Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2a7bf4-3454-4d14-9e0c-183f9975fc94/1/YO0KBI1uGMQ0cARb-5WHCpKyq0A.roa
File: YO0KBI1uGMQ0cARb-5WHCpKyq0A.roa (raw, json)
Hash identifier: cogKVcefvn74W0aqtcs223CuaM2X6uMms8fIOwRLRJU=
Subject key identifier: 60:ED:0A:04:8D:6E:18:C4:34:70:04:5B:FB:95:87:0A:92:B2:AB:40
Certificate issuer: /CN=b40d494333cb4d9e5fd10c846c47cf56445c503a
Certificate serial: 01856C7816E4223EBDFAAC272E43402F4EC3
Authority key identifier: B4:0D:49:43:33:CB:4D:9E:5F:D1:0C:84:6C:47:CF:56:44:5C:50:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tA1JQzPLTZ5f0QyEbEfPVkRcUDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2a7bf4-3454-4d14-9e0c-183f9975fc94/1/YO0KBI1uGMQ0cARb-5WHCpKyq0A.roa
Signing time: Sun 01 Jan 2023 08:34:47 +0000
ROA not before: Sun 01 Jan 2023 08:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203068
IP address blocks: 185.145.179.0/24 maxlen: 24
185.145.176.0/24 maxlen: 24
185.145.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:16:e4:22:3e:bd:fa:ac:27:2e:43:40:2f:4e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40d494333cb4d9e5fd10c846c47cf56445c503a
Validity
Not Before: Jan 1 08:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60ed0a048d6e18c43470045bfb95870a92b2ab40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:95:2a:64:65:82:fa:b9:03:d2:de:3e:a4:59:
1a:1e:8c:ea:3f:70:dc:b3:25:46:88:67:fc:06:3c:
b4:43:e0:bf:37:ca:34:bb:b9:5c:3a:82:f7:9e:d9:
94:ab:36:ec:79:c4:19:4a:2b:46:b8:c8:9e:51:58:
87:fe:77:bc:dd:db:95:46:97:41:4b:ff:27:47:b8:
39:56:64:c4:1b:f8:a3:82:54:a8:b0:b4:39:b5:39:
2e:35:db:7a:c6:a8:a2:c1:2f:0f:2c:db:c7:7b:7d:
53:85:17:5c:d1:4b:29:01:81:00:64:f9:50:36:08:
e1:0e:8e:83:72:8e:3e:38:c2:1a:fc:92:4d:bc:3d:
50:c5:ef:75:fa:e1:d9:bf:82:e0:fa:fc:70:08:99:
cf:b6:13:34:d1:5a:14:6f:38:53:d5:29:53:e8:47:
fe:7e:f2:fe:2e:64:ea:6b:69:25:11:f4:c9:60:3e:
42:41:ab:99:90:0d:c9:67:21:97:52:f4:ef:ba:c9:
eb:04:f1:82:c6:3e:a2:9d:af:ba:21:b8:09:f2:14:
39:d2:81:d5:90:b0:00:ee:77:46:8d:9e:30:e8:16:
64:ad:b7:00:2d:53:09:33:44:80:83:41:5c:e2:29:
5b:2a:3c:7b:28:33:73:4a:70:98:e7:23:9f:c6:07:
01:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:ED:0A:04:8D:6E:18:C4:34:70:04:5B:FB:95:87:0A:92:B2:AB:40
X509v3 Authority Key Identifier:
keyid:B4:0D:49:43:33:CB:4D:9E:5F:D1:0C:84:6C:47:CF:56:44:5C:50:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tA1JQzPLTZ5f0QyEbEfPVkRcUDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2a7bf4-3454-4d14-9e0c-183f9975fc94/1/YO0KBI1uGMQ0cARb-5WHCpKyq0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2a7bf4-3454-4d14-9e0c-183f9975fc94/1/tA1JQzPLTZ5f0QyEbEfPVkRcUDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.176.0/23
185.145.179.0/24
Signature Algorithm: sha256WithRSAEncryption
e4:2e:15:b3:53:12:18:27:a5:eb:14:c4:62:8c:ff:32:42:71:
de:b5:94:6e:19:b1:9d:5c:a2:5d:aa:d4:12:42:4a:35:90:5c:
bf:19:fb:7f:48:8c:70:10:73:07:80:ce:1b:35:fe:aa:49:2c:
3e:a7:a3:ed:5a:0d:e0:75:bc:1e:f1:5e:03:39:68:8d:d4:34:
24:c3:eb:8f:3e:5a:20:b0:e0:48:38:89:fb:4e:10:cb:28:e6:
3f:ea:28:72:50:f3:d7:52:48:75:e0:f4:23:08:1a:e2:39:38:
fe:b9:14:8b:58:74:37:41:5b:d7:f6:60:77:ed:bc:a3:01:b4:
a2:bd:e7:b0:d1:87:81:05:25:c3:29:4f:ef:dd:18:ab:ff:67:
53:8e:ba:49:86:7b:10:b5:14:af:ae:34:3f:63:77:51:bf:c0:
b0:aa:1a:28:94:15:b9:3b:c2:1c:90:13:4e:d6:cd:e2:11:0e:
38:64:21:1e:bd:be:43:c4:81:bd:ed:3a:59:f8:34:66:5b:1c:
82:5b:50:dc:79:c9:ac:5c:62:53:62:b2:9c:14:0e:0f:b3:03:
ab:9d:ca:43:0d:76:e5:8e:d9:97:1a:a0:09:db:56:ac:2a:f2:
ed:7f:a3:1f:57:ea:90:80:6b:f9:95:be:e7:3f:95:21:11:9c:
64:3b:80:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVseBbkIj69+qwnLkNAL07DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGQ0OTQzMzNjYjRkOWU1ZmQxMGM4NDZjNDdjZjU2NDQ1
YzUwM2EwHhcNMjMwMTAxMDgzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVkMGEwNDhkNmUxOGM0MzQ3MDA0NWJmYjk1ODcwYTkyYjJhYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZUqZGWC+rkD0t4+pFkaHozqP3Dc
syVGiGf8Bjy0Q+C/N8o0u7lcOoL3ntmUqzbsecQZSitGuMieUViH/ne83duVRpdB
S/8nR7g5VmTEG/ijglSosLQ5tTkuNdt6xqiiwS8PLNvHe31ThRdc0UspAYEAZPlQ
NgjhDo6Dco4+OMIa/JJNvD1Qxe91+uHZv4Lg+vxwCJnPthM00VoUbzhT1SlT6Ef+
fvL+LmTqa2klEfTJYD5CQauZkA3JZyGXUvTvusnrBPGCxj6ina+6IbgJ8hQ50oHV
kLAA7ndGjZ4w6BZkrbcALVMJM0SAg0Fc4ilbKjx7KDNzSnCY5yOfxgcB3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDtCgSNbhjENHAEW/uVhwqSsqtAMB8GA1UdIwQY
MBaAFLQNSUMzy02eX9EMhGxHz1ZEXFA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEExSlF6UExUWjVmMFF5RWJFZlBWa1JjVURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYTdiZjQtMzQ1NC00ZDE0LTllMGMt
MTgzZjk5NzVmYzk0LzEvWU8wS0JJMXVHTVEwY0FSYi01V0hDcEt5cTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYTdiZjQtMzQ1NC00ZDE0LTllMGMtMTgzZjk5NzVmYzk0
LzEvdEExSlF6UExUWjVmMFF5RWJFZlBWa1JjVURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuZGwAwQA
uZGzMA0GCSqGSIb3DQEBCwUAA4IBAQDkLhWzUxIYJ6XrFMRijP8yQnHetZRuGbGd
XKJdqtQSQko1kFy/Gft/SIxwEHMHgM4bNf6qSSw+p6PtWg3gdbwe8V4DOWiN1DQk
w+uPPlogsOBIOIn7ThDLKOY/6ihyUPPXUkh14PQjCBriOTj+uRSLWHQ3QVvX9mB3
7byjAbSiveew0YeBBSXDKU/v3Rir/2dTjrpJhnsQtRSvrjQ/Y3dRv8CwqhoolBW5
O8IckBNO1s3iEQ44ZCEevb5DxIG97TpZ+DRmWxyCW1DcecmsXGJTYrKcFA4PswOr
ncpDDXbljtmXGqAJ21asKvLtf6MfV+qQgGv5lb7nP5UhEZxkO4Ag
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:17 2024 by rpki-client on console-fra.rpki-client.org