Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ygswiZ_xId_f4moSK_ZN_19C2U8.roa
File: ygswiZ_xId_f4moSK_ZN_19C2U8.roa (raw, json)
Hash identifier: NpmswiI8QP7BTGMFYuAtPhjdVAf2fzqeKC0+YaytSUw=
Subject key identifier: CA:0B:30:89:9F:F1:21:DF:DF:E2:6A:12:2B:F6:4D:FF:5F:42:D9:4F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191D6571F0E37D0DFA0EB8F04F702F37497
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ygswiZ_xId_f4moSK_ZN_19C2U8.roa
Signing time: Mon 09 Sep 2024 10:31:59 +0000
ROA not before: Mon 09 Sep 2024 10:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 09:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:57:1f:0e:37:d0:df:a0:eb:8f:04:f7:02:f3:74:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 9 10:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca0b30899ff121dfdfe26a122bf64dff5f42d94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:89:ee:e4:d3:21:7c:f6:1c:71:98:c7:84:
a1:5e:20:7e:0b:65:08:df:7c:2f:7c:ef:dc:22:f2:
e6:64:54:e9:7c:13:60:96:79:3b:27:d8:5a:b5:d6:
2c:6c:6f:5a:c0:5a:f4:76:49:7b:a7:e6:b3:fc:d5:
b8:96:1e:56:eb:d8:2d:32:14:64:21:57:ad:9d:52:
1a:40:3e:e9:7f:dc:e5:65:ea:11:5a:db:cb:1c:44:
86:61:cd:38:ac:89:96:e2:64:96:03:55:b5:c2:d3:
7b:bb:36:c9:4e:df:09:71:f6:f0:3d:0e:6e:03:7e:
f0:7d:72:25:67:f8:e0:23:93:4c:4f:24:ba:a0:0c:
0a:51:9d:88:92:0a:27:4a:18:64:2d:dc:c5:00:e1:
d8:2f:f5:c9:11:65:f8:73:29:db:a0:bf:be:d8:83:
ef:ce:5c:fe:22:fd:05:02:70:61:c5:35:68:f8:20:
ad:cc:8a:e0:fd:d9:fc:24:75:9c:b6:b5:4b:c3:0b:
55:1a:00:b6:40:99:0b:92:87:86:15:43:f0:bd:14:
95:94:cc:0f:7b:65:49:5c:ca:c1:61:71:94:67:65:
d0:12:48:89:51:b4:e5:85:6f:b5:39:18:d8:1f:a8:
72:fe:e4:21:db:a3:f6:f6:53:b6:6d:e9:12:4e:77:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0B:30:89:9F:F1:21:DF:DF:E2:6A:12:2B:F6:4D:FF:5F:42:D9:4F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ygswiZ_xId_f4moSK_ZN_19C2U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:b9:19:dd:c2:f9:d0:d7:8d:17:89:25:bc:90:60:f9:58:9e:
6b:bb:90:bd:df:bf:f2:90:96:be:a0:b3:91:43:96:48:d7:72:
84:9d:13:51:3a:2d:10:f3:7c:ee:54:c4:71:1c:79:10:e9:0a:
76:71:2c:a0:4c:9e:34:94:e1:8e:88:68:9a:e7:7a:0b:d1:a4:
b1:06:0f:33:21:58:3e:0d:67:b9:bc:67:b8:86:08:a2:ec:1e:
21:be:28:7a:70:3f:3e:3e:0b:6f:f1:51:ac:85:7b:92:5b:eb:
a0:1b:09:8c:e6:c6:46:ae:f8:25:3b:9d:1f:13:23:d8:97:5c:
a2:59:c2:6b:9c:7a:53:c8:90:2d:be:05:ce:42:9c:ca:99:28:
32:14:1e:56:1a:48:0c:1a:0d:6a:09:59:03:08:bb:72:e1:72:
9d:76:68:27:78:70:b3:99:a0:ac:76:29:a6:19:46:79:e2:60:
cb:0d:07:f8:9d:c4:91:ea:36:86:c7:b9:40:30:94:81:9a:7a:
4d:47:8c:bc:3a:f3:e7:f9:b3:e9:4c:5b:78:29:80:ef:32:3b:
ec:be:0f:c0:7e:26:6c:1f:5b:09:3d:c5:03:a1:ff:60:a8:df:
d2:bb:33:e5:55:a9:0c:52:fd:92:51:02:52:c9:ac:aa:6f:80:
ab:ff:e7:51
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZHWVx8ON9DfoOuPBPcC83SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwOTA5MTAzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBiMzA4OTlmZjEyMWRmZGZlMjZhMTIyYmY2NGRmZjVmNDJkOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHaJ7uTTIXz2HHGYx4ShXiB+C2UI
33wvfO/cIvLmZFTpfBNglnk7J9hatdYsbG9awFr0dkl7p+az/NW4lh5W69gtMhRk
IVetnVIaQD7pf9zlZeoRWtvLHESGYc04rImW4mSWA1W1wtN7uzbJTt8JcfbwPQ5u
A37wfXIlZ/jgI5NMTyS6oAwKUZ2IkgonShhkLdzFAOHYL/XJEWX4cynboL++2IPv
zlz+Iv0FAnBhxTVo+CCtzIrg/dn8JHWctrVLwwtVGgC2QJkLkoeGFUPwvRSVlMwP
e2VJXMrBYXGUZ2XQEkiJUbTlhW+1ORjYH6hy/uQh26P29lO2bekSTncmAwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMoLMImf8SHf3+JqEiv2Tf9fQtlPMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveWdzd2laX3hJZF9mNG1vU0tfWk5fMTlDMlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
uX5SAwQAudoUAwQAudplAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAueRLAwQB
wQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQCMuRndwvnQ140XiSW8kGD5WJ5r
u5C937/ykJa+oLORQ5ZI13KEnRNROi0Q83zuVMRxHHkQ6Qp2cSygTJ40lOGOiGia
53oL0aSxBg8zIVg+DWe5vGe4hgii7B4hvih6cD8+Pgtv8VGshXuSW+ugGwmM5sZG
rvglO50fEyPYl1yiWcJrnHpTyJAtvgXOQpzKmSgyFB5WGkgMGg1qCVkDCLty4XKd
dmgneHCzmaCsdimmGUZ54mDLDQf4ncSR6jaGx7lAMJSBmnpNR4y8OvPn+bPpTFt4
KYDvMjvsvg/AfiZsH1sJPcUDof9gqN/SuzPlVakMUv2SUQJSyayqb4Cr/+dR
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:08:32 2024 by rpki-client on console-ams.rpki-client.org