Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IpsZ4R1XpXasB-rLyseaG_1CykM.roa
File: IpsZ4R1XpXasB-rLyseaG_1CykM.roa (raw, json)
Hash identifier: Vr4YqomzmCHUXPGC8ot6E3jVdT7+7JJOtJXrWlzC5Zc=
Subject key identifier: 22:9B:19:E1:1D:57:A5:76:AC:07:EA:CB:CA:C7:9A:1B:FD:42:CA:43
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191D656383E28DFEF3D9FA7C3535095DAD5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IpsZ4R1XpXasB-rLyseaG_1CykM.roa
Signing time: Mon 09 Sep 2024 10:31:00 +0000
ROA not before: Mon 09 Sep 2024 10:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 09:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:56:38:3e:28:df:ef:3d:9f:a7:c3:53:50:95:da:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 9 10:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=229b19e11d57a576ac07eacbcac79a1bfd42ca43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:69:28:94:30:d4:e2:9b:5b:30:81:b8:da:c9:
2c:fb:3a:5c:82:29:38:ea:68:f4:9a:c6:1b:25:93:
5a:75:8f:89:59:6e:28:66:5c:28:9f:13:67:d1:6f:
bc:8c:72:36:2a:ce:9b:9c:b4:5f:1c:41:70:5b:d2:
b5:83:97:1b:49:2b:0e:db:d7:c1:16:7c:a0:f5:a5:
f4:6f:25:24:06:48:4f:00:dc:d9:fc:2e:b8:4e:5a:
b4:b1:52:1a:98:48:77:39:28:48:76:4c:93:03:b1:
60:f3:8b:8c:73:92:38:da:4c:58:00:8d:49:69:46:
9d:54:cc:f7:0b:1f:55:fc:d0:fb:26:37:a8:61:af:
43:5b:a2:68:23:3c:b5:37:9e:97:68:b2:32:32:0a:
f8:05:cd:67:21:a1:4c:40:01:54:4e:8d:40:f4:c6:
be:5c:df:f8:ea:df:22:e3:0d:25:69:73:d1:75:25:
96:0d:ad:5d:e3:00:68:80:7d:3a:84:98:33:80:39:
dd:f1:5e:26:7d:cf:12:95:6d:95:df:08:ca:42:d6:
df:2e:45:f9:ad:13:89:94:94:6d:51:67:e9:fe:24:
03:ed:27:c8:c5:be:5d:c9:c6:c2:18:a5:49:1c:09:
72:9f:ab:67:e7:64:7c:6c:68:a5:9a:ee:8b:6a:91:
b5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9B:19:E1:1D:57:A5:76:AC:07:EA:CB:CA:C7:9A:1B:FD:42:CA:43
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IpsZ4R1XpXasB-rLyseaG_1CykM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:f4:71:93:a2:2b:1a:9a:2d:dc:5b:70:26:c0:aa:73:6c:f9:
74:c0:49:e9:97:4c:aa:b9:05:17:fd:1b:a2:f6:f9:6b:4a:98:
98:62:a4:82:c0:2c:a9:64:97:39:b2:26:0f:bd:76:c5:ce:86:
6b:28:c7:07:ec:c7:b1:a6:0c:7c:ad:73:d7:a0:5d:4d:b0:bc:
68:ed:d5:d5:ea:2c:4a:5e:eb:6a:0d:c3:f1:17:4a:4e:49:c8:
82:1d:7f:cd:d8:67:d5:b7:f3:2e:cf:94:a8:06:37:06:7b:93:
d1:2c:89:3c:a7:9b:6a:44:c6:20:0d:90:90:5a:94:20:32:7a:
1c:9d:98:47:25:cb:8d:54:40:50:95:85:6a:ee:96:2f:e7:1e:
f5:79:27:06:a7:e4:72:b7:d1:c3:f5:b2:ef:b2:36:fd:cd:3f:
ea:11:1a:da:2a:5e:0f:84:73:a1:70:f7:52:65:2b:51:d3:45:
bf:19:a0:ba:67:de:e8:3b:ca:ab:cb:39:f6:72:ee:4f:57:37:
10:21:23:2e:ac:5d:f4:59:a6:5d:50:ba:2e:37:a2:08:ae:2b:
6d:de:69:8c:49:ed:5a:de:3a:27:a1:d2:8b:82:49:25:d1:22:
b1:46:5d:86:5a:d2:a5:31:9d:3b:1d:fd:22:66:97:e9:85:fb:
9f:70:b5:eb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZHWVjg+KN/vPZ+nw1NQldrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwOTA5MTAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjliMTllMTFkNTdhNTc2YWMwN2VhY2JjYWM3OWExYmZkNDJjYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mkolDDU4ptbMIG42sks+zpcgik4
6mj0msYbJZNadY+JWW4oZlwonxNn0W+8jHI2Ks6bnLRfHEFwW9K1g5cbSSsO29fB
Fnyg9aX0byUkBkhPANzZ/C64Tlq0sVIamEh3OShIdkyTA7Fg84uMc5I42kxYAI1J
aUadVMz3Cx9V/ND7JjeoYa9DW6JoIzy1N56XaLIyMgr4Bc1nIaFMQAFUTo1A9Ma+
XN/46t8i4w0laXPRdSWWDa1d4wBogH06hJgzgDnd8V4mfc8SlW2V3wjKQtbfLkX5
rROJlJRtUWfp/iQD7SfIxb5dycbCGKVJHAlyn6tn52R8bGilmu6LapG1gwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCKbGeEdV6V2rAfqy8rHmhv9QspDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSXBzWjRSMVhwWGFzQi1yTHlzZWFHXzFDeWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCuXkMAwQA
ucefAwQAuc74AwQAuc77AwQBudEkAwQAudFKAwQCudKYAwQAudpmAwQAud9MAwQA
ud9QAwQAueECAwQAueJrAwQAueORAwQCueoUAwQCue7kAwQBufB4AwQAufvnMA0G
CSqGSIb3DQEBCwUAA4IBAQAd9HGToisami3cW3AmwKpzbPl0wEnpl0yquQUX/Rui
9vlrSpiYYqSCwCypZJc5siYPvXbFzoZrKMcH7Mexpgx8rXPXoF1NsLxo7dXV6ixK
XutqDcPxF0pOSciCHX/N2GfVt/Muz5SoBjcGe5PRLIk8p5tqRMYgDZCQWpQgMnoc
nZhHJcuNVEBQlYVq7pYv5x71eScGp+Ryt9HD9bLvsjb9zT/qERraKl4PhHOhcPdS
ZStR00W/GaC6Z97oO8qryzn2cu5PVzcQISMurF30WaZdULouN6IIritt3mmMSe1a
3jonodKLgkkl0SKxRl2GWtKlMZ07Hf0iZpfphfufcLXr
-----END CERTIFICATE-----
Generated at Mon Sep 30 10:56:32 2024 by rpki-client on console-fra.rpki-client.org