Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/YS-rJH_08lQpWTdfOtP2Z3JyKA0.roa
File: YS-rJH_08lQpWTdfOtP2Z3JyKA0.roa (raw, json)
Hash identifier: PRr5NUWI93lAk2tM5p2KAxyFDiQW3KxYoFvuPqCj2Fc=
Subject key identifier: 61:2F:AB:24:7F:F4:F2:54:29:59:37:5F:3A:D3:F6:67:72:72:28:0D
Certificate issuer: /CN=088e0321271332afc77e4c8579f0e5559cc09c50
Certificate serial: 018B6B8627412EA1D82B9AB91D1F0E4EF09B
Authority key identifier: 08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/YS-rJH_08lQpWTdfOtP2Z3JyKA0.roa
Signing time: Thu 26 Oct 2023 10:27:15 +0000
ROA not before: Thu 26 Oct 2023 10:27:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207104
IP address blocks: 185.163.158.0/24 maxlen: 24
185.163.157.0/24 maxlen: 24
185.163.156.0/24 maxlen: 24
185.163.159.0/24 maxlen: 24
185.191.33.0/24 maxlen: 24
185.191.32.0/24 maxlen: 24
2a0a:400:3000::/36 maxlen: 36
2a0a:400:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:86:27:41:2e:a1:d8:2b:9a:b9:1d:1f:0e:4e:f0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088e0321271332afc77e4c8579f0e5559cc09c50
Validity
Not Before: Oct 26 10:27:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=612fab247ff4f2542959375f3ad3f6677272280d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:75:3d:54:02:d4:9f:27:49:ce:79:26:70:9e:
a1:e0:c6:b8:70:02:0a:9d:aa:bc:b4:99:0c:f4:a3:
31:5b:b6:d6:7e:c2:31:31:98:45:4e:25:a4:f1:a1:
f6:29:db:f7:0f:8e:dd:3a:e6:95:37:da:7f:53:ec:
f0:c1:7d:9b:c4:48:85:ef:a0:98:3e:d9:52:91:9a:
c2:17:b4:34:c8:67:7f:32:75:d2:97:3c:de:37:17:
45:6f:4e:68:8f:5d:86:31:96:a3:8f:d2:1d:15:cf:
6b:a7:70:ea:bf:9e:8b:77:eb:95:95:87:9f:7d:c3:
4d:e8:6b:40:88:8c:84:ae:9f:ab:9b:28:53:57:eb:
a1:b7:f1:46:7b:e3:66:f0:37:df:b6:e5:42:b7:ec:
23:5a:f2:45:7d:bd:71:62:07:6b:8e:82:3d:03:a5:
9d:ff:7c:b3:b9:7d:01:ac:29:c4:69:eb:db:7c:b3:
8e:15:74:df:b7:28:0e:3c:80:1f:92:2c:d7:56:e1:
2d:97:76:60:52:5d:2f:40:f2:ec:4a:d9:8b:ee:fb:
61:c4:2e:69:a2:5c:0c:b3:55:dc:42:e5:29:8a:e4:
18:26:5f:20:57:c5:99:01:bf:71:7a:b1:5c:46:bb:
46:6d:fe:9f:4e:d8:7b:91:74:56:5a:8b:c6:25:98:
66:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2F:AB:24:7F:F4:F2:54:29:59:37:5F:3A:D3:F6:67:72:72:28:0D
X509v3 Authority Key Identifier:
keyid:08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/YS-rJH_08lQpWTdfOtP2Z3JyKA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.156.0/22
185.191.32.0/23
IPv6:
2a0a:400:2000::/35
Signature Algorithm: sha256WithRSAEncryption
76:6e:bd:83:57:f9:72:3e:ba:73:d9:b5:cb:d3:29:22:44:44:
b3:d3:76:27:c8:b8:23:0a:c7:4e:cd:50:45:bf:bc:c3:4a:3c:
4e:e9:aa:9d:8f:27:c4:6a:57:44:0a:0c:0b:b4:49:ec:f1:a2:
68:fe:03:01:0b:e3:21:0d:0d:7a:e8:0f:7c:1e:bb:1b:f1:03:
d4:0e:27:51:6a:62:88:1e:ce:5a:94:f6:d5:f8:fa:2f:9c:46:
49:10:f0:08:38:00:db:3c:b5:cf:ba:54:33:ab:a1:3b:c5:9f:
d0:3e:d9:94:df:10:ca:9b:49:9a:c1:52:61:9a:28:f7:77:be:
d9:38:81:44:2d:7a:8a:c8:b8:47:0c:6b:a7:30:79:84:77:96:
8f:1d:fd:4d:48:4d:3a:0b:5b:76:2f:8e:1b:ce:09:73:3d:a4:
5a:fa:0f:86:b3:08:c8:84:f1:de:41:69:06:29:e1:2f:d9:fe:
7f:39:1f:4f:74:57:0f:d2:be:6d:30:71:7f:d1:29:fa:e7:29:
95:33:20:80:24:1f:58:df:3c:8a:2c:a6:7e:d4:e4:8f:4e:24:
20:06:52:ce:72:d1:6c:78:ec:72:89:7f:f2:b2:d1:2b:b7:39:
96:ff:37:7c:8e:4f:4d:29:8c:9d:e0:16:fc:cb:c7:09:66:c1:
38:27:9f:c2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYtrhidBLqHYK5q5HR8OTvCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OGUwMzIxMjcxMzMyYWZjNzdlNGM4NTc5ZjBlNTU1OWNj
MDljNTAwHhcNMjMxMDI2MTAyNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJmYWIyNDdmZjRmMjU0Mjk1OTM3NWYzYWQzZjY2NzcyNzIyODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnU9VALUnydJznkmcJ6h4Ma4cAIK
naq8tJkM9KMxW7bWfsIxMZhFTiWk8aH2Kdv3D47dOuaVN9p/U+zwwX2bxEiF76CY
PtlSkZrCF7Q0yGd/MnXSlzzeNxdFb05oj12GMZajj9IdFc9rp3Dqv56Ld+uVlYef
fcNN6GtAiIyErp+rmyhTV+uht/FGe+Nm8DfftuVCt+wjWvJFfb1xYgdrjoI9A6Wd
/3yzuX0BrCnEaevbfLOOFXTftygOPIAfkizXVuEtl3ZgUl0vQPLsStmL7vthxC5p
olwMs1XcQuUpiuQYJl8gV8WZAb9xerFcRrtGbf6fTth7kXRWWovGJZhmBwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGEvqyR/9PJUKVk3XzrT9mdycigNMB8GA1UdIwQY
MBaAFAiOAyEnEzKvx35MhXnw5VWcwJxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2Mt
ZjZkOTY2Y2E0ZjA3LzEvWVMtckpIXzA4bFFwV1RkZk90UDJaM0p5S0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2MtZjZkOTY2Y2E0ZjA3
LzEvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuaOcAwQB
ub8gMA4EAgACMAgDBgUqCgQAIDANBgkqhkiG9w0BAQsFAAOCAQEAdm69g1f5cj66
c9m1y9MpIkREs9N2J8i4IwrHTs1QRb+8w0o8TumqnY8nxGpXRAoMC7RJ7PGiaP4D
AQvjIQ0NeugPfB67G/ED1A4nUWpiiB7OWpT21fj6L5xGSRDwCDgA2zy1z7pUM6uh
O8Wf0D7ZlN8QyptJmsFSYZoo93e+2TiBRC16isi4RwxrpzB5hHeWjx39TUhNOgtb
di+OG84Jcz2kWvoPhrMIyITx3kFpBinhL9n+fzkfT3RXD9K+bTBxf9Ep+ucplTMg
gCQfWN88iiymftTkj04kIAZSznLRbHjscol/8rLRK7c5lv83fI5PTSmMneAW/MvH
CWbBOCefwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org