Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yfBMK5LWC3WLG2x7C23cuUBrK2U.roa
File: yfBMK5LWC3WLG2x7C23cuUBrK2U.roa (raw, json)
Hash identifier: YYunT6r+3h5JJOEkjNRI08neXD4bgeatj2IAa47nw1c=
Subject key identifier: C9:F0:4C:2B:92:D6:0B:75:8B:1B:6C:7B:0B:6D:DC:B9:40:6B:2B:65
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BE88042B580A1DE43C3AB537AF3FCCAAC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yfBMK5LWC3WLG2x7C23cuUBrK2U.roa
Signing time: Sun 19 Nov 2023 16:53:21 +0000
ROA not before: Sun 19 Nov 2023 16:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.222.30.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Dec 2023 22:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e8:80:42:b5:80:a1:de:43:c3:ab:53:7a:f3:fc:ca:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 19 16:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9f04c2b92d60b758b1b6c7b0b6ddcb9406b2b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d9:07:bb:b1:3f:c7:3b:f6:6c:33:57:66:c6:
c7:b3:6a:02:93:f3:fc:89:b2:67:9b:a7:c2:57:f7:
9f:12:3d:eb:99:83:2b:61:cd:3a:e8:b7:84:4e:b9:
e5:af:42:5a:fc:d2:87:21:04:34:59:6e:c2:71:81:
4d:8b:08:6c:42:ca:64:b1:ce:03:c9:ac:11:14:cc:
e3:ab:82:af:b6:01:a1:52:fc:52:cb:2e:57:78:bd:
d5:cd:bd:5c:5a:37:39:62:cc:83:c1:2a:8c:be:18:
74:5d:97:3d:7a:42:18:bd:86:28:82:f8:1d:4f:07:
2b:66:d9:b5:0d:82:7a:c6:5e:05:9a:17:20:c7:e5:
a4:82:43:cd:25:9f:e0:11:a1:bd:23:80:ee:1b:57:
fa:34:36:23:c5:66:fa:81:0c:d2:08:46:23:60:18:
53:11:df:96:0d:50:a8:8f:11:0c:4b:37:bd:d3:ac:
ef:07:6d:19:ed:da:00:a1:b7:6f:48:e1:17:ff:3f:
37:b5:2a:77:02:c0:e2:5a:27:be:b1:cb:d4:87:f2:
69:30:18:a1:1a:a8:df:06:61:59:3c:88:4e:f7:9f:
53:45:63:6c:ca:b4:6a:7e:8d:26:6e:31:55:25:cc:
42:e9:2d:84:bd:04:3b:50:b2:55:2d:2b:62:8b:67:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F0:4C:2B:92:D6:0B:75:8B:1B:6C:7B:0B:6D:DC:B9:40:6B:2B:65
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yfBMK5LWC3WLG2x7C23cuUBrK2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/23
185.222.30.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:be:b9:16:cf:d9:cd:08:73:eb:1a:0b:da:e4:6b:19:58:78:
df:8b:c2:8a:b1:8d:54:46:4c:fc:21:0a:88:92:72:33:42:e0:
56:ff:a2:83:39:1c:10:6c:e9:f0:7a:4e:bb:75:69:3f:1c:04:
35:52:bf:63:e2:c8:0d:60:3b:d1:28:b1:17:4a:ed:92:e1:8d:
1e:07:a4:07:bb:8a:13:1d:f3:6e:f4:02:1a:88:76:27:70:bf:
8c:54:3f:60:ff:71:ff:ae:56:af:cc:e0:1c:56:de:0a:92:f2:
34:25:e9:47:5c:5a:11:8f:24:de:80:da:b4:6b:0c:a4:b3:df:
7a:0a:10:db:bc:d0:2e:d8:5f:b7:ac:68:d4:ed:99:6c:90:6c:
eb:be:ef:d6:a1:54:18:08:47:45:0a:d3:82:90:b1:d9:e8:84:
d8:51:7f:da:72:36:a7:26:74:d5:70:a2:d3:09:86:c0:61:38:
e9:df:a9:5f:13:ef:96:c8:85:00:00:8c:f9:c4:e3:cd:82:37:
f4:e7:40:f2:7d:39:53:eb:3d:1f:44:ec:42:77:02:45:2c:db:
8f:b0:74:e6:83:e5:b2:12:40:8a:4f:e1:53:ce:fe:75:41:d5:
36:cc:14:5e:34:01:80:63:47:d5:67:90:0c:af:9f:c0:2e:f4:
f9:42:95:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYvogEK1gKHeQ8OrU3rz/MqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE5MTY1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYwNGMyYjkyZDYwYjc1OGIxYjZjN2IwYjZkZGNiOTQwNmIyYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9kHu7E/xzv2bDNXZsbHs2oCk/P8
ibJnm6fCV/efEj3rmYMrYc066LeETrnlr0Ja/NKHIQQ0WW7CcYFNiwhsQspksc4D
yawRFMzjq4KvtgGhUvxSyy5XeL3Vzb1cWjc5YsyDwSqMvhh0XZc9ekIYvYYogvgd
TwcrZtm1DYJ6xl4Fmhcgx+WkgkPNJZ/gEaG9I4DuG1f6NDYjxWb6gQzSCEYjYBhT
Ed+WDVCojxEMSze906zvB20Z7doAobdvSOEX/z83tSp3AsDiWie+scvUh/JpMBih
GqjfBmFZPIhO959TRWNsyrRqfo0mbjFVJcxC6S2EvQQ7ULJVLStii2fBKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMnwTCuS1gt1ixtsewtt3LlAaytlMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveWZCTUs1TFdDM1dMRzJ4N0MyM2N1VUJySzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVoTAwQA
uSTMAwQBuc74AwQAud4eAwQBufB4AwQAufZzMA0GCSqGSIb3DQEBCwUAA4IBAQCa
vrkWz9nNCHPrGgva5GsZWHjfi8KKsY1URkz8IQqIknIzQuBW/6KDORwQbOnwek67
dWk/HAQ1Ur9j4sgNYDvRKLEXSu2S4Y0eB6QHu4oTHfNu9AIaiHYncL+MVD9g/3H/
rlavzOAcVt4KkvI0JelHXFoRjyTegNq0awyks996ChDbvNAu2F+3rGjU7ZlskGzr
vu/WoVQYCEdFCtOCkLHZ6ITYUX/acjanJnTVcKLTCYbAYTjp36lfE++WyIUAAIz5
xOPNgjf050DyfTlT6z0fROxCdwJFLNuPsHTmg+WyEkCKT+FTzv51QdU2zBReNAGA
Y0fVZ5AMr5/ALvT5QpU8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org