Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ycrw5on9i6wKcK5e-Z0M5vC_v5k.roa
File: ycrw5on9i6wKcK5e-Z0M5vC_v5k.roa (raw, json)
Hash identifier: 9KmpUzQ9W7H+QbbEBBzC8XZIrFKyOP5Wh9J3bSptWR4=
Subject key identifier: C9:CA:F0:E6:89:FD:8B:AC:0A:70:AE:5E:F9:9D:0C:E6:F0:BF:BF:99
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B2E24A71E6F38C7F7DBB5D1AF6AC9C3DD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ycrw5on9i6wKcK5e-Z0M5vC_v5k.roa
Signing time: Sat 14 Oct 2023 12:23:55 +0000
ROA not before: Sat 14 Oct 2023 12:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 18:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:24:a7:1e:6f:38:c7:f7:db:b5:d1:af:6a:c9:c3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 12:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9caf0e689fd8bac0a70ae5ef99d0ce6f0bfbf99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:22:6b:31:07:3c:72:d7:de:e7:b4:c8:61:c5:
9f:45:6d:81:0d:74:71:64:ea:42:59:96:b5:94:49:
d1:1b:18:84:1f:23:4b:56:78:93:2f:77:e1:3b:9a:
bd:21:a5:0a:5c:39:b5:1b:2e:78:79:a2:e3:52:6b:
94:e9:60:34:e8:37:51:e6:6b:18:0f:5c:e4:14:ef:
43:b4:ff:44:78:6d:c2:c6:0a:c7:9a:07:f0:2c:ff:
8d:ce:c7:a1:b9:50:69:3c:0a:03:fa:c5:a6:59:cc:
14:40:ce:62:d2:26:f0:0c:b8:dc:7d:ad:a3:53:3f:
b7:a8:e0:0d:6b:b8:36:90:44:6e:a0:bd:04:96:f7:
b1:d3:e6:16:82:b7:1d:3d:0c:bc:c3:b3:8a:ef:4c:
32:41:01:2c:0a:b0:0e:9c:7f:be:18:27:5a:c6:a6:
80:98:eb:77:cc:9a:17:1e:9b:f2:be:a6:d1:8f:c7:
ae:9a:a3:56:14:4f:8a:a6:45:58:06:73:7d:04:43:
a0:1b:8c:1a:f4:28:16:78:2c:49:3a:da:10:80:79:
52:86:d6:93:0b:6e:f9:0b:70:a1:64:56:6f:ae:77:
b3:c9:ba:04:93:dd:4d:a8:38:a0:2e:07:1d:8f:1d:
7a:3a:ee:37:96:74:66:4f:18:d8:83:88:77:f0:5d:
f5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CA:F0:E6:89:FD:8B:AC:0A:70:AE:5E:F9:9D:0C:E6:F0:BF:BF:99
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ycrw5on9i6wKcK5e-Z0M5vC_v5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
29:73:6a:c5:15:18:f1:32:86:f6:93:b6:26:b6:1b:82:6d:58:
37:0b:9b:38:66:4f:5e:f2:42:29:48:91:5a:b3:33:7a:b8:f6:
78:98:dd:b7:40:36:70:42:c1:6a:0c:35:65:8b:a8:c3:ea:b4:
71:83:6c:ee:65:ff:67:d8:ee:22:4a:f7:09:f0:0a:73:7c:c5:
f8:19:f5:50:ab:7d:2c:dc:e7:85:90:65:5b:39:3d:bd:3d:38:
c8:22:c6:61:e1:e3:79:1d:a7:ff:f9:e2:a6:ee:46:2d:a7:e1:
cf:78:eb:60:59:f9:b0:e9:c8:fe:47:cd:56:51:25:44:51:d6:
95:85:81:b4:2f:a0:39:e7:3d:8f:47:26:96:a4:ae:4f:d2:8d:
9a:57:1a:08:62:d9:45:06:a3:db:2c:3b:d6:80:1c:32:0f:9e:
c5:da:ad:88:e6:70:05:1e:9b:ad:a1:ce:32:07:23:5e:92:1f:
1c:f2:82:24:e3:a1:7a:7f:12:b9:4b:a4:f4:0a:a0:42:1a:25:
2f:94:11:c1:7a:50:9e:eb:15:3c:33:97:d7:a8:af:89:c7:c1:
ae:bc:89:ac:e8:18:14:5c:d7:73:f9:a8:ad:e4:81:fb:32:6b:
e3:c8:fe:e4:23:96:1f:c6:22:44:02:70:08:c8:7a:9d:69:e3:
1d:37:6a:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYsuJKcebzjH99u10a9qycPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDE0MTIyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWNhZjBlNjg5ZmQ4YmFjMGE3MGFlNWVmOTlkMGNlNmYwYmZiZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryJrMQc8ctfe57TIYcWfRW2BDXRx
ZOpCWZa1lEnRGxiEHyNLVniTL3fhO5q9IaUKXDm1Gy54eaLjUmuU6WA06DdR5msY
D1zkFO9DtP9EeG3CxgrHmgfwLP+NzsehuVBpPAoD+sWmWcwUQM5i0ibwDLjcfa2j
Uz+3qOANa7g2kERuoL0Elvex0+YWgrcdPQy8w7OK70wyQQEsCrAOnH++GCdaxqaA
mOt3zJoXHpvyvqbRj8eumqNWFE+KpkVYBnN9BEOgG4wa9CgWeCxJOtoQgHlShtaT
C275C3ChZFZvrnezyboEk91NqDigLgcdjx16Ou43lnRmTxjYg4h38F31HwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMnK8OaJ/YusCnCuXvmdDObwv7+ZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveWNydzVvbjlpNndLY0s1ZS1aME01dkNfdjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQA
LZPgAwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAufZyAwQAufvlAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQApc2rFFRjxMob2k7YmthuCbVg3C5s4Zk9e
8kIpSJFaszN6uPZ4mN23QDZwQsFqDDVli6jD6rRxg2zuZf9n2O4iSvcJ8ApzfMX4
GfVQq30s3OeFkGVbOT29PTjIIsZh4eN5Haf/+eKm7kYtp+HPeOtgWfmw6cj+R81W
USVEUdaVhYG0L6A55z2PRyaWpK5P0o2aVxoIYtlFBqPbLDvWgBwyD57F2q2I5nAF
Hputoc4yByNekh8c8oIk46F6fxK5S6T0CqBCGiUvlBHBelCe6xU8M5fXqK+Jx8Gu
vIms6BgUXNdz+ait5IH7MmvjyP7kI5YfxiJEAnAIyHqdaeMdN2oB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org