Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/Y8BQ_29J40lHFkYW3P4JiE4J2gI.roa
File: Y8BQ_29J40lHFkYW3P4JiE4J2gI.roa (raw, json)
Hash identifier: IRhC8T6m7b0gEq5H0W1VRJLJX3wcK8iulaTNOZf1scQ=
Subject key identifier: 63:C0:50:FF:6F:49:E3:49:47:16:46:16:DC:FE:09:88:4E:09:DA:02
Certificate issuer: /CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Certificate serial: 01856F5499CBA5DF0ED9F966D4B5CD12BA7B
Authority key identifier: 69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/Y8BQ_29J40lHFkYW3P4JiE4J2gI.roa
Signing time: Sun 01 Jan 2023 21:54:53 +0000
ROA not before: Sun 01 Jan 2023 21:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198936
IP address blocks: 91.105.253.0/24 maxlen: 24
91.105.252.0/24 maxlen: 24
91.105.248.0/24 maxlen: 24
91.105.249.0/24 maxlen: 24
91.105.251.0/24 maxlen: 24
91.105.250.0/24 maxlen: 24
91.105.254.0/24 maxlen: 24
91.105.255.0/24 maxlen: 24
185.159.239.0/24 maxlen: 24
185.159.238.0/23 maxlen: 23
185.159.238.0/24 maxlen: 24
2a01:7bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:99:cb:a5:df:0e:d9:f9:66:d4:b5:cd:12:ba:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69fdfe8249f943aabad1881fca5836613a6a67bc
Validity
Not Before: Jan 1 21:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63c050ff6f49e34947164616dcfe09884e09da02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:29:a3:fd:fb:c7:f2:1f:54:94:14:14:ba:
2e:38:04:df:79:b6:c3:78:d2:09:05:53:a6:d9:c8:
36:7a:06:50:3a:3f:02:04:49:11:2e:6f:e0:46:96:
82:52:9f:a0:4f:d0:88:42:da:71:28:ef:f4:a5:32:
ca:75:3c:cb:64:17:41:ba:12:d1:32:c5:12:51:ff:
e4:0d:f4:07:aa:f4:e7:44:17:69:e6:e0:33:41:5f:
ba:0b:43:c7:cb:74:be:45:c0:b4:1f:49:bd:a1:20:
81:5b:7e:10:f4:14:31:52:df:e4:22:08:da:90:b4:
2e:f0:70:c2:b3:64:fe:2f:93:71:da:3c:f9:41:b2:
9d:32:86:64:02:2c:26:bb:c1:08:27:d7:14:02:91:
e1:df:b0:61:50:8b:55:f0:b7:ca:c5:46:f0:71:93:
d0:5b:7d:b3:f4:c1:c0:dd:83:8e:20:c6:81:ff:ed:
99:89:df:cc:ff:35:71:f8:43:25:cc:ad:d1:e2:56:
c8:ae:aa:ae:f3:b5:b4:cb:8d:3c:e5:bf:7c:98:ec:
b2:20:6d:e6:e4:8f:8c:13:e2:f3:1b:0a:d0:70:51:
57:53:f1:04:ea:76:e2:80:7b:5f:60:9f:f5:da:d7:
1d:3f:c0:80:51:30:0d:64:00:d7:0d:1d:d9:9d:09:
db:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C0:50:FF:6F:49:E3:49:47:16:46:16:DC:FE:09:88:4E:09:DA:02
X509v3 Authority Key Identifier:
keyid:69:FD:FE:82:49:F9:43:AA:BA:D1:88:1F:CA:58:36:61:3A:6A:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/af3-gkn5Q6q60Ygfylg2YTpqZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/Y8BQ_29J40lHFkYW3P4JiE4J2gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ccf777-9465-4a2e-8112-71d8b8850853/1/af3-gkn5Q6q60Ygfylg2YTpqZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.105.248.0/21
185.159.238.0/23
IPv6:
2a01:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
35:c3:fa:a0:6f:20:88:c6:22:f6:fd:a6:ec:06:50:46:1d:31:
85:a9:5f:64:08:2e:0e:47:14:57:47:27:50:31:92:0c:aa:57:
af:ad:b7:11:01:69:c0:4c:46:aa:58:03:30:86:90:1e:05:96:
d9:21:46:7d:31:bc:af:35:3d:01:22:42:ce:33:c0:2b:df:6f:
31:f2:7c:ec:f7:bf:31:7b:9d:b0:d6:77:ba:36:42:88:39:c8:
e7:48:c2:e7:60:6a:72:e0:0e:a2:0b:a2:31:04:af:10:31:69:
9e:13:97:a3:72:62:45:aa:c2:c6:e8:fd:93:07:4d:16:e3:ed:
a4:ff:d4:d5:0e:e8:28:d1:c4:9c:45:6d:94:a7:39:7d:be:6a:
f5:4f:c8:b4:77:61:c9:6a:92:e0:5c:65:ac:f2:4b:44:d4:e6:
17:74:69:e7:0a:24:60:50:93:04:6f:5d:83:6e:ce:c0:73:4e:
22:13:c8:2d:d3:7c:3c:c1:d2:d0:eb:e8:fb:7b:69:2d:e4:b4:
da:17:85:55:36:de:8d:e2:ca:71:a6:c0:c8:61:b5:9c:4a:33:
21:b3:5a:19:8e:68:81:fd:ee:83:0b:e0:c0:f5:ae:80:98:48:
75:15:e4:50:18:dd:76:5d:9b:32:42:74:31:a1:5a:5e:7d:23:
ed:d3:61:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvVJnLpd8O2flm1LXNErp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZmRmZTgyNDlmOTQzYWFiYWQxODgxZmNhNTgzNjYxM2E2
YTY3YmMwHhcNMjMwMTAxMjE1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MwNTBmZjZmNDllMzQ5NDcxNjQ2MTZkY2ZlMDk4ODRlMDlkYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrkpo/37x/IfVJQUFLouOATfebbD
eNIJBVOm2cg2egZQOj8CBEkRLm/gRpaCUp+gT9CIQtpxKO/0pTLKdTzLZBdBuhLR
MsUSUf/kDfQHqvTnRBdp5uAzQV+6C0PHy3S+RcC0H0m9oSCBW34Q9BQxUt/kIgja
kLQu8HDCs2T+L5Nx2jz5QbKdMoZkAiwmu8EIJ9cUApHh37BhUItV8LfKxUbwcZPQ
W32z9MHA3YOOIMaB/+2Zid/M/zVx+EMlzK3R4lbIrqqu87W0y4085b98mOyyIG3m
5I+ME+LzGwrQcFFXU/EE6nbigHtfYJ/12tcdP8CAUTANZADXDR3ZnQnbIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGPAUP9vSeNJRxZGFtz+CYhOCdoCMB8GA1UdIwQY
MBaAFGn9/oJJ+UOqutGIH8pYNmE6ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTIt
NzFkOGI4ODUwODUzLzEvWThCUV8yOUo0MGxIRmtZVzNQNEppRTRKMmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jY2Y3NzctOTQ2NS00YTJlLTgxMTItNzFkOGI4ODUwODUz
LzEvYWYzLWdrbjVRNnE2MFlnZnlsZzJZVHBxWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW2n4AwQB
uZ/uMA0EAgACMAcDBQAqAXvAMA0GCSqGSIb3DQEBCwUAA4IBAQA1w/qgbyCIxiL2
/absBlBGHTGFqV9kCC4ORxRXRydQMZIMqlevrbcRAWnATEaqWAMwhpAeBZbZIUZ9
MbyvNT0BIkLOM8Ar328x8nzs978xe52w1ne6NkKIOcjnSMLnYGpy4A6iC6IxBK8Q
MWmeE5ejcmJFqsLG6P2TB00W4+2k/9TVDugo0cScRW2Upzl9vmr1T8i0d2HJapLg
XGWs8ktE1OYXdGnnCiRgUJMEb12Dbs7Ac04iE8gt03w8wdLQ6+j7e2kt5LTaF4VV
Nt6N4spxpsDIYbWcSjMhs1oZjmiB/e6DC+DA9a6AmEh1FeRQGN12XZsyQnQxoVpe
fSPt02HA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org