by rpki-client on console-fra.rpki-client.org