Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ybR18jZLEEqEZs8fVbO4_dXc87Q.roa
File: ybR18jZLEEqEZs8fVbO4_dXc87Q.roa (raw, json)
Hash identifier: a+e2MB0+TK4/8xBgfCfgrYCn0tWzaFcoPbiM8h7+cK0=
Subject key identifier: C9:B4:75:F2:36:4B:10:4A:84:66:CF:1F:55:B3:B8:FD:D5:DC:F3:B4
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018A1C9EE003B43FD080F4B94DD29876F8DA
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ybR18jZLEEqEZs8fVbO4_dXc87Q.roa
Signing time: Tue 22 Aug 2023 09:41:28 +0000
ROA not before: Tue 22 Aug 2023 09:41:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 45.141.8.0/22 maxlen: 24
185.224.248.0/22 maxlen: 24
185.6.12.0/23 maxlen: 24
185.6.14.0/23 maxlen: 24
45.150.232.0/22 maxlen: 24
195.238.124.0/22 maxlen: 24
185.140.209.0/24 maxlen: 24
185.140.208.0/24 maxlen: 24
185.131.64.0/24 maxlen: 24
185.131.66.0/24 maxlen: 24
185.131.65.0/24 maxlen: 24
185.131.67.0/24 maxlen: 24
88.218.240.0/22 maxlen: 24
89.36.161.0/24 maxlen: 24
89.36.160.0/24 maxlen: 24
217.30.8.0/22 maxlen: 24
194.59.46.0/24 maxlen: 24
185.140.12.0/22 maxlen: 24
194.59.59.0/24 maxlen: 24
194.59.155.0/24 maxlen: 24
91.201.64.0/22 maxlen: 24
194.59.142.0/24 maxlen: 24
213.183.36.0/24 maxlen: 24
89.34.238.0/24 maxlen: 24
213.183.38.0/24 maxlen: 24
213.183.37.0/24 maxlen: 24
213.183.33.0/24 maxlen: 24
213.183.32.0/24 maxlen: 24
5.182.228.0/22 maxlen: 24
213.183.39.0/24 maxlen: 24
213.183.41.0/24 maxlen: 24
213.183.40.0/24 maxlen: 24
213.183.43.0/24 maxlen: 24
213.183.42.0/24 maxlen: 24
213.183.44.0/24 maxlen: 24
213.183.50.0/24 maxlen: 24
213.183.49.0/24 maxlen: 24
88.210.38.0/24 maxlen: 24
213.183.51.0/24 maxlen: 24
213.183.45.0/24 maxlen: 24
213.183.46.0/24 maxlen: 24
213.183.48.0/24 maxlen: 24
213.183.47.0/24 maxlen: 24
213.183.52.0/24 maxlen: 24
88.210.39.0/24 maxlen: 24
213.183.53.0/24 maxlen: 24
213.183.58.0/24 maxlen: 24
77.72.16.0/23 maxlen: 24
213.183.59.0/24 maxlen: 24
213.183.60.0/24 maxlen: 24
213.183.62.0/24 maxlen: 24
213.183.61.0/24 maxlen: 24
77.72.18.0/23 maxlen: 24
77.72.20.0/23 maxlen: 24
77.72.22.0/23 maxlen: 24
213.183.63.0/24 maxlen: 24
92.119.88.0/22 maxlen: 24
91.192.83.0/24 maxlen: 24
91.192.80.0/24 maxlen: 24
5.188.172.0/24 maxlen: 24
5.188.173.0/24 maxlen: 24
5.188.180.0/22 maxlen: 24
185.246.152.0/24 maxlen: 24
185.246.153.0/24 maxlen: 24
185.246.155.0/24 maxlen: 24
185.246.154.0/24 maxlen: 24
45.135.120.0/22 maxlen: 24
31.40.216.0/22 maxlen: 24
213.226.68.0/22 maxlen: 24
93.189.58.0/24 maxlen: 24
93.189.57.0/24 maxlen: 24
185.135.84.0/22 maxlen: 24
93.189.56.0/24 maxlen: 24
93.189.61.0/24 maxlen: 24
93.189.60.0/24 maxlen: 24
93.189.63.0/24 maxlen: 24
93.189.62.0/24 maxlen: 24
2a06:f906::/36 maxlen: 36
2a06:f903::/36 maxlen: 36
2a06:f905::/36 maxlen: 36
2a06:f900:4000::/36 maxlen: 36
2a06:f900::/36 maxlen: 36
2a06:f902::/36 maxlen: 36
2a06:f904::/36 maxlen: 36
2a06:f907:4000::/36 maxlen: 36
2a06:f907::/36 maxlen: 36
2a06:f901::/36 maxlen: 36
2a0d:8400::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Nov 2023 12:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:9e:e0:03:b4:3f:d0:80:f4:b9:4d:d2:98:76:f8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Aug 22 09:41:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9b475f2364b104a8466cf1f55b3b8fdd5dcf3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:c6:eb:a4:6b:20:e3:4d:be:49:49:c7:6f:
da:ff:f2:ec:5f:97:18:e6:8d:29:a4:30:bf:0e:67:
af:34:d3:4f:0a:4a:f3:b0:c4:e6:dc:7a:0b:85:ca:
97:4b:b1:ca:07:9e:2e:79:2f:db:3f:cd:52:15:dd:
5d:a8:8a:5f:3b:27:e6:2b:ce:5b:65:81:ad:90:93:
88:f5:f6:5d:91:47:25:ab:28:21:89:24:79:51:d6:
2a:3f:5d:f3:a3:d1:99:c7:e2:af:15:f4:b9:7a:dc:
5c:a1:27:2a:a0:52:7d:fd:32:0c:dd:8c:90:66:4c:
2f:dd:88:01:e5:0d:a6:4e:22:6a:03:b0:3c:b7:7c:
9d:19:b6:96:e5:d7:9f:46:f5:2a:f8:ee:e7:b9:80:
4f:92:d5:1e:b9:66:d3:98:c0:4b:b5:27:a3:23:0a:
23:13:de:b7:f0:80:7f:b7:6e:9a:ac:f3:32:4b:26:
c3:55:6e:eb:1f:84:24:4c:d3:7d:b6:d0:62:0b:5d:
7c:89:3b:4c:af:55:96:be:05:14:86:db:87:0e:80:
98:02:66:2b:e9:47:e8:ff:c0:f5:0a:70:f9:03:3a:
b9:1c:5f:3f:ce:92:d2:5d:1b:89:cd:fc:ce:f2:ef:
4f:ef:13:76:80:78:07:65:63:22:b8:9c:27:eb:ca:
9a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B4:75:F2:36:4B:10:4A:84:66:CF:1F:55:B3:B8:FD:D5:DC:F3:B4
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/ybR18jZLEEqEZs8fVbO4_dXc87Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.228.0/22
5.188.172.0/23
5.188.180.0/22
31.40.216.0/22
45.135.120.0/22
45.141.8.0/22
45.150.232.0/22
77.72.16.0/21
88.210.38.0/23
88.218.240.0/22
89.34.238.0/24
89.36.160.0/23
91.192.80.0/24
91.192.83.0/24
91.201.64.0/22
92.119.88.0/22
93.189.56.0-93.189.58.255
93.189.60.0/22
185.6.12.0/22
185.131.64.0/22
185.135.84.0/22
185.140.12.0/22
185.140.208.0/23
185.224.248.0/22
185.246.152.0/22
194.59.46.0/24
194.59.59.0/24
194.59.142.0/24
194.59.155.0/24
195.238.124.0/22
213.183.32.0/23
213.183.36.0-213.183.53.255
213.183.58.0-213.183.63.255
213.226.68.0/22
217.30.8.0/22
IPv6:
2a06:f900::/36
2a06:f900:4000::/36
2a06:f901::/36
2a06:f902::/36
2a06:f903::/36
2a06:f904::/36
2a06:f905::/36
2a06:f906::/36
2a06:f907::/36
2a06:f907:4000::/36
2a0d:8400::/32
Signature Algorithm: sha256WithRSAEncryption
37:94:fe:e1:ed:cc:b4:b9:fb:a0:27:3a:ce:08:a7:89:dd:66:
11:06:fe:b8:0a:69:d0:4d:a5:e3:36:19:e2:e8:f2:eb:99:c9:
c3:f2:b2:08:f1:d0:28:4d:b1:7f:fd:c5:30:2f:10:ee:34:2a:
bc:0f:86:9d:08:af:ed:ce:8e:f6:75:d1:a4:df:5e:05:fc:be:
2f:0c:ac:26:7e:a0:71:f5:0c:01:32:ea:43:78:a7:b1:1a:2f:
ee:c5:ff:01:bf:9e:7a:73:44:74:df:1b:7b:09:78:84:f1:22:
0d:74:53:78:46:45:f5:c0:29:89:41:00:10:d3:5f:80:b1:4e:
90:f0:16:a3:99:d3:1d:df:81:1d:b3:ce:da:8d:d4:05:60:b0:
cd:a2:89:08:3c:61:f2:38:db:d8:26:af:06:10:f8:b0:4a:1e:
91:4c:74:bc:d6:a1:6e:8f:0a:ba:36:49:5f:00:b2:99:e5:db:
9f:15:e2:60:74:75:11:7d:83:53:e7:d3:ba:85:86:11:43:02:
d3:09:dc:6e:a1:c5:1f:b3:bb:96:0a:e2:78:bc:fc:69:d4:f6:
d1:ce:af:4f:bc:6c:80:58:90:0e:1a:75:de:4d:a7:86:e5:a8:
94:64:fd:44:78:b4:a0:f9:1e:cf:8e:a1:d0:41:be:83:2a:6b:
95:97:46:f1
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgISAYocnuADtD/QgPS5TdKYdvjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwODIyMDk0MTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWI0NzVmMjM2NGIxMDRhODQ2NmNmMWY1NWIzYjhmZGQ1ZGNmM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIHG66RrIONNvklJx2/a//LsX5cY
5o0ppDC/DmevNNNPCkrzsMTm3HoLhcqXS7HKB54ueS/bP81SFd1dqIpfOyfmK85b
ZYGtkJOI9fZdkUclqyghiSR5UdYqP13zo9GZx+KvFfS5etxcoScqoFJ9/TIM3YyQ
Zkwv3YgB5Q2mTiJqA7A8t3ydGbaW5defRvUq+O7nuYBPktUeuWbTmMBLtSejIwoj
E9638IB/t26arPMySybDVW7rH4QkTNN9ttBiC118iTtMr1WWvgUUhtuHDoCYAmYr
6Ufo/8D1CnD5Azq5HF8/zpLSXRuJzfzO8u9P7xN2gHgHZWMiuJwn68qaCQIDAQAB
o4IDVDCCA1AwHQYDVR0OBBYEFMm0dfI2SxBKhGbPH1WzuP3V3PO0MB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEveWJSMThqWkxFRXFFWnM4ZlZiTzRfZFhjODdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaAYIKwYBBQUHAQcBAf8EggFXMIIBUzCB8QQCAAEwgeoD
BAIFtuQDBAEFvKwDBAIFvLQDBAIfKNgDBAIth3gDBAItjQgDBAItlugDBANNSBAD
BAFY0iYDBAJY2vADBABZIu4DBAFZJKADBABbwFADBABbwFMDBAJbyUADBAJcd1gw
DAMEA129OAMEAF29OgMEAl29PAMEArkGDAMEArmDQAMEArmHVAMEArmMDAMEAbmM
0AMEArng+AMEArn2mAMEAMI7LgMEAMI7OwMEAMI7jgMEAMI7mwMEAsPufAMEAdW3
IDAMAwQC1bckAwQB1bc0MAwDBAHVtzoDBAbVtwADBALV4kQDBALZHggwXQQCAAIw
VwMGBCoG+QAAAwYEKgb5AEADBgQqBvkBAAMGBCoG+QIAAwYEKgb5AwADBgQqBvkE
AAMGBCoG+QUAAwYEKgb5BgADBgQqBvkHAAMGBCoG+QdAAwUAKg2EADANBgkqhkiG
9w0BAQsFAAOCAQEAN5T+4e3MtLn7oCc6zginid1mEQb+uApp0E2l4zYZ4ujy65nJ
w/KyCPHQKE2xf/3FMC8Q7jQqvA+GnQiv7c6O9nXRpN9eBfy+LwysJn6gcfUMATLq
Q3insRov7sX/Ab+eenNEdN8bewl4hPEiDXRTeEZF9cApiUEAENNfgLFOkPAWo5nT
Hd+BHbPO2o3UBWCwzaKJCDxh8jjb2CavBhD4sEoekUx0vNahbo8KujZJXwCymeXb
nxXiYHR1EX2DU+fTuoWGEUMC0wncbqHFH7O7lgrieLz8adT20c6vT7xsgFiQDhp1
3k2nhuWolGT9RHi0oPkez46h0EG+gyprlZdG8Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org