Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YNhcLusmkNHGlRqlOb6kAuzi8_M.roa
File: YNhcLusmkNHGlRqlOb6kAuzi8_M.roa (raw, json)
Hash identifier: w0Httex2v0AskS73z1JCcsE4reQMV/M9cwBho8FGVJ4=
Subject key identifier: 60:D8:5C:2E:EB:26:90:D1:C6:95:1A:A5:39:BE:A4:02:EC:E2:F3:F3
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0192AFE89CEC7B359076552E92EE5B9A9C42
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YNhcLusmkNHGlRqlOb6kAuzi8_M.roa
Signing time: Mon 21 Oct 2024 16:28:30 +0000
ROA not before: Mon 21 Oct 2024 16:28:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 85.28.32.0/23 maxlen: 23
85.28.34.0/24 maxlen: 24
85.28.35.0/24 maxlen: 24
85.28.36.0/22 maxlen: 22
85.28.40.0/23 maxlen: 23
85.28.42.0/24 maxlen: 24
85.28.43.0/24 maxlen: 24
85.28.44.0/23 maxlen: 23
85.28.48.0/22 maxlen: 22
85.28.52.0/23 maxlen: 23
85.28.54.0/23 maxlen: 23
85.28.56.0/24 maxlen: 24
85.28.57.0/24 maxlen: 24
85.28.58.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/22 maxlen: 22
85.28.60.0/24 maxlen: 24
85.28.62.0/24 maxlen: 24
109.238.200.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 07:16:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:e8:9c:ec:7b:35:90:76:55:2e:92:ee:5b:9a:9c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Oct 21 16:28:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60d85c2eeb2690d1c6951aa539bea402ece2f3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5f:5f:41:5e:68:a8:2f:ab:a0:78:d7:29:1c:
be:ac:e4:c4:28:04:a9:a9:aa:b6:b2:a2:bc:1e:5d:
20:22:bc:33:3e:f7:f9:4e:58:47:81:d8:61:58:c8:
f7:bc:29:43:b1:16:d2:f3:8d:ee:ab:fe:80:fb:2b:
14:97:75:44:03:a8:26:16:a8:be:95:51:6a:52:fb:
6e:d2:05:3e:06:7d:9b:50:08:05:ac:29:b5:08:b2:
1d:da:27:c0:fa:92:ae:51:e3:ed:fc:dc:25:0d:43:
fa:5d:72:5e:cf:89:c5:9c:68:3f:82:24:e3:7a:07:
ca:1a:3b:c9:90:c5:d3:aa:9d:c3:a7:d2:7e:cc:8e:
8a:ea:2b:eb:cc:d7:6b:5c:56:6e:be:e1:76:f3:c7:
67:c4:2c:11:81:a3:43:8b:35:90:a5:20:96:78:73:
3e:f0:de:a9:cf:75:52:7e:c3:56:11:24:f4:a7:eb:
52:2a:c8:67:74:0f:2d:94:e0:32:66:bc:23:de:b0:
3b:f0:17:69:e7:5b:29:9a:2d:0d:5c:44:cf:19:22:
85:6f:d7:2c:f6:a6:65:07:f2:0a:d6:42:6a:9e:ad:
ce:fc:fd:cc:41:6b:74:7f:b7:b3:10:50:31:75:2f:
f3:34:4e:3b:ff:62:08:75:ac:c5:e1:d8:73:d5:c6:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D8:5C:2E:EB:26:90:D1:C6:95:1A:A5:39:BE:A4:02:EC:E2:F3:F3
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YNhcLusmkNHGlRqlOb6kAuzi8_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.32.0-85.28.45.255
85.28.48.0/20
109.238.200.0/24
109.238.203.0/24
109.238.205.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:05:43:ae:36:27:b9:af:99:4e:ae:41:32:c5:f2:bd:8a:4c:
a4:91:2c:ea:eb:72:28:6a:7c:65:97:25:72:2a:46:db:4a:99:
78:bd:68:bf:79:fa:a2:fc:c7:80:17:70:3a:a1:02:b4:4a:e2:
79:b7:e8:e5:35:2c:d0:ce:83:56:cd:d7:7b:a2:c0:94:f3:5a:
ca:f9:14:9c:cf:b2:4b:77:b5:29:cb:12:15:1f:40:0e:fc:b9:
ae:97:7f:6a:87:07:5b:1f:ce:7b:2e:7a:12:11:e5:d6:5c:a0:
e9:00:bd:d4:61:5c:70:20:8a:35:9f:6a:1f:7d:2a:c4:30:bf:
6d:10:f2:8a:50:2d:d5:29:6c:f6:c4:cc:ec:ef:c5:7f:7d:20:
75:2c:95:ca:f3:c7:f9:bb:8a:48:d1:58:2c:7b:5e:2f:48:82:
92:11:7c:85:b2:4e:79:2c:7d:c8:3a:8f:ab:62:79:a9:f8:6d:
34:77:76:f6:59:ed:e7:9b:2d:38:eb:93:08:97:31:88:e0:43:
00:8f:81:75:44:01:c9:32:40:08:57:9e:54:8a:1e:40:f8:67:
cb:19:87:7d:6e:0d:33:ef:78:02:a5:03:26:14:7e:c4:6c:fd:
5e:7b:da:a5:59:9e:3c:4f:0f:52:7b:4c:4c:16:53:dc:d7:97:
b8:4d:1b:7b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZKv6JzsezWQdlUuku5bmpxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjQxMDIxMTYyODMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGQ4NWMyZWViMjY5MGQxYzY5NTFhYTUzOWJlYTQwMmVjZTJmM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV9fQV5oqC+roHjXKRy+rOTEKASp
qaq2sqK8Hl0gIrwzPvf5TlhHgdhhWMj3vClDsRbS843uq/6A+ysUl3VEA6gmFqi+
lVFqUvtu0gU+Bn2bUAgFrCm1CLId2ifA+pKuUePt/NwlDUP6XXJez4nFnGg/giTj
egfKGjvJkMXTqp3Dp9J+zI6K6ivrzNdrXFZuvuF288dnxCwRgaNDizWQpSCWeHM+
8N6pz3VSfsNWEST0p+tSKshndA8tlOAyZrwj3rA78Bdp51spmi0NXETPGSKFb9cs
9qZlB/IK1kJqnq3O/P3MQWt0f7ezEFAxdS/zNE47/2IIdazF4dhz1cYJZwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGDYXC7rJpDRxpUapTm+pALs4vPzMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvWU5oY0x1c21rTkhHbFJxbE9iNmtBdXppOF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAVVHCAD
BAFVHCwDBARVHDADBABt7sgDBABt7ssDBABt7s0wDQYJKoZIhvcNAQELBQADggEB
AM4FQ642J7mvmU6uQTLF8r2KTKSRLOrrcihqfGWXJXIqRttKmXi9aL95+qL8x4AX
cDqhArRK4nm36OU1LNDOg1bN13uiwJTzWsr5FJzPskt3tSnLEhUfQA78ua6Xf2qH
B1sfznsuehIR5dZcoOkAvdRhXHAgijWfah99KsQwv20Q8opQLdUpbPbEzOzvxX99
IHUslcrzx/m7ikjRWCx7Xi9IgpIRfIWyTnksfcg6j6tiean4bTR3dvZZ7eebLTjr
kwiXMYjgQwCPgXVEAckyQAhXnlSKHkD4Z8sZh31uDTPveAKlAyYUfsRs/V572qVZ
njxPD1J7TEwWU9zXl7hNG3s=
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:30:05 2024 by rpki-client on console-fra.rpki-client.org