Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/YLTh_RhYrSGNFwLqI53WWZUMmHA.roa
File: YLTh_RhYrSGNFwLqI53WWZUMmHA.roa (raw, json)
Hash identifier: exUAUEWy8RH7T878JDjhz95ij9XuC5JzMLkOWJ1jckk=
Subject key identifier: 60:B4:E1:FD:18:58:AD:21:8D:17:02:EA:23:9D:D6:59:95:0C:98:70
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 0191C28B1E107BCC490F2406C39B867A8246
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/YLTh_RhYrSGNFwLqI53WWZUMmHA.roa
Signing time: Thu 05 Sep 2024 14:16:22 +0000
ROA not before: Thu 05 Sep 2024 14:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28715
IP address blocks: 185.104.120.0/24 maxlen: 24
185.104.121.0/24 maxlen: 24
185.104.122.0/24 maxlen: 24
2a06:3000::/29 maxlen: 29
2a06:3000::/36 maxlen: 36
2a06:3000::/48 maxlen: 48
2a06:3000:1::/48 maxlen: 48
2a06:3000:2::/48 maxlen: 48
2a06:3000:3::/48 maxlen: 48
2a06:3000:4::/48 maxlen: 48
2a06:3000:5::/48 maxlen: 48
2a06:3000:6::/48 maxlen: 48
2a06:3000:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:8b:1e:10:7b:cc:49:0f:24:06:c3:9b:86:7a:82:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Sep 5 14:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60b4e1fd1858ad218d1702ea239dd659950c9870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d1:78:e7:ae:e2:ba:33:d6:3b:2b:05:d3:26:
74:b1:ab:42:39:46:e4:f7:c6:f5:08:3b:04:57:56:
1a:b5:88:e2:3f:27:eb:e2:58:9c:94:06:3d:27:35:
0a:24:0e:5b:50:9c:bb:04:56:1a:53:e4:83:35:bc:
bd:12:e1:d8:e8:75:d3:88:34:d7:bc:a5:ae:19:1c:
c0:44:2f:98:3c:b7:30:65:56:26:b3:37:7d:d3:76:
b4:46:24:6c:a0:e8:fe:d0:5e:2c:31:8c:d6:a9:b6:
31:94:e6:5c:bf:09:a8:50:ac:7d:03:85:20:b4:5c:
3c:b6:38:fb:4e:4f:e1:be:19:73:da:43:68:c1:89:
cf:88:65:58:d8:88:5b:e6:22:40:b0:5c:26:76:51:
85:e4:69:f3:fb:ae:5c:a2:a9:f4:9e:4c:89:46:5d:
9d:a6:15:37:0d:86:c9:80:91:57:22:47:67:95:e7:
e9:1e:86:12:e3:45:f8:eb:da:22:e6:12:53:a7:c7:
06:73:a9:cd:33:75:c4:f2:d7:33:a1:dc:8a:97:7a:
57:c9:aa:6f:1f:7e:19:fd:e5:50:9f:33:2d:5e:1e:
8b:22:79:aa:8c:15:d1:0f:a3:ca:ea:46:12:cf:ad:
13:47:c5:d8:62:1e:bc:7c:d6:45:d3:5c:04:5e:3c:
43:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B4:E1:FD:18:58:AD:21:8D:17:02:EA:23:9D:D6:59:95:0C:98:70
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/YLTh_RhYrSGNFwLqI53WWZUMmHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.120.0-185.104.122.255
IPv6:
2a06:3000::/29
Signature Algorithm: sha256WithRSAEncryption
a1:fd:1d:4f:8b:93:f5:d9:61:f2:71:0b:9c:e6:ee:71:94:77:
f7:ac:68:c0:f7:96:78:a1:92:6d:3b:a4:62:27:5c:da:c0:3a:
f5:0a:22:44:e1:be:64:32:32:20:73:96:ac:d4:01:19:e9:a0:
1c:c3:78:2b:a9:a0:a4:ad:ea:35:61:fb:89:a1:fa:11:fc:0f:
b4:e8:79:c7:06:25:98:fc:df:90:1f:4b:ce:08:ec:eb:14:88:
63:5f:0e:66:d4:59:bd:3e:f1:09:5f:8c:76:49:2b:cb:bd:18:
b4:a2:03:f6:02:d6:56:76:fd:35:0e:45:99:2b:16:97:dd:83:
aa:88:bb:04:99:8a:6b:0f:21:cf:05:75:fd:db:6d:3c:92:d2:
17:4a:cf:9a:f4:b3:12:6c:19:1e:43:ab:e0:9c:c3:dd:15:35:
48:be:a2:43:d0:af:e8:ec:22:3c:a3:97:6e:35:1a:8c:9d:7b:
4a:8a:76:b3:7a:37:ff:35:93:5c:4c:aa:e5:1f:fa:57:67:4c:
1e:4d:14:16:f1:4f:a4:d3:0e:a2:ef:1e:de:a5:ae:7b:f9:46:
08:e4:7c:5c:c4:d3:8f:cc:0a:26:cb:72:32:87:dd:f8:b8:0a:
bd:07:e3:f5:40:13:0e:2d:de:5a:ef:d2:a2:8c:79:ed:d9:a0:
05:15:7f:f8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZHCix4Qe8xJDyQGw5uGeoJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjQwOTA1MTQxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGI0ZTFmZDE4NThhZDIxOGQxNzAyZWEyMzlkZDY1OTk1MGM5ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdF4567iujPWOysF0yZ0satCOUbk
98b1CDsEV1YatYjiPyfr4liclAY9JzUKJA5bUJy7BFYaU+SDNby9EuHY6HXTiDTX
vKWuGRzARC+YPLcwZVYmszd903a0RiRsoOj+0F4sMYzWqbYxlOZcvwmoUKx9A4Ug
tFw8tjj7Tk/hvhlz2kNowYnPiGVY2Ihb5iJAsFwmdlGF5Gnz+65coqn0nkyJRl2d
phU3DYbJgJFXIkdnlefpHoYS40X469oi5hJTp8cGc6nNM3XE8tczodyKl3pXyapv
H34Z/eVQnzMtXh6LInmqjBXRD6PK6kYSz60TR8XYYh68fNZF01wEXjxDnwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGC04f0YWK0hjRcC6iOd1lmVDJhwMB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvWUxUaF9SaFlyU0dORndMcUk1M1dXWlVNbUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAO5aHgD
BAC5aHowDQQCAAIwBwMFAyoGMAAwDQYJKoZIhvcNAQELBQADggEBAKH9HU+Lk/XZ
YfJxC5zm7nGUd/esaMD3lnihkm07pGInXNrAOvUKIkThvmQyMiBzlqzUARnpoBzD
eCupoKSt6jVh+4mh+hH8D7ToeccGJZj835AfS84I7OsUiGNfDmbUWb0+8QlfjHZJ
K8u9GLSiA/YC1lZ2/TUORZkrFpfdg6qIuwSZimsPIc8Fdf3bbTyS0hdKz5r0sxJs
GR5Dq+Ccw90VNUi+okPQr+jsIjyjl241Goyde0qKdrN6N/81k1xMquUf+ldnTB5N
FBbxT6TTDqLvHt6lrnv5RgjkfFzE04/MCibLcjKH3fi4Cr0H4/VAEw4t3lrv0qKM
ee3ZoAUVf/g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:24 2025 by rpki-client