Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YwhMA9PEazsNbvHecLv26zrBu2U.roa
File: YwhMA9PEazsNbvHecLv26zrBu2U.roa (raw, json)
Hash identifier: tT+c5r0qrZOvNGPdk/yCmT37XaHHDVnyxpCmNaalRDE=
Subject key identifier: 63:08:4C:03:D3:C4:6B:3B:0D:6E:F1:DE:70:BB:F6:EB:3A:C1:BB:65
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191A453D49CBD9F5E9A3AE78173013F113C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YwhMA9PEazsNbvHecLv26zrBu2U.roa
Signing time: Fri 30 Aug 2024 17:27:22 +0000
ROA not before: Fri 30 Aug 2024 17:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 09:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:53:d4:9c:bd:9f:5e:9a:3a:e7:81:73:01:3f:11:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 30 17:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63084c03d3c46b3b0d6ef1de70bbf6eb3ac1bb65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bb:3e:59:3d:c6:9a:ad:9b:4e:05:c1:24:cf:
c1:4b:ad:ba:cc:7e:42:bc:a5:bd:e1:d5:fb:24:7c:
c8:1c:bf:fe:14:ab:f4:47:cf:4b:c4:5f:6d:95:68:
a3:ae:f9:8d:92:46:e3:17:23:7c:24:85:1e:c0:60:
ce:93:93:9c:4e:9c:99:a9:76:84:12:2b:2c:c6:dd:
6f:15:9a:90:b9:a1:40:03:c9:1c:bb:67:af:36:c8:
5a:eb:90:9d:10:61:9d:8e:c0:53:ce:13:ef:a0:30:
26:02:c9:2e:a5:f0:96:9c:e4:1d:81:69:16:29:32:
04:ed:94:c9:d4:99:9f:78:37:e7:ec:1a:b2:a5:b5:
79:b6:26:7d:9c:30:70:9a:ed:53:87:e1:e5:c6:9b:
d5:d2:1a:cc:b2:56:36:b7:a5:37:41:6c:e6:80:cc:
90:89:54:cd:19:4e:6a:b1:67:2b:e9:73:ab:5c:8e:
9c:fc:04:ea:97:56:0e:2e:4f:b4:51:80:b6:1a:15:
73:68:37:38:4f:63:43:16:d1:b9:11:43:09:99:e7:
f0:d8:e3:ef:53:3f:32:74:a0:64:1f:31:8e:9c:34:
e8:ed:bd:02:29:b2:11:27:3e:ec:6e:2c:e1:69:ce:
0c:91:c7:ec:02:8d:be:54:c4:92:10:42:55:d8:fd:
51:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:08:4C:03:D3:C4:6B:3B:0D:6E:F1:DE:70:BB:F6:EB:3A:C1:BB:65
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YwhMA9PEazsNbvHecLv26zrBu2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.38.0/24
185.209.73.0/24
185.210.235.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
44:da:3b:03:c1:78:f1:37:ea:61:fb:f1:95:3a:51:4d:37:f0:
bd:4e:c6:4d:8d:31:d3:c3:70:cb:9f:3b:e6:2d:37:0d:9d:95:
e6:2b:7e:9f:23:68:4f:31:87:8e:fd:ea:31:8b:cf:d2:cd:4b:
5b:6c:9c:ca:a3:bc:6f:c3:53:c6:05:fa:14:65:2e:87:a5:45:
a6:24:89:8d:ea:5b:7f:81:bc:8d:6d:88:87:2a:72:e8:97:06:
a7:03:a7:7d:37:f7:8b:74:a5:2c:84:9e:19:3d:b7:ec:71:48:
67:a8:ec:ba:dd:d3:b7:3a:5d:3f:02:c3:c1:1f:34:a5:18:6d:
4b:2c:05:05:64:c2:52:ed:1d:54:99:21:09:5e:8f:e8:19:f5:
b3:4d:57:ec:9e:e2:59:00:b8:75:57:7f:be:84:9a:f6:79:ba:
76:97:20:4a:f8:3c:96:64:a7:76:9f:3a:31:82:4c:b2:28:45:
1b:24:95:d2:73:be:64:e7:ca:98:b0:58:16:92:63:68:c6:d7:
be:a8:03:f5:a1:3f:d1:5d:87:f2:96:40:2b:a1:05:9e:08:8a:
29:33:69:77:30:f7:28:ac:04:d3:a4:8f:d1:04:50:36:b8:fa:
96:35:c0:3c:75:1d:9a:ab:e7:8a:74:4a:35:e3:fc:36:c1:4d:
d0:6a:50:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZGkU9ScvZ9emjrngXMBPxE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODMwMTcyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA4NGMwM2QzYzQ2YjNiMGQ2ZWYxZGU3MGJiZjZlYjNhYzFiYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLs+WT3Gmq2bTgXBJM/BS626zH5C
vKW94dX7JHzIHL/+FKv0R89LxF9tlWijrvmNkkbjFyN8JIUewGDOk5OcTpyZqXaE
Eissxt1vFZqQuaFAA8kcu2evNsha65CdEGGdjsBTzhPvoDAmAskupfCWnOQdgWkW
KTIE7ZTJ1JmfeDfn7BqypbV5tiZ9nDBwmu1Th+HlxpvV0hrMslY2t6U3QWzmgMyQ
iVTNGU5qsWcr6XOrXI6c/ATql1YOLk+0UYC2GhVzaDc4T2NDFtG5EUMJmefw2OPv
Uz8ydKBkHzGOnDTo7b0CKbIRJz7sbizhac4MkcfsAo2+VMSSEEJV2P1RZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGMITAPTxGs7DW7x3nC79us6wbtlMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWXdoTUE5UEVhenNOYnZIZWNMdjI2enJCdTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAucKxAwQA
udEmAwQAudFJAwQAudLrAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQBE2jsDwXjxN+ph+/GVOlFNN/C9TsZNjTHTw3DLnzvmLTcNnZXmK36fI2hP
MYeO/eoxi8/SzUtbbJzKo7xvw1PGBfoUZS6HpUWmJImN6lt/gbyNbYiHKnLolwan
A6d9N/eLdKUshJ4ZPbfscUhnqOy63dO3Ol0/AsPBHzSlGG1LLAUFZMJS7R1UmSEJ
Xo/oGfWzTVfsnuJZALh1V3++hJr2ebp2lyBK+DyWZKd2nzoxgkyyKEUbJJXSc75k
58qYsFgWkmNoxte+qAP1oT/RXYfylkAroQWeCIopM2l3MPcorATTpI/RBFA2uPqW
NcA8dR2aq+eKdEo14/w2wU3QalBz
-----END CERTIFICATE-----
Generated at Mon Sep 30 10:56:32 2024 by rpki-client on console-fra.rpki-client.org