Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BYnyZ64U-xwsqc8WvHxx9Nvp5TM.roa
File: BYnyZ64U-xwsqc8WvHxx9Nvp5TM.roa (raw, json)
Hash identifier: y36QMQGiAHjV1iEMBIVpUe/fuhoRRcswwVMrd599JW0=
Subject key identifier: 05:89:F2:67:AE:14:FB:1C:2C:A9:CF:16:BC:7C:71:F4:DB:E9:E5:33
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018793F1FA08F7E292E8CBBDE9874E03A4E1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BYnyZ64U-xwsqc8WvHxx9Nvp5TM.roa
Signing time: Tue 18 Apr 2023 10:38:41 +0000
ROA not before: Tue 18 Apr 2023 10:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.240.123.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Apr 2023 09:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:f1:fa:08:f7:e2:92:e8:cb:bd:e9:87:4e:03:a4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 18 10:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0589f267ae14fb1c2ca9cf16bc7c71f4dbe9e533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:da:24:69:0c:d2:0a:f2:d2:18:5f:7e:ab:
0a:7c:03:5f:7e:47:87:db:7c:17:92:ce:e6:2b:56:
9f:f4:48:ca:89:b6:1a:33:99:49:53:7a:21:d8:1a:
ff:bf:ca:76:c1:e0:07:23:95:ec:d2:a7:1f:f4:fc:
3f:7c:1d:15:d4:d8:40:61:78:2d:2a:18:8f:cf:7c:
72:c1:8f:d6:fb:e2:e4:c7:f9:fa:47:4c:63:c5:e7:
fd:fc:07:b6:eb:72:a2:41:91:d9:e0:ff:fc:b7:9f:
25:76:2b:ac:14:79:75:02:fe:1a:b9:68:15:a0:12:
e6:03:fa:df:af:87:b8:3d:f0:03:51:07:b9:a8:be:
4a:55:88:e0:16:5f:72:c6:c4:94:c5:b6:43:85:7f:
58:86:1f:62:a7:15:e2:bc:be:55:3c:1e:04:d3:dd:
81:e3:60:bc:a5:34:7b:66:16:7d:7d:a2:57:bd:32:
64:11:e0:d6:f2:45:d3:84:43:1b:88:a2:16:93:83:
ce:6d:ad:89:dd:ce:33:b9:f4:50:41:19:ff:be:e3:
ee:4a:45:66:65:04:9f:73:85:d7:34:66:25:44:90:
a7:1a:d5:34:00:ff:49:04:3f:32:63:3b:5a:1a:96:
c9:59:b1:5f:73:a7:02:b0:f1:5e:59:52:66:56:5e:
74:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:89:F2:67:AE:14:FB:1C:2C:A9:CF:16:BC:7C:71:F4:DB:E9:E5:33
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BYnyZ64U-xwsqc8WvHxx9Nvp5TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
45.147.224.0/24
176.125.248.0/24
185.126.82.0/24
185.218.20.0/24
185.225.0.0/23
185.240.123.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:11:46:b2:95:0c:c9:b2:cd:73:0d:be:c6:60:8a:27:c3:f5:
c3:fd:2b:92:3d:72:84:ec:91:de:4d:f8:0a:04:3e:ae:c0:c8:
d5:7f:6f:bf:bf:25:a1:f4:3e:d8:77:bc:d9:73:ac:e4:bd:a1:
2d:14:8f:19:4f:01:e2:06:b9:d3:43:ba:09:4e:ab:d9:3d:b3:
eb:8e:cf:f9:31:83:6f:ed:1a:3b:5b:d8:52:f9:2f:fe:6a:ce:
e5:9a:d9:31:36:c2:71:4f:27:0b:da:ee:98:2a:b6:67:b1:54:
71:5b:c2:47:1c:22:74:4d:c8:44:43:d1:84:75:df:3d:af:57:
bd:15:23:92:6a:66:16:92:9d:5f:ea:24:75:fe:80:ab:f3:c4:
58:30:ec:20:c0:4f:3e:3e:b6:80:3f:9f:3d:4f:f7:c9:69:f1:
89:bf:f1:f9:b8:2c:4a:b6:77:a1:4e:fb:93:ac:63:62:8f:af:
a0:ad:fc:83:c5:93:e3:9b:e0:15:4d:bf:46:b2:ee:4c:0a:0b:
52:af:d2:3e:05:39:0d:db:c6:6d:12:37:78:63:bc:b2:50:79:
a7:07:17:76:23:7f:53:6f:57:28:77:33:ea:18:a8:5f:8e:3e:
1f:c3:76:4e:9b:aa:d2:87:f4:b0:f3:a5:cf:d2:e3:d8:bd:f0:
f6:b4:41:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeT8foI9+KS6Mu96YdOA6ThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDE4MTAzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg5ZjI2N2FlMTRmYjFjMmNhOWNmMTZiYzdjNzFmNGRiZTllNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXTaJGkM0gry0hhffqsKfANffkeH
23wXks7mK1af9EjKibYaM5lJU3oh2Br/v8p2weAHI5Xs0qcf9Pw/fB0V1NhAYXgt
KhiPz3xywY/W++Lkx/n6R0xjxef9/Ae263KiQZHZ4P/8t58ldiusFHl1Av4auWgV
oBLmA/rfr4e4PfADUQe5qL5KVYjgFl9yxsSUxbZDhX9Yhh9ipxXivL5VPB4E092B
42C8pTR7ZhZ9faJXvTJkEeDW8kXThEMbiKIWk4POba2J3c4zufRQQRn/vuPuSkVm
ZQSfc4XXNGYlRJCnGtU0AP9JBD8yYztaGpbJWbFfc6cCsPFeWVJmVl50dQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAWJ8meuFPscLKnPFrx8cfTb6eUzMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQllueVo2NFUteHdzcWM4V3ZIeHg5TnZwNVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVoRAwQA
LZPgAwQAsH34AwQAuX5SAwQAudoUAwQBueEAAwQAufB7AwQAwgVAMA0GCSqGSIb3
DQEBCwUAA4IBAQCOEUaylQzJss1zDb7GYIonw/XD/SuSPXKE7JHeTfgKBD6uwMjV
f2+/vyWh9D7Yd7zZc6zkvaEtFI8ZTwHiBrnTQ7oJTqvZPbPrjs/5MYNv7Ro7W9hS
+S/+as7lmtkxNsJxTycL2u6YKrZnsVRxW8JHHCJ0TchEQ9GEdd89r1e9FSOSamYW
kp1f6iR1/oCr88RYMOwgwE8+PraAP589T/fJafGJv/H5uCxKtnehTvuTrGNij6+g
rfyDxZPjm+AVTb9Gsu5MCgtSr9I+BTkN28ZtEjd4Y7yyUHmnBxd2I39Tb1codzPq
GKhfjj4fw3ZOm6rSh/Sw86XP0uPYvfD2tEEp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org