Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/YsMKG2q9Xrl1PLyOnQ-FtWm7QBY.roa
File: YsMKG2q9Xrl1PLyOnQ-FtWm7QBY.roa (raw, json)
Hash identifier: YnlkstOACLcDYUUDaV8AN7TZmHz1qgp0z7Ds0SqoUGA=
Subject key identifier: 62:C3:0A:1B:6A:BD:5E:B9:75:3C:BC:8E:9D:0F:85:B5:69:BB:40:16
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 0188723EB4873463A81E8222B77447EADDD5
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/YsMKG2q9Xrl1PLyOnQ-FtWm7QBY.roa
Signing time: Wed 31 May 2023 14:38:12 +0000
ROA not before: Wed 31 May 2023 14:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5408
IP address blocks: 185.5.76.0/22 maxlen: 22
62.217.64.0/18 maxlen: 24
91.227.108.0/24 maxlen: 24
195.251.2.0/24 maxlen: 24
194.177.192.0/19 maxlen: 24
194.42.50.0/23 maxlen: 23
185.81.196.0/22 maxlen: 22
195.251.0.0/16 maxlen: 24
194.42.52.0/23 maxlen: 23
194.42.54.0/24 maxlen: 24
193.105.109.0/24 maxlen: 24
83.212.0.0/16 maxlen: 24
37.32.128.0/17 maxlen: 17
195.130.64.0/18 maxlen: 24
2001:648::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:72:3e:b4:87:34:63:a8:1e:82:22:b7:74:47:ea:dd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: May 31 14:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62c30a1b6abd5eb9753cbc8e9d0f85b569bb4016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:1d:5a:c7:f3:f8:b8:0c:84:11:81:08:75:
8b:7d:ed:da:f3:a8:cd:7e:06:48:17:8a:25:4d:af:
d4:41:72:3a:7d:ae:a6:0c:1e:ea:c6:2c:4a:6f:81:
b8:d1:47:97:bf:5a:68:fe:8a:fe:72:06:84:2d:e1:
ef:7b:81:60:45:70:25:6d:7d:01:e8:c4:13:fd:14:
87:5a:65:2c:de:52:ac:a8:43:d3:de:6c:ad:b7:7e:
de:8a:52:54:37:54:cc:2d:f7:f0:ea:e5:63:27:76:
6b:61:e6:ec:ae:b6:40:ec:e2:09:9f:d5:6d:26:6b:
7c:57:13:f3:54:c0:42:74:40:4f:86:ed:5c:ce:55:
d5:83:ee:2b:84:95:62:86:ab:d1:61:42:dc:35:5e:
75:20:50:f1:9c:d5:42:2a:a7:5f:df:ff:ff:1e:ae:
c1:ca:ae:38:74:65:2b:db:ca:dd:b3:7c:6d:5a:8e:
b1:5c:d1:72:c6:85:5e:ed:55:08:4d:96:8a:ee:e2:
e9:8e:ed:10:4d:3f:54:6e:40:bf:83:be:84:e5:8d:
99:f9:4c:99:64:18:4f:a5:8e:29:e3:d8:9c:a0:cb:
59:5e:73:2a:5b:f7:d5:82:9e:fd:11:6a:46:16:d1:
44:a8:9f:42:1d:33:9f:7d:14:0e:84:b2:18:a0:4c:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C3:0A:1B:6A:BD:5E:B9:75:3C:BC:8E:9D:0F:85:B5:69:BB:40:16
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/YsMKG2q9Xrl1PLyOnQ-FtWm7QBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.128.0/17
62.217.64.0/18
83.212.0.0/16
91.227.108.0/24
185.5.76.0/22
185.81.196.0/22
193.105.109.0/24
194.42.50.0-194.42.54.255
194.177.192.0/19
195.130.64.0/18
195.251.0.0/16
IPv6:
2001:648::/29
Signature Algorithm: sha256WithRSAEncryption
2b:78:6e:73:94:30:81:36:5f:71:a5:b5:94:31:e9:94:1a:e7:
03:ea:79:99:e1:c4:8a:d9:6f:20:a4:2b:c2:4f:00:f5:b7:8c:
18:97:ee:1b:00:d0:91:d1:b8:d3:c8:03:74:18:bd:22:f1:40:
92:34:6e:30:46:96:cd:fb:85:b4:5c:f1:a3:ef:6d:f0:0d:98:
67:00:0e:52:16:b0:07:47:6b:18:6d:64:09:f8:5c:57:f9:a8:
18:7e:3e:b4:64:17:34:fb:90:93:87:ef:78:90:75:67:75:5d:
b5:92:da:b2:5b:34:53:d8:a1:6d:df:53:f9:bf:fd:cc:9c:90:
a2:8d:a4:b7:24:89:2a:f3:29:4a:be:2e:2b:ca:20:e4:b2:47:
37:57:85:05:b3:83:9e:7a:a2:dd:f5:c5:59:9a:f4:2d:5c:90:
a4:02:c1:90:66:e7:90:38:eb:f8:23:03:41:3a:8a:7a:00:c8:
26:89:a8:73:03:6d:23:79:a8:ab:c5:1f:72:5c:e5:5f:98:50:
49:a9:6d:e7:31:c3:77:9d:86:3c:4d:68:2a:6f:02:68:d6:7b:
b4:bd:ea:97:41:3d:af:34:47:5a:9e:cc:f6:bf:84:75:01:a2:
04:6b:8e:e7:22:07:fd:e2:40:89:c9:37:13:6e:bc:e9:45:aa:
2b:42:8c:8b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYhyPrSHNGOoHoIit3RH6t3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwNTMxMTQzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmMzMGExYjZhYmQ1ZWI5NzUzY2JjOGU5ZDBmODViNTY5YmI0MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6IdWsfz+LgMhBGBCHWLfe3a86jN
fgZIF4olTa/UQXI6fa6mDB7qxixKb4G40UeXv1po/or+cgaELeHve4FgRXAlbX0B
6MQT/RSHWmUs3lKsqEPT3mytt37eilJUN1TMLffw6uVjJ3ZrYebsrrZA7OIJn9Vt
Jmt8VxPzVMBCdEBPhu1czlXVg+4rhJVihqvRYULcNV51IFDxnNVCKqdf3///Hq7B
yq44dGUr28rds3xtWo6xXNFyxoVe7VUITZaK7uLpju0QTT9UbkC/g76E5Y2Z+UyZ
ZBhPpY4p49icoMtZXnMqW/fVgp79EWpGFtFEqJ9CHTOffRQOhLIYoEwz4wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGLDChtqvV65dTy8jp0PhbVpu0AWMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvWXNNS0cycTlYcmwxUEx5T25RLUZ0V203UUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHJSCAAwQG
PtlAAwMAU9QDBABb42wDBAK5BUwDBAK5UcQDBADBaW0wDAMEAcIqMgMEAMIqNgME
BcKxwAMEBsOCQAMDAMP7MA0EAgACMAcDBQMgAQZIMA0GCSqGSIb3DQEBCwUAA4IB
AQAreG5zlDCBNl9xpbWUMemUGucD6nmZ4cSK2W8gpCvCTwD1t4wYl+4bANCR0bjT
yAN0GL0i8UCSNG4wRpbN+4W0XPGj723wDZhnAA5SFrAHR2sYbWQJ+FxX+agYfj60
ZBc0+5CTh+94kHVndV21ktqyWzRT2KFt31P5v/3MnJCijaS3JIkq8ylKvi4ryiDk
skc3V4UFs4OeeqLd9cVZmvQtXJCkAsGQZueQOOv4IwNBOop6AMgmiahzA20jeair
xR9yXOVfmFBJqW3nMcN3nYY8TWgqbwJo1nu0veqXQT2vNEdansz2v4R1AaIEa47n
Igf94kCJyTcTbrzpRaorQoyL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org