Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yrtx8CYHPkjMkX3K6RmGnYU0czE.roa
File: Yrtx8CYHPkjMkX3K6RmGnYU0czE.roa (raw, json)
Hash identifier: 2xC/6kG30nqVU4wBJnLRCq4dxU+kWu/L5JsV0cubKmw=
Subject key identifier: 62:BB:71:F0:26:07:3E:48:CC:91:7D:CA:E9:19:86:9D:85:34:73:31
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC802734DF0CCDA9B50D50F4B29265D35
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yrtx8CYHPkjMkX3K6RmGnYU0czE.roa
Signing time: Tue 02 Jan 2024 02:30:52 +0000
ROA not before: Tue 02 Jan 2024 02:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 17:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:73:4d:f0:cc:da:9b:50:d5:0f:4b:29:26:5d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62bb71f026073e48cc917dcae919869d85347331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4a:c5:58:7c:8a:7d:d6:dd:e1:b1:f3:7c:79:
f2:33:4c:c3:73:e2:c2:02:b6:ad:5d:72:a6:43:1d:
a1:69:aa:f5:5b:5e:c6:ad:ac:19:10:d4:15:be:22:
3e:65:32:61:cf:3c:3d:ac:34:fb:8e:a9:f1:33:75:
8e:d0:7f:03:3a:78:02:f5:24:61:4d:f4:9c:68:7b:
dc:89:95:5c:e8:44:38:1b:36:73:af:b3:e1:7f:68:
11:62:18:6b:77:e7:e1:62:bf:c9:25:dc:86:5e:98:
5e:5e:cd:a0:cd:81:13:40:b2:2e:c2:36:df:21:0a:
1d:f7:dc:27:fe:f8:8d:ce:09:bd:0f:9a:a2:fd:2d:
49:f5:ac:54:71:eb:c4:61:3f:f9:6f:0b:7f:e5:df:
83:f9:0b:32:40:7f:48:4c:39:65:64:9e:34:47:94:
27:a9:ff:42:12:41:ff:fd:d7:6c:23:cc:20:77:9a:
d0:74:1f:7d:4e:18:34:ef:8b:3f:d9:85:cf:e5:0e:
88:c5:76:b7:2f:62:78:00:3e:02:15:f0:7c:af:80:
d9:43:7d:9d:7e:5e:a6:b5:56:6e:44:24:97:d6:48:
50:06:15:38:86:a4:88:5e:47:3c:e6:87:ec:4a:d8:
9b:69:e6:79:26:d2:b4:cf:cc:7d:63:5f:16:35:2c:
b6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BB:71:F0:26:07:3E:48:CC:91:7D:CA:E9:19:86:9D:85:34:73:31
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Yrtx8CYHPkjMkX3K6RmGnYU0czE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.223.80.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
56:a0:b8:61:69:32:25:b1:c0:a5:2e:a9:a1:c8:03:25:8d:8d:
3d:1e:06:eb:02:65:04:2c:55:23:ff:da:19:9a:51:57:7c:a7:
69:d2:8e:3f:e4:ab:19:08:c0:5a:d9:ec:5f:e6:3e:97:dc:ee:
ab:d0:5f:ba:7f:b0:51:23:64:e3:8f:47:dc:72:8a:7e:0c:98:
0d:86:68:77:65:88:95:21:11:5f:4b:f4:51:34:0f:e6:4a:32:
a3:67:11:97:8f:93:23:a2:17:ef:ab:3c:97:5b:00:e5:db:be:
f6:00:5f:ae:42:bc:42:81:17:d3:d8:72:a6:40:9c:c3:c0:ff:
c8:0b:d3:bb:b0:8b:c1:e6:7c:b6:f0:99:5b:2d:81:18:56:38:
6e:46:d2:f3:4c:58:9e:6c:fd:1b:cd:16:4d:b6:3e:64:2f:e3:
40:dc:cf:d6:5e:27:d4:11:f0:d2:10:8f:00:0e:24:88:09:3d:
7b:bf:a6:cb:fc:d2:b6:a4:1f:27:5a:61:fe:86:79:c4:30:96:
30:a8:46:50:08:77:d4:b4:3d:85:d3:4c:a9:f9:d0:4b:98:46:
c6:a1:bb:09:6a:7b:e5:b0:27:0c:4b:32:b7:a1:de:15:c0:7c:
ea:17:18:02:4a:d2:6e:1b:66:64:f1:59:c8:63:64:87:6b:ca:
f3:aa:c4:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAnNN8Mzam1DVD0spJl01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJiNzFmMDI2MDczZTQ4Y2M5MTdkY2FlOTE5ODY5ZDg1MzQ3MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUrFWHyKfdbd4bHzfHnyM0zDc+LC
AratXXKmQx2haar1W17GrawZENQVviI+ZTJhzzw9rDT7jqnxM3WO0H8DOngC9SRh
TfScaHvciZVc6EQ4GzZzr7Phf2gRYhhrd+fhYr/JJdyGXpheXs2gzYETQLIuwjbf
IQod99wn/viNzgm9D5qi/S1J9axUcevEYT/5bwt/5d+D+QsyQH9ITDllZJ40R5Qn
qf9CEkH//ddsI8wgd5rQdB99Thg074s/2YXP5Q6IxXa3L2J4AD4CFfB8r4DZQ32d
fl6mtVZuRCSX1khQBhU4hqSIXkc85ofsStibaeZ5JtK0z8x9Y18WNSy2YQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGK7cfAmBz5IzJF9yukZhp2FNHMxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWXJ0eDhDWUhQa2pNa1gzSzZSbUduWVUwY3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsH34AwQA
ud9QAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBWoLhhaTIlscClLqmhyAMljY09
HgbrAmUELFUj/9oZmlFXfKdp0o4/5KsZCMBa2exf5j6X3O6r0F+6f7BRI2Tjj0fc
cop+DJgNhmh3ZYiVIRFfS/RRNA/mSjKjZxGXj5MjohfvqzyXWwDl2772AF+uQrxC
gRfT2HKmQJzDwP/IC9O7sIvB5ny28JlbLYEYVjhuRtLzTFiebP0bzRZNtj5kL+NA
3M/WXifUEfDSEI8ADiSICT17v6bL/NK2pB8nWmH+hnnEMJYwqEZQCHfUtD2F00yp
+dBLmEbGobsJanvlsCcMSzK3od4VwHzqFxgCStJuG2Zk8VnIY2SHa8rzqsRK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org