Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/YgVgPa4yo1B49Rqt49W0uY-hp3U.roa
File: YgVgPa4yo1B49Rqt49W0uY-hp3U.roa (raw, json)
Hash identifier: rVsJcDgPy6dv1UfuGjDbo/KhtNITuTr+jaO5mQZ+WUY=
Subject key identifier: 62:05:60:3D:AE:32:A3:50:78:F5:1A:AD:E3:D5:B4:B9:8F:A1:A7:75
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018D16C03E711ECB0FD89960D723A758F03F
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/YgVgPa4yo1B49Rqt49W0uY-hp3U.roa
Signing time: Wed 17 Jan 2024 09:28:34 +0000
ROA not before: Wed 17 Jan 2024 09:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216279
IP address blocks: 45.83.200.0/22 maxlen: 22
185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 17 Jan 2024 19:17:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:c0:3e:71:1e:cb:0f:d8:99:60:d7:23:a7:58:f0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 17 09:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6205603dae32a35078f51aade3d5b4b98fa1a775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a4:0f:94:b0:3b:29:72:a8:0c:48:23:df:82:
47:00:f9:d1:ef:20:32:5f:13:fa:c1:8e:82:5d:46:
2c:72:83:ea:79:b1:6f:5a:77:5f:6d:06:5e:d3:63:
28:8b:44:25:04:ea:13:ac:46:06:99:08:c2:26:54:
67:9f:cc:8d:3b:73:38:17:66:8f:97:64:f8:73:07:
16:c7:0d:6d:49:2e:ae:77:53:e3:67:80:1b:02:99:
ba:a4:4a:ea:bf:ae:3b:a6:7e:6d:64:84:83:fe:d1:
a7:1b:68:46:6f:fa:ac:eb:4d:af:66:99:9c:5b:64:
db:97:9c:9e:dd:78:1d:2a:8c:b6:ea:1e:21:5d:c9:
34:17:47:f5:e7:d2:e7:63:17:f7:c7:29:8b:b8:f8:
ef:f3:6d:a4:37:0f:53:fa:66:82:f3:63:5f:77:59:
27:f8:ee:a9:30:5e:93:56:21:f4:40:02:4f:6c:45:
53:1b:d4:3d:e9:61:6a:81:85:44:21:97:75:f1:d1:
18:8b:26:63:97:d4:fc:45:2d:d3:4c:2f:fa:e9:10:
f6:0b:f4:b4:50:52:55:b6:16:8e:da:cf:20:ae:46:
5f:26:64:5d:8e:24:1a:cc:44:72:3d:77:fd:d8:e4:
bb:bb:a5:48:c6:84:16:34:c3:a6:53:f4:8f:14:f5:
d3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:05:60:3D:AE:32:A3:50:78:F5:1A:AD:E3:D5:B4:B9:8F:A1:A7:75
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/YgVgPa4yo1B49Rqt49W0uY-hp3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
83:e9:90:42:dc:2d:2c:5c:45:b5:07:1b:11:3e:23:88:d5:9f:
2f:a5:8a:2f:89:b5:b0:d3:4e:a4:01:c1:a4:ed:83:30:34:11:
9b:b6:11:6f:12:90:38:4b:23:f6:9f:09:35:cb:a5:dd:8f:b6:
30:bd:91:e4:cd:8b:18:c0:21:8b:4a:8a:ee:0e:b8:c1:9e:8b:
fb:12:21:22:dd:c9:b4:e0:e5:74:14:c6:b7:39:73:09:03:71:
96:9b:83:fa:3f:af:5d:a2:18:9d:cd:52:16:21:a2:98:44:37:
ad:92:22:96:49:33:7e:f7:96:39:df:69:85:e9:3c:e6:9b:bf:
07:28:b0:9d:80:7e:39:b3:7c:d2:c9:17:65:a0:99:05:1e:71:
9b:57:d0:e9:06:08:a9:8c:65:8f:4d:04:7d:f6:55:fa:d6:1f:
6c:11:69:1a:59:16:da:b0:af:7f:37:8e:21:92:f8:b4:a5:17:
5a:39:06:b1:e9:49:b2:46:7e:77:d5:72:a6:51:b2:ae:0b:09:
1e:ac:b1:3e:9c:28:f1:39:43:e6:d3:19:14:c5:d4:61:f3:ed:
96:06:b8:38:48:d7:b1:bd:4b:69:5e:e0:0b:8b:7d:56:2e:64:
d8:dd:6a:3e:95:f7:4e:85:57:4d:e8:58:20:eb:76:0d:cd:8e:
6b:3d:91:58
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY0WwD5xHssP2Jlg1yOnWPA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwMTE3MDkyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA1NjAzZGFlMzJhMzUwNzhmNTFhYWRlM2Q1YjRiOThmYTFhNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaQPlLA7KXKoDEgj34JHAPnR7yAy
XxP6wY6CXUYscoPqebFvWndfbQZe02Moi0QlBOoTrEYGmQjCJlRnn8yNO3M4F2aP
l2T4cwcWxw1tSS6ud1PjZ4AbApm6pErqv647pn5tZISD/tGnG2hGb/qs602vZpmc
W2Tbl5ye3XgdKoy26h4hXck0F0f159LnYxf3xymLuPjv822kNw9T+maC82Nfd1kn
+O6pMF6TViH0QAJPbEVTG9Q96WFqgYVEIZd18dEYiyZjl9T8RS3TTC/66RD2C/S0
UFJVthaO2s8grkZfJmRdjiQazERyPXf92OS7u6VIxoQWNMOmU/SPFPXTBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGIFYD2uMqNQePUarePVtLmPoad1MB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvWWdWZ1BhNHlvMUI0OVJxdDQ5VzB1WS1ocDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVPIAwQC
uXKcAwQCueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQCD6ZBC
3C0sXEW1BxsRPiOI1Z8vpYovibWw006kAcGk7YMwNBGbthFvEpA4SyP2nwk1y6Xd
j7YwvZHkzYsYwCGLSoruDrjBnov7EiEi3cm04OV0FMa3OXMJA3GWm4P6P69dohid
zVIWIaKYRDetkiKWSTN+95Y532mF6Tzmm78HKLCdgH45s3zSyRdloJkFHnGbV9Dp
BgipjGWPTQR99lX61h9sEWkaWRbasK9/N44hkvi0pRdaOQax6UmyRn531XKmUbKu
CwkerLE+nCjxOUPm0xkUxdRh8+2WBrg4SNexvUtpXuALi31WLmTY3Wo+lfdOhVdN
6Fgg63YNzY5rPZFY
-----END CERTIFICATE-----
Generated at Thu Jan 18 01:03:58 2024 by rpki-client on console-ams.rpki-client.org