Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/Yzq2XmiSN_bJcOyx-5G9KpoDkuw.roa
File: Yzq2XmiSN_bJcOyx-5G9KpoDkuw.roa (raw, json)
Hash identifier: bb1j+ya0e5NQufkW25qXk7mwicQB2WlDHBqogEBDPzw=
Subject key identifier: 63:3A:B6:5E:68:92:37:F6:C9:70:EC:B1:FB:91:BD:2A:9A:03:92:EC
Certificate issuer: /CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Certificate serial: 018B6CE4CDB48914CCF1C122111288AD0D1D
Authority key identifier: 3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/Yzq2XmiSN_bJcOyx-5G9KpoDkuw.roa
Signing time: Thu 26 Oct 2023 16:50:15 +0000
ROA not before: Thu 26 Oct 2023 16:50:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41765
IP address blocks: 185.233.48.10/32 maxlen: 32
193.33.46.0/23 maxlen: 23
31.172.164.0/22 maxlen: 22
185.4.63.0/24 maxlen: 24
193.57.96.0/24 maxlen: 24
185.233.48.0/24 maxlen: 24
185.233.48.0/22 maxlen: 22
185.233.50.0/23 maxlen: 23
188.65.168.0/21 maxlen: 21
45.8.233.0/24 maxlen: 24
45.8.234.0/24 maxlen: 24
45.8.235.0/24 maxlen: 24
193.37.150.0/24 maxlen: 24
2a02:2288::/29 maxlen: 29
2a02:2288::/32 maxlen: 32
2a0c:d500::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Dec 2023 10:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:e4:cd:b4:89:14:cc:f1:c1:22:11:12:88:ad:0d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f7954d88c0ae3f6398697bfdfc1956a753e83d8
Validity
Not Before: Oct 26 16:50:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=633ab65e689237f6c970ecb1fb91bd2a9a0392ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9d:49:16:ac:e2:f7:60:e7:3e:a5:2b:76:d5:
3a:c4:98:bc:91:85:2a:80:34:97:71:8b:0b:45:4f:
e6:ba:d3:d1:96:09:06:6e:f3:66:7b:22:d1:0f:9e:
52:d5:b4:2b:f5:d8:a8:e1:65:1a:60:0b:af:bd:39:
35:c7:fa:a5:6b:3e:07:73:32:84:ea:2b:61:e7:dd:
01:f4:46:e3:96:25:e0:a3:4f:f3:d9:ee:70:81:6c:
3d:38:74:5b:81:69:a1:fe:ef:f7:1b:d6:4d:2c:21:
7b:18:08:11:6b:14:d0:46:2a:39:2f:ef:41:01:7c:
3c:43:84:48:59:cb:b8:7d:be:84:a8:1a:dc:b1:b6:
52:9c:59:4e:9a:c3:b3:e1:7d:f9:4b:5a:17:fd:ab:
f2:aa:ca:06:25:79:7a:fb:db:b2:67:10:5d:61:d2:
d0:fa:cb:fe:a4:42:65:c0:58:65:8f:c9:21:36:d9:
14:79:0b:4c:f9:f7:72:d5:87:da:6f:d4:0c:67:57:
09:db:2b:ce:c9:d9:1d:4f:7e:e7:cf:f2:27:b2:80:
ad:2a:83:a7:09:f4:56:d5:2c:6b:b4:67:3a:ff:d7:
90:05:dd:8c:76:0b:a2:67:06:3d:75:88:95:23:f8:
99:7d:a0:28:b7:a9:ac:ce:6f:9e:8f:5d:5c:bf:29:
cf:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3A:B6:5E:68:92:37:F6:C9:70:EC:B1:FB:91:BD:2A:9A:03:92:EC
X509v3 Authority Key Identifier:
keyid:3F:79:54:D8:8C:0A:E3:F6:39:86:97:BF:DF:C1:95:6A:75:3E:83:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P3lU2IwK4_Y5hpe_38GVanU-g9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/Yzq2XmiSN_bJcOyx-5G9KpoDkuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/82e656-14a3-4e3a-9d6e-af406086b89b/1/P3lU2IwK4_Y5hpe_38GVanU-g9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.164.0/22
45.8.233.0-45.8.235.255
185.4.63.0/24
185.233.48.0/22
188.65.168.0/21
193.33.46.0/23
193.37.150.0/24
193.57.96.0/24
IPv6:
2a02:2288::/29
2a0c:d500::/29
Signature Algorithm: sha256WithRSAEncryption
7d:17:9b:0f:f3:04:8e:9b:ab:6e:51:ef:ca:ee:7a:3a:90:17:
67:e4:9b:93:26:20:d0:ff:c0:51:30:78:4d:71:4a:0c:4f:ab:
1a:be:12:a8:fd:c8:e7:6a:03:8e:36:dc:58:07:de:bb:b5:66:
15:28:e0:d9:1b:d4:ca:3b:37:36:d5:4b:58:aa:95:a6:e8:fa:
85:a7:15:28:4f:c4:1a:b9:fd:92:41:82:4f:fe:3f:ab:a1:ff:
63:f7:25:30:bb:c7:f0:e7:76:9c:df:b2:d8:20:cc:da:d5:28:
41:44:18:f9:33:ad:c4:00:e9:ed:f3:a4:53:28:17:4a:fc:a0:
70:53:f7:39:02:af:79:66:8f:e5:9c:35:f1:c9:2e:af:cb:60:
54:80:bd:f6:03:dc:25:a2:f6:e0:2a:92:3e:8b:df:a1:83:10:
0a:1e:4c:24:a0:c8:e5:43:b2:ab:38:53:6b:a5:92:e5:15:70:
0a:a4:ca:8a:eb:22:3a:db:04:86:88:f7:7b:ce:63:d0:30:cd:
30:fe:a7:74:44:0c:82:84:b0:0b:7a:84:e2:92:f1:f7:cf:38:
91:30:0c:4b:a5:14:f2:07:b3:4b:3f:65:a1:22:4a:5c:96:53:
06:36:7a:40:1b:fc:56:aa:8a:78:1f:5b:13:a3:95:25:02:c3:
5e:05:8f:4c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYts5M20iRTM8cEiERKIrQ0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNzk1NGQ4OGMwYWUzZjYzOTg2OTdiZmRmYzE5NTZhNzUz
ZTgzZDgwHhcNMjMxMDI2MTY1MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNhYjY1ZTY4OTIzN2Y2Yzk3MGVjYjFmYjkxYmQyYTlhMDM5MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ1JFqzi92DnPqUrdtU6xJi8kYUq
gDSXcYsLRU/mutPRlgkGbvNmeyLRD55S1bQr9dio4WUaYAuvvTk1x/qlaz4HczKE
6ith590B9EbjliXgo0/z2e5wgWw9OHRbgWmh/u/3G9ZNLCF7GAgRaxTQRio5L+9B
AXw8Q4RIWcu4fb6EqBrcsbZSnFlOmsOz4X35S1oX/avyqsoGJXl6+9uyZxBdYdLQ
+sv+pEJlwFhlj8khNtkUeQtM+fdy1Yfab9QMZ1cJ2yvOydkdT37nz/InsoCtKoOn
CfRW1SxrtGc6/9eQBd2MdguiZwY9dYiVI/iZfaAot6mszm+ej11cvynP5QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGM6tl5okjf2yXDssfuRvSqaA5LsMB8GA1UdIwQY
MBaAFD95VNiMCuP2OYaXv9/BlWp1PoPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUt
YWY0MDYwODZiODliLzEvWXpxMlhtaVNOX2JKY095eC01RzlLcG9Ea3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy84MmU2NTYtMTRhMy00ZTNhLTlkNmUtYWY0MDYwODZiODli
LzEvUDNsVTJJd0s0X1k1aHBlXzM4R1ZhblUtZzlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCH6ykMAwD
BAAtCOkDBAItCOgDBAC5BD8DBAK56TADBAO8QagDBAHBIS4DBADBJZYDBADBOWAw
FAQCAAIwDgMFAyoCIogDBQMqDNUAMA0GCSqGSIb3DQEBCwUAA4IBAQB9F5sP8wSO
m6tuUe/K7no6kBdn5JuTJiDQ/8BRMHhNcUoMT6savhKo/cjnagOONtxYB967tWYV
KODZG9TKOzc21UtYqpWm6PqFpxUoT8Qauf2SQYJP/j+rof9j9yUwu8fw53ac37LY
IMza1ShBRBj5M63EAOnt86RTKBdK/KBwU/c5Aq95Zo/lnDXxyS6vy2BUgL32A9wl
ovbgKpI+i9+hgxAKHkwkoMjlQ7KrOFNrpZLlFXAKpMqK6yI62wSGiPd7zmPQMM0w
/qd0RAyChLALeoTikvH3zziRMAxLpRTyB7NLP2WhIkpcllMGNnpAG/xWqop4H1sT
o5UlAsNeBY9M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:39 2024 by rpki-client on console-fra.rpki-client.org