Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/Yhgb0ysi2mI3of8KMnRrt3pFG3c.roa
File: Yhgb0ysi2mI3of8KMnRrt3pFG3c.roa (raw, json)
Hash identifier: zCM3HyPqyiWLeMiz0aJRY/qz4RvgHTe0/7vAOudW+Es=
Subject key identifier: 62:18:1B:D3:2B:22:DA:62:37:A1:FF:0A:32:74:6B:B7:7A:45:1B:77
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 018CC726B7044C40E9984FAF0F311343F793
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/Yhgb0ysi2mI3of8KMnRrt3pFG3c.roa
Signing time: Mon 01 Jan 2024 22:30:52 +0000
ROA not before: Mon 01 Jan 2024 22:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206495
IP address blocks: 194.9.56.0/23 maxlen: 23
194.150.70.0/23 maxlen: 23
194.150.68.0/23 maxlen: 23
185.186.242.0/24 maxlen: 24
194.9.80.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 17 Jul 2024 15:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:b7:04:4c:40:e9:98:4f:af:0f:31:13:43:f7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Jan 1 22:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62181bd32b22da6237a1ff0a32746bb77a451b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4a:2f:b1:b0:f6:7d:21:bc:da:d1:23:72:86:
f0:b2:94:96:7f:17:4d:a4:ae:49:cf:26:0d:78:53:
1d:36:f0:24:7d:29:05:6d:9f:55:b9:05:6d:0a:2a:
d8:69:e9:22:0f:7e:85:09:6f:a1:0b:17:99:99:7a:
bf:1f:0a:f9:fb:48:44:70:44:06:b3:00:14:92:08:
a9:02:eb:85:71:95:59:39:e8:ea:52:1c:4d:e1:fc:
e7:66:1c:00:94:c7:0c:b0:73:3d:ec:33:80:2d:0e:
87:77:bd:72:a7:32:ac:9c:49:71:1d:a4:d9:7a:ba:
db:a7:c0:c4:64:b9:41:71:27:c3:83:7a:01:6e:cd:
79:4e:f8:b6:e6:b8:d7:bb:da:d2:22:7a:87:4c:78:
0b:20:98:82:3a:c9:7a:05:bc:86:02:df:d6:22:43:
0f:9b:38:3d:fc:d8:e1:38:0f:cb:cd:0e:e1:34:99:
a4:0f:62:9d:84:98:52:7c:15:8d:cc:b3:69:76:6f:
c7:91:95:a0:f7:bd:87:13:1c:fa:ef:f3:ed:b9:cb:
da:e0:69:b9:a9:03:58:8d:65:26:3c:02:83:d4:8d:
32:6e:ea:3d:b1:43:dc:64:b3:e6:54:67:46:41:c5:
97:61:9b:dc:ba:88:cf:eb:34:8d:09:78:d6:f6:c3:
92:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:18:1B:D3:2B:22:DA:62:37:A1:FF:0A:32:74:6B:B7:7A:45:1B:77
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/Yhgb0ysi2mI3of8KMnRrt3pFG3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.242.0/24
194.9.56.0/23
194.9.80.0/23
194.150.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:f0:46:3b:69:4d:0b:68:e0:cb:d8:53:2f:d5:89:22:02:2d:
5f:5f:5a:38:64:7f:7e:5b:10:c7:69:3f:65:de:4a:f9:0a:23:
b3:f0:22:e5:58:82:96:c7:4e:11:fe:15:e0:b1:7a:67:84:08:
2f:1a:70:df:0a:6e:07:84:46:8e:96:93:ae:9a:c1:24:74:6c:
21:88:bb:bb:10:a2:59:3b:f9:70:7b:9f:1e:56:aa:4f:7a:d1:
01:54:02:1e:14:86:b4:17:8b:e9:de:cb:8c:c1:0a:d1:9c:e0:
63:f0:7f:75:fb:16:74:fb:f6:17:84:29:b2:bd:cd:7a:d0:1c:
c2:8a:5d:ba:a6:b7:a0:19:ee:82:d3:bd:db:a7:58:70:1b:4a:
74:17:ca:d0:a0:b8:1d:ff:97:ae:11:3f:cb:9d:8a:a1:e6:57:
8f:6d:97:eb:05:c4:d8:a9:5c:2a:06:e7:e0:10:df:d9:3c:09:
07:14:6a:fa:63:75:dd:fc:b1:31:b6:e5:25:d0:6a:ee:39:d5:
24:d5:5e:b4:d9:5d:9f:9d:9a:12:00:d8:19:00:77:85:3f:d6:
c8:8b:52:43:df:61:06:55:74:91:ff:2e:cc:47:d2:d4:2a:14:
cd:4b:78:26:76:f7:3e:87:21:3c:67:3b:75:27:02:58:c5:85:
8f:af:e8:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJrcETEDpmE+vDzETQ/eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwMTAxMjIzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE4MWJkMzJiMjJkYTYyMzdhMWZmMGEzMjc0NmJiNzdhNDUxYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kovsbD2fSG82tEjcobwspSWfxdN
pK5JzyYNeFMdNvAkfSkFbZ9VuQVtCirYaekiD36FCW+hCxeZmXq/Hwr5+0hEcEQG
swAUkgipAuuFcZVZOejqUhxN4fznZhwAlMcMsHM97DOALQ6Hd71ypzKsnElxHaTZ
errbp8DEZLlBcSfDg3oBbs15Tvi25rjXu9rSInqHTHgLIJiCOsl6BbyGAt/WIkMP
mzg9/NjhOA/LzQ7hNJmkD2KdhJhSfBWNzLNpdm/HkZWg972HExz67/Ptucva4Gm5
qQNYjWUmPAKD1I0ybuo9sUPcZLPmVGdGQcWXYZvcuojP6zSNCXjW9sOSkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGIYG9MrItpiN6H/CjJ0a7d6RRt3MB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvWWhnYjB5c2kybUkzb2Y4S01uUnJ0M3BGRzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAubryAwQB
wgk4AwQBwglQAwQCwpZEMA0GCSqGSIb3DQEBCwUAA4IBAQBd8EY7aU0LaODL2FMv
1YkiAi1fX1o4ZH9+WxDHaT9l3kr5CiOz8CLlWIKWx04R/hXgsXpnhAgvGnDfCm4H
hEaOlpOumsEkdGwhiLu7EKJZO/lwe58eVqpPetEBVAIeFIa0F4vp3suMwQrRnOBj
8H91+xZ0+/YXhCmyvc160BzCil26pregGe6C073bp1hwG0p0F8rQoLgd/5euET/L
nYqh5lePbZfrBcTYqVwqBufgEN/ZPAkHFGr6Y3Xd/LExtuUl0GruOdUk1V602V2f
nZoSANgZAHeFP9bIi1JD32EGVXSR/y7MR9LUKhTNS3gmdvc+hyE8Zzt1JwJYxYWP
r+g6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:16 2025 by rpki-client