Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/YFFdMkflf0Xn8rDWP9VH-5KBD5o.roa
File: YFFdMkflf0Xn8rDWP9VH-5KBD5o.roa (raw, json)
Hash identifier: oMfmj1OLJep4ER1N/BXkTB5AbHUNzfvksMmdpp0A2dk=
Subject key identifier: 60:51:5D:32:47:E5:7F:45:E7:F2:B0:D6:3F:D5:47:FB:92:81:0F:9A
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 0185C7CE3ADCEE01D2423B83DB49969A649F
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/YFFdMkflf0Xn8rDWP9VH-5KBD5o.roa
Signing time: Thu 19 Jan 2023 02:14:19 +0000
ROA not before: Thu 19 Jan 2023 02:14:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44901
IP address blocks: 185.206.145.0/24 maxlen: 24
185.206.144.0/24 maxlen: 24
185.206.147.0/24 maxlen: 24
185.206.146.0/24 maxlen: 24
212.73.150.0/24 maxlen: 24
94.156.35.0/24 maxlen: 24
91.92.111.0/24 maxlen: 24
91.92.108.0/24 maxlen: 24
91.92.120.0/24 maxlen: 24
91.92.128.0/24 maxlen: 24
91.92.136.0/24 maxlen: 24
91.92.137.0/24 maxlen: 24
94.156.144.0/24 maxlen: 24
91.92.144.0/24 maxlen: 24
185.203.117.0/24 maxlen: 24
185.203.116.0/24 maxlen: 24
185.203.118.0/24 maxlen: 24
185.203.119.0/24 maxlen: 24
88.80.145.0/24 maxlen: 24
88.80.151.0/24 maxlen: 24
88.80.150.0/24 maxlen: 24
88.80.148.0/24 maxlen: 24
88.80.147.0/24 maxlen: 24
88.80.149.0/24 maxlen: 24
88.80.146.0/24 maxlen: 24
185.141.63.0/24 maxlen: 24
185.141.62.0/24 maxlen: 24
185.141.61.0/24 maxlen: 24
185.205.210.0/24 maxlen: 24
185.205.209.0/24 maxlen: 24
85.217.170.0/24 maxlen: 24
85.217.171.0/24 maxlen: 24
94.156.189.0/24 maxlen: 24
193.37.213.0/24 maxlen: 24
193.37.212.0/24 maxlen: 24
193.37.215.0/24 maxlen: 24
193.37.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c7:ce:3a:dc:ee:01:d2:42:3b:83:db:49:96:9a:64:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 19 02:14:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60515d3247e57f45e7f2b0d63fd547fb92810f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:46:fc:35:32:ee:4f:44:61:b8:51:ae:d3:8b:
35:15:84:0b:a4:ef:5f:c5:95:2b:d4:ca:55:42:91:
2b:2e:c2:5e:80:a7:21:1a:f5:b7:53:f2:64:42:cf:
03:d3:75:66:01:be:27:fb:2b:22:5b:67:a7:48:12:
fe:67:a0:ef:ec:91:fb:a5:c6:fa:7a:5a:91:30:ed:
57:b2:96:98:5e:77:5a:71:4f:e8:0b:6e:03:32:d1:
ac:37:dc:62:7f:52:ea:72:16:47:d9:aa:a2:c5:81:
b4:88:a3:cc:3d:b7:a5:4e:90:9b:0d:fc:6a:bf:49:
1c:c3:ab:a5:45:bc:2d:b0:6f:84:de:a0:6c:ad:5e:
9e:f9:5b:62:76:76:1b:9d:33:96:05:7f:01:54:0f:
77:73:53:03:f8:a7:a0:23:2b:8e:25:76:ca:4d:61:
e3:72:35:92:cb:30:c1:db:36:20:7d:50:70:ff:00:
9c:01:c5:a1:d5:4f:6c:f7:56:8f:1e:71:73:db:03:
cf:e8:d4:1c:e5:5d:a6:9c:66:a4:45:2d:08:db:c2:
e0:68:90:f1:1d:be:ba:3a:a5:a3:e6:d9:41:f9:e2:
c1:a2:ae:88:42:ee:00:3c:bb:98:73:1d:75:56:8c:
ab:42:0a:1d:00:85:8a:9c:65:99:78:85:ae:5e:96:
d2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:51:5D:32:47:E5:7F:45:E7:F2:B0:D6:3F:D5:47:FB:92:81:0F:9A
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/YFFdMkflf0Xn8rDWP9VH-5KBD5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.170.0/23
88.80.145.0-88.80.151.255
91.92.108.0/24
91.92.111.0/24
91.92.120.0/24
91.92.128.0/24
91.92.136.0/23
91.92.144.0/24
94.156.35.0/24
94.156.144.0/24
94.156.189.0/24
185.141.61.0-185.141.63.255
185.203.116.0/22
185.205.209.0-185.205.210.255
185.206.144.0/22
193.37.212.0/22
212.73.150.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:13:57:9b:09:63:bb:cd:0a:33:68:0b:37:7b:97:04:b7:17:
9b:1c:4e:95:dd:2d:41:2f:47:7d:59:31:3c:4e:1c:d6:d7:2d:
57:e4:f1:4d:49:4e:b2:c2:39:18:a7:c7:07:a0:18:09:a7:d1:
b4:f6:74:ae:b6:0a:ae:02:b7:68:d9:8f:9e:67:3b:8d:33:1f:
cd:f5:4b:44:a6:f7:b7:d0:ab:61:57:b7:2f:2e:51:c8:b0:f6:
5a:3a:78:d1:47:c1:75:0c:d5:7f:1a:0b:21:9f:f6:b7:dd:f6:
29:30:63:46:10:d1:52:ed:96:42:56:aa:69:a8:ab:e4:b0:ce:
25:36:a7:17:e0:04:95:b3:a0:17:85:e1:c0:4d:60:d1:84:aa:
38:f2:1a:ef:7b:28:a4:f1:34:27:bd:23:a9:f2:43:8e:1e:67:
80:38:69:01:a7:c7:ee:fe:b8:13:cc:76:43:a3:64:99:4e:88:
56:73:87:24:61:46:b0:9e:7e:0a:4f:b2:03:f8:78:74:48:2c:
0d:19:cf:c5:5e:c8:17:be:a3:a1:33:3d:14:c5:d6:e8:73:29:
cb:59:09:cd:b7:99:51:bf:56:06:95:90:80:0a:10:78:46:98:
67:39:fa:2e:93:9f:b9:4f:31:74:59:89:8f:f6:d3:1a:5b:0a:
8f:97:f1:ac
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYXHzjrc7gHSQjuD20mWmmSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjMwMTE5MDIxNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUxNWQzMjQ3ZTU3ZjQ1ZTdmMmIwZDYzZmQ1NDdmYjkyODEwZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Eb8NTLuT0RhuFGu04s1FYQLpO9f
xZUr1MpVQpErLsJegKchGvW3U/JkQs8D03VmAb4n+ysiW2enSBL+Z6Dv7JH7pcb6
elqRMO1XspaYXndacU/oC24DMtGsN9xif1LqchZH2aqixYG0iKPMPbelTpCbDfxq
v0kcw6ulRbwtsG+E3qBsrV6e+VtidnYbnTOWBX8BVA93c1MD+KegIyuOJXbKTWHj
cjWSyzDB2zYgfVBw/wCcAcWh1U9s91aPHnFz2wPP6NQc5V2mnGakRS0I28LgaJDx
Hb66OqWj5tlB+eLBoq6IQu4APLuYcx11VoyrQgodAIWKnGWZeIWuXpbSQQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGBRXTJH5X9F5/Kw1j/VR/uSgQ+aMB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvWUZGZE1rZmxmMFhuOHJEV1A5VkgtNUtCRDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAVXZ
qjAMAwQAWFCRAwQDWFCQAwQAW1xsAwQAW1xvAwQAW1x4AwQAW1yAAwQBW1yIAwQA
W1yQAwQAXpwjAwQAXpyQAwQAXpy9MAwDBAC5jT0DBAa5jQADBAK5y3QwDAMEALnN
0QMEALnN0gMEArnOkAMEAsEl1AMEANRJljANBgkqhkiG9w0BAQsFAAOCAQEAHhNX
mwlju80KM2gLN3uXBLcXmxxOld0tQS9HfVkxPE4c1tctV+TxTUlOssI5GKfHB6AY
CafRtPZ0rrYKrgK3aNmPnmc7jTMfzfVLRKb3t9CrYVe3Ly5RyLD2Wjp40UfBdQzV
fxoLIZ/2t932KTBjRhDRUu2WQlaqaair5LDOJTanF+AElbOgF4XhwE1g0YSqOPIa
73sopPE0J70jqfJDjh5ngDhpAafH7v64E8x2Q6NkmU6IVnOHJGFGsJ5+Ck+yA/h4
dEgsDRnPxV7IF76joTM9FMXW6HMpy1kJzbeZUb9WBpWQgAoQeEaYZzn6LpOfuU8x
dFmJj/bTGlsKj5fxrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:23 2024 by rpki-client on console-fra.rpki-client.org