Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yFWCC2ANZG2PC7i4jutr4Zrhzy0.roa
File: yFWCC2ANZG2PC7i4jutr4Zrhzy0.roa (raw, json)
Hash identifier: /HAeQxWJktwaQBPADYwt5vTTDZ03C4IvPTtCyCkTr9c=
Subject key identifier: C8:55:82:0B:60:0D:64:6D:8F:0B:B8:B8:8E:EB:6B:E1:9A:E1:CF:2D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193721B466DE9A1ED81D746DC47FC8CC67A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yFWCC2ANZG2PC7i4jutr4Zrhzy0.roa
Signing time: Thu 28 Nov 2024 09:30:10 +0000
ROA not before: Thu 28 Nov 2024 09:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 11:14:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:1b:46:6d:e9:a1:ed:81:d7:46:dc:47:fc:8c:c6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 28 09:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c855820b600d646d8f0bb8b88eeb6be19ae1cf2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:4e:eb:12:82:3e:b1:ca:5d:a5:fa:b4:d4:
39:b5:98:19:21:ad:3a:ec:c9:59:c2:e7:ed:d6:e2:
e8:2c:0e:77:8c:d1:cf:79:ea:1b:cc:dc:33:38:44:
97:15:79:c5:d0:c6:ac:94:64:5f:a4:35:c6:cc:dc:
82:79:e7:38:46:10:30:6e:d4:66:7d:10:7c:f3:20:
70:e9:c9:13:76:0f:b9:55:9b:4f:64:e0:88:1c:86:
36:db:fd:bc:d2:db:d3:8c:48:42:9c:3b:1a:cd:63:
87:72:ef:95:6c:ee:03:6a:b0:27:ba:39:46:85:e8:
53:21:c4:02:6a:9e:47:1c:35:ba:3c:bd:a8:1c:2f:
9a:64:e8:a1:3d:83:de:1a:7a:53:d7:db:1d:92:52:
87:2b:ac:50:e9:bb:b5:ff:b8:9b:63:47:25:22:7f:
82:6c:86:ce:09:f9:2a:f7:60:c4:e0:df:a7:18:b4:
d3:e5:0d:2a:52:30:06:09:7e:7d:d4:91:65:42:9e:
f0:74:c3:d1:a8:8a:9f:f8:a0:33:73:a3:6b:9b:ae:
fe:33:91:03:19:3f:d7:b6:a0:c7:79:47:b8:c7:64:
01:5a:95:6e:68:0c:0f:83:e0:74:4e:fe:d8:4a:5b:
0a:a7:77:8e:bd:fe:c7:6c:dc:0d:6a:65:6d:9e:f5:
f9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:55:82:0B:60:0D:64:6D:8F:0B:B8:B8:8E:EB:6B:E1:9A:E1:CF:2D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yFWCC2ANZG2PC7i4jutr4Zrhzy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:27:ac:c6:4b:dc:28:e7:d7:60:96:f9:b3:7c:66:da:34:94:
fa:65:03:61:31:25:d3:3a:49:bb:c4:98:ef:87:8c:ee:30:cd:
70:45:c1:80:b0:56:fa:49:b1:a1:a2:e7:89:0c:5d:06:c4:64:
a4:fc:17:a4:99:9f:7b:70:79:84:d3:bb:0b:df:fd:b2:01:b2:
52:bb:8e:ce:38:e2:12:cb:b6:a1:b2:b5:3f:7f:bf:98:0a:e8:
1f:ca:16:93:67:58:2f:7d:2e:23:cd:a8:40:70:35:1d:7a:bf:
8d:53:54:55:44:c1:f4:ee:16:07:20:66:4e:50:d7:28:d8:f6:
18:3d:b0:7b:a4:31:4f:60:83:4d:3c:b9:af:97:04:89:80:fb:
cf:cb:df:cb:01:e8:e6:97:c7:a1:93:f6:a1:bf:10:9e:ac:9a:
61:6b:0f:36:9a:16:c1:c9:38:6d:57:e8:63:8a:a0:55:74:bb:
ea:25:2e:5b:ee:6d:b9:2e:f5:e7:1e:f8:37:fe:29:38:0a:c5:
6b:3e:1c:0f:2a:f1:78:40:d8:d6:45:ef:30:5d:2d:ff:1e:fe:
b8:9e:2a:ec:1a:51:de:6c:3e:a4:0c:9c:44:27:e0:88:08:d5:
89:00:d1:ca:6b:34:a2:dc:10:18:ea:d9:35:20:e7:8f:ed:ea:
a9:00:d0:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNyG0Zt6aHtgddG3Ef8jMZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTI4MDkzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODU1ODIwYjYwMGQ2NDZkOGYwYmI4Yjg4ZWViNmJlMTlhZTFjZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0lO6xKCPrHKXaX6tNQ5tZgZIa06
7MlZwuft1uLoLA53jNHPeeobzNwzOESXFXnF0MaslGRfpDXGzNyCeec4RhAwbtRm
fRB88yBw6ckTdg+5VZtPZOCIHIY22/280tvTjEhCnDsazWOHcu+VbO4DarAnujlG
hehTIcQCap5HHDW6PL2oHC+aZOihPYPeGnpT19sdklKHK6xQ6bu1/7ibY0clIn+C
bIbOCfkq92DE4N+nGLTT5Q0qUjAGCX591JFlQp7wdMPRqIqf+KAzc6Nrm67+M5ED
GT/XtqDHeUe4x2QBWpVuaAwPg+B0Tv7YSlsKp3eOvf7HbNwNamVtnvX5qQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMhVggtgDWRtjwu4uI7ra+Ga4c8tMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveUZXQ0MyQU5aRzJQQzdpNGp1dHI0WnJoenkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQC/J6zGS9wo59dglvmzfGbaNJT6ZQNhMSXTOkm7xJjvh4zuMM1wRcGAsFb6
SbGhoueJDF0GxGSk/BekmZ97cHmE07sL3/2yAbJSu47OOOISy7ahsrU/f7+YCugf
yhaTZ1gvfS4jzahAcDUder+NU1RVRMH07hYHIGZOUNco2PYYPbB7pDFPYINNPLmv
lwSJgPvPy9/LAejml8ehk/ahvxCerJphaw82mhbByThtV+hjiqBVdLvqJS5b7m25
LvXnHvg3/ik4CsVrPhwPKvF4QNjWRe8wXS3/Hv64nirsGlHebD6kDJxEJ+CICNWJ
ANHKazSi3BAY6tk1IOeP7eqpANAC
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:14:47 2025 by rpki-client