Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/3Yy-xr4L-DBjp6z43KfXrBfB3W4.roa
File: 3Yy-xr4L-DBjp6z43KfXrBfB3W4.roa (raw, json)
Hash identifier: xyFlRUmt3B6xzgouOP6HLbKZMsPRAmk7md/Sr54iwy0=
Subject key identifier: DD:8C:BE:C6:BE:0B:F8:30:63:A7:AC:F8:DC:A7:D7:AC:17:C1:DD:6E
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 0185A84669271B10B519D97930F349AEE293
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/3Yy-xr4L-DBjp6z43KfXrBfB3W4.roa
Signing time: Thu 12 Jan 2023 23:17:44 +0000
ROA not before: Thu 12 Jan 2023 23:17:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 185.237.81.0/24 maxlen: 24
185.237.80.0/24 maxlen: 24
194.145.136.0/24 maxlen: 24
194.145.137.0/24 maxlen: 24
185.205.16.0/24 maxlen: 24
185.86.82.0/24 maxlen: 24
185.205.18.0/24 maxlen: 24
193.36.62.0/24 maxlen: 24
185.254.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 09:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a8:46:69:27:1b:10:b5:19:d9:79:30:f3:49:ae:e2:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Jan 12 23:17:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd8cbec6be0bf83063a7acf8dca7d7ac17c1dd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:23:2e:e9:3a:4e:ad:23:26:f9:d3:56:f1:5d:
81:9c:46:ad:cf:1b:da:89:6d:fd:95:16:39:e1:84:
65:10:f2:97:fd:bd:39:2a:8c:42:fb:96:73:40:c8:
09:21:f4:35:61:72:aa:78:0c:a8:cc:0a:3b:ce:24:
9f:3a:fb:a8:c9:ba:e1:1e:62:ca:1f:6b:17:cc:6c:
48:cd:22:b6:78:8c:49:27:77:a2:0e:75:29:9c:71:
51:09:9f:f4:52:2c:6a:73:38:ae:95:aa:69:07:35:
fd:9f:73:65:66:18:04:ab:46:a8:e5:25:43:81:8d:
3a:c9:2e:99:8e:08:12:88:cf:59:c4:94:fe:5b:37:
d2:56:b5:22:73:62:da:94:79:0b:c0:a1:0e:07:a1:
91:0f:f2:ab:72:dd:41:fd:4c:bd:94:24:02:e6:93:
ee:e6:21:cd:ce:da:9c:44:c8:fd:ff:d1:3f:59:61:
6a:e7:d1:5d:61:e9:9a:0d:8e:2f:25:37:c8:f4:26:
b6:77:56:46:91:59:49:d1:18:54:87:0e:4e:b2:14:
6b:88:e7:e9:75:c3:25:28:66:19:24:b3:6b:55:0f:
e2:b3:94:cb:2d:cb:51:09:8d:80:66:1c:d6:15:7d:
0d:4e:07:87:d4:86:7e:c9:14:42:7e:f7:83:c9:49:
20:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8C:BE:C6:BE:0B:F8:30:63:A7:AC:F8:DC:A7:D7:AC:17:C1:DD:6E
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/3Yy-xr4L-DBjp6z43KfXrBfB3W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.82.0/24
185.205.16.0/24
185.205.18.0/24
185.237.80.0/23
185.254.93.0/24
193.36.62.0/24
194.145.136.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:2b:04:e9:e8:a9:87:41:4f:08:d4:7d:28:d1:78:f2:5d:56:
f2:38:37:a0:60:d1:af:8b:03:94:73:e2:dc:e8:71:f1:9e:ee:
4d:da:e9:69:ef:76:95:6e:71:52:94:39:e5:91:a9:1b:ef:d0:
fd:6d:1e:fc:b7:52:f1:0b:1f:77:3c:13:67:ef:f3:14:60:a9:
39:2c:77:58:93:a2:64:1c:d5:c4:98:92:fd:0a:8a:44:05:fb:
16:54:79:00:e8:9d:13:f3:80:f5:ec:39:6e:63:eb:f0:85:7c:
21:ba:11:57:68:75:70:0e:0d:3b:a7:f6:19:62:aa:a5:f8:d9:
35:d0:4c:e8:08:86:d0:ed:f3:39:69:14:da:8c:01:2c:f2:05:
aa:57:1b:7b:cc:e3:3e:f5:f8:09:0d:32:fc:16:63:5e:f2:ce:
a2:a7:d5:32:d7:ac:bf:20:44:b8:c8:66:95:df:a4:b0:f4:94:
89:de:c5:a8:12:72:14:e7:73:ca:06:e7:ee:db:d1:3d:09:fa:
76:82:e0:d1:9e:f7:ec:45:d3:df:2a:23:42:76:35:1c:a5:86:
b4:70:61:0b:03:ea:f5:71:50:f0:3e:be:90:05:ec:6f:b0:97:
7a:e6:8a:c7:a5:fe:22:0a:e2:85:9c:af:4e:b9:8c:25:03:6d:
14:2f:7e:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWoRmknGxC1Gdl5MPNJruKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjMwMTEyMjMxNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDhjYmVjNmJlMGJmODMwNjNhN2FjZjhkY2E3ZDdhYzE3YzFkZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiMu6TpOrSMm+dNW8V2BnEatzxva
iW39lRY54YRlEPKX/b05KoxC+5ZzQMgJIfQ1YXKqeAyozAo7ziSfOvuoybrhHmLK
H2sXzGxIzSK2eIxJJ3eiDnUpnHFRCZ/0UixqcziulappBzX9n3NlZhgEq0ao5SVD
gY06yS6ZjggSiM9ZxJT+WzfSVrUic2LalHkLwKEOB6GRD/Krct1B/Uy9lCQC5pPu
5iHNztqcRMj9/9E/WWFq59FdYemaDY4vJTfI9Ca2d1ZGkVlJ0RhUhw5OshRriOfp
dcMlKGYZJLNrVQ/is5TLLctRCY2AZhzWFX0NTgeH1IZ+yRRCfveDyUkgEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN2Mvsa+C/gwY6es+Nyn16wXwd1uMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvM1l5LXhyNEwtREJqcDZ6NDNLZlhyQmZCM1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuVZSAwQA
uc0QAwQAuc0SAwQBue1QAwQAuf5dAwQAwSQ+AwQBwpGIMA0GCSqGSIb3DQEBCwUA
A4IBAQAMKwTp6KmHQU8I1H0o0XjyXVbyODegYNGviwOUc+Lc6HHxnu5N2ulp73aV
bnFSlDnlkakb79D9bR78t1LxCx93PBNn7/MUYKk5LHdYk6JkHNXEmJL9CopEBfsW
VHkA6J0T84D17DluY+vwhXwhuhFXaHVwDg07p/YZYqql+Nk10EzoCIbQ7fM5aRTa
jAEs8gWqVxt7zOM+9fgJDTL8FmNe8s6ip9Uy16y/IES4yGaV36Sw9JSJ3sWoEnIU
53PKBufu29E9Cfp2guDRnvfsRdPfKiNCdjUcpYa0cGELA+r1cVDwPr6QBexvsJd6
5orHpf4iCuKFnK9OuYwlA20UL372
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:52 2024 by rpki-client on console-ams.rpki-client.org