Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/y95IJzM06gldy3u35YluuXqWJJY.roa
File: y95IJzM06gldy3u35YluuXqWJJY.roa (raw, json)
Hash identifier: rpmLjYtHVvdqVg/u4KgvyDb6V93XkWaawVq4pn4xJgk=
Subject key identifier: CB:DE:48:27:33:34:EA:09:5D:CB:7B:B7:E5:89:6E:B9:7A:96:24:96
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CF8254348A5CB8D13A7E3B283DE55FBAC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/y95IJzM06gldy3u35YluuXqWJJY.roa
Signing time: Thu 11 Jan 2024 10:50:40 +0000
ROA not before: Thu 11 Jan 2024 10:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 185.210.232.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:25:43:48:a5:cb:8d:13:a7:e3:b2:83:de:55:fb:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 11 10:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbde48273334ea095dcb7bb7e5896eb97a962496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8d:7c:7e:35:62:72:37:c6:2b:fc:90:67:05:
ad:3b:ea:49:ae:db:f7:d9:1f:2c:95:f9:9f:75:9c:
a0:f1:1c:d1:e7:52:18:df:87:02:bf:2b:e7:23:44:
d1:03:f6:cb:b5:0f:a3:42:61:9d:d3:65:77:95:4c:
c0:66:e7:84:05:5d:b5:2e:bd:33:8f:67:58:72:51:
ea:96:ac:23:f4:71:7b:f3:08:78:8f:9b:e2:f9:4d:
0e:ed:76:54:31:b6:03:11:80:1c:84:67:d9:65:cd:
dc:93:87:5f:62:84:c1:dd:75:7b:9a:cc:60:49:8a:
f2:c6:63:6b:0c:36:d3:96:c9:47:ad:10:f8:06:25:
f8:82:76:e8:e3:c1:61:74:38:5c:24:55:10:ad:ba:
ac:03:4e:2f:4f:ea:91:e7:02:0c:f1:94:64:db:92:
4d:cf:b0:b7:d8:8b:7e:39:77:29:57:36:a3:34:ed:
59:37:e7:e1:03:61:1d:f0:6d:9b:24:6d:cd:b1:76:
8b:f9:7c:19:16:32:d3:01:ec:d3:79:c1:fe:f8:d7:
f6:be:e0:7e:89:0f:55:bb:8a:67:ea:aa:30:12:b3:
d7:8e:79:7b:12:70:1d:7b:ec:6f:02:63:7c:49:85:
7c:44:25:ab:67:44:90:68:3e:1b:a5:cc:e1:89:69:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DE:48:27:33:34:EA:09:5D:CB:7B:B7:E5:89:6E:B9:7A:96:24:96
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/y95IJzM06gldy3u35YluuXqWJJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.251.231.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
24:60:fb:c4:01:ce:72:2b:e5:fd:e5:ad:5c:89:ab:a7:b2:ce:
84:bd:bf:97:68:3e:2d:85:d3:cb:79:1c:4e:49:e5:89:6f:27:
d7:4c:00:23:31:bd:b3:88:c7:f5:76:4f:f9:f9:a5:f5:a6:0f:
2a:ad:32:93:11:ec:01:08:87:95:24:a4:79:09:90:4f:18:0c:
73:64:46:29:2d:42:f1:11:26:ad:8e:ed:fb:31:1b:34:e3:03:
df:d9:45:4c:36:d2:fa:b3:eb:ce:aa:49:80:5e:44:40:c3:4d:
9b:57:e6:12:35:ed:46:69:bd:57:7a:45:47:79:1b:60:79:b1:
dc:05:af:46:7f:07:0a:a2:9c:e3:69:41:9c:fb:4f:74:9c:9e:
14:3e:b0:18:e6:a2:67:cd:d3:e4:bf:a9:c1:21:87:95:85:ba:
ac:57:bf:dd:6f:aa:b3:00:c6:d3:a5:2f:f8:33:29:56:16:cf:
2f:0c:be:39:45:51:a4:96:c0:5b:d6:23:23:2d:a3:68:ce:f5:
e1:5b:fa:19:ee:3c:51:bb:a4:01:e3:e6:ed:1f:55:30:ea:47:
72:77:10:41:64:00:3b:86:8d:d6:3d:0f:ee:35:d1:b8:42:10:
3d:c5:14:5c:50:a2:52:1b:25:10:2e:aa:0b:5e:fd:63:91:f3:
08:fe:41:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYz4JUNIpcuNE6fjsoPeVfusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTExMTA1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRlNDgyNzMzMzRlYTA5NWRjYjdiYjdlNTg5NmViOTdhOTYyNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y18fjVicjfGK/yQZwWtO+pJrtv3
2R8slfmfdZyg8RzR51IY34cCvyvnI0TRA/bLtQ+jQmGd02V3lUzAZueEBV21Lr0z
j2dYclHqlqwj9HF78wh4j5vi+U0O7XZUMbYDEYAchGfZZc3ck4dfYoTB3XV7msxg
SYryxmNrDDbTlslHrRD4BiX4gnbo48FhdDhcJFUQrbqsA04vT+qR5wIM8ZRk25JN
z7C32It+OXcpVzajNO1ZN+fhA2Ed8G2bJG3NsXaL+XwZFjLTAezTecH++Nf2vuB+
iQ9Vu4pn6qowErPXjnl7EnAde+xvAmN8SYV8RCWrZ0SQaD4bpczhiWnozQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMveSCczNOoJXct7t+WJbrl6liSWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveTk1SUp6TTA2Z2xkeTN1MzVZbHV1WHFXSkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAsH34AwQA
udLoAwQAudZmAwQAud9QAwQAueEAAwQAufvnAwQAwkysMA0GCSqGSIb3DQEBCwUA
A4IBAQAkYPvEAc5yK+X95a1ciaunss6Evb+XaD4thdPLeRxOSeWJbyfXTAAjMb2z
iMf1dk/5+aX1pg8qrTKTEewBCIeVJKR5CZBPGAxzZEYpLULxESatju37MRs04wPf
2UVMNtL6s+vOqkmAXkRAw02bV+YSNe1Gab1XekVHeRtgebHcBa9GfwcKopzjaUGc
+090nJ4UPrAY5qJnzdPkv6nBIYeVhbqsV7/db6qzAMbTpS/4MylWFs8vDL45RVGk
lsBb1iMjLaNozvXhW/oZ7jxRu6QB4+btH1Uw6kdydxBBZAA7ho3WPQ/uNdG4QhA9
xRRcUKJSGyUQLqoLXv1jkfMI/kHv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org