Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/YoeEh2hHJ0hzgeTpTqPzQ5l7FKQ.roa
File: YoeEh2hHJ0hzgeTpTqPzQ5l7FKQ.roa (raw, json)
Hash identifier: 2EyaDd0TxVvG3oiD+TPLmn9ei3s7LEFj+3PrGBigsT0=
Subject key identifier: 62:87:84:87:68:47:27:48:73:81:E4:E9:4E:A3:F3:43:99:7B:14:A4
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 018CC424E52ACDDA1DB96C9FD68092918666
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/YoeEh2hHJ0hzgeTpTqPzQ5l7FKQ.roa
Signing time: Mon 01 Jan 2024 08:30:01 +0000
ROA not before: Mon 01 Jan 2024 08:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28836
IP address blocks: 194.213.114.0/24 maxlen: 24
194.213.114.0/23 maxlen: 23
194.213.115.0/24 maxlen: 24
185.194.84.0/22 maxlen: 22
185.194.84.0/24 maxlen: 24
185.194.84.0/23 maxlen: 23
185.194.85.0/24 maxlen: 24
185.194.86.0/23 maxlen: 23
91.230.171.0/24 maxlen: 24
91.230.170.0/23 maxlen: 23
91.230.170.0/24 maxlen: 24
91.230.176.0/22 maxlen: 22
91.230.176.0/23 maxlen: 23
91.230.176.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
91.230.178.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 07 Mar 2024 13:39:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e5:2a:cd:da:1d:b9:6c:9f:d6:80:92:91:86:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Jan 1 08:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62878487684727487381e4e94ea3f343997b14a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:1f:51:68:b2:73:6f:e6:f7:8e:32:db:b0:
30:4f:01:8a:7c:dd:7e:e0:57:6e:5d:55:d9:8e:8e:
14:c0:d9:2c:bf:06:ab:2b:45:ee:e4:92:7d:d6:02:
01:73:26:3b:fb:5c:db:36:83:74:19:12:a9:b8:19:
df:ab:d6:5b:db:1f:61:5e:b6:f9:ae:7f:ca:11:4d:
f3:ad:a4:97:ed:0a:7b:ca:61:3b:1a:35:2b:71:a2:
d6:5d:ab:2c:df:ab:5a:a8:76:04:21:19:28:6f:f4:
98:7f:92:47:32:c1:e4:32:5e:cf:96:20:ce:0d:bf:
3b:8b:9f:d1:4e:76:14:70:f2:f8:b5:14:e0:e0:f6:
6f:4d:ec:05:42:58:45:0c:81:85:dc:e7:c0:e6:fa:
ba:91:c1:39:1e:9a:1d:29:2a:60:54:9b:8a:2d:f7:
a2:97:d2:96:c5:1d:d1:0b:6c:cf:a2:56:93:1b:ec:
77:5e:72:0a:c7:99:5c:5f:fc:27:8d:29:29:79:30:
ab:1f:58:e1:7f:72:18:7e:35:68:32:13:d0:5a:c0:
16:43:8a:93:a1:dc:6e:10:1c:d4:95:a8:18:ab:47:
a2:40:ec:9c:91:a5:53:7a:b7:ca:a2:57:84:84:ff:
09:20:80:db:61:cf:d9:a6:de:21:4d:0a:74:02:c9:
77:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:87:84:87:68:47:27:48:73:81:E4:E9:4E:A3:F3:43:99:7B:14:A4
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/YoeEh2hHJ0hzgeTpTqPzQ5l7FKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0/22
185.194.84.0/22
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:19:97:8a:78:87:76:71:34:1e:b6:c6:ff:62:06:d1:52:92:
e0:75:4b:53:61:ab:df:63:2b:f1:f6:3f:21:d0:6c:99:24:76:
35:e8:3d:4f:ce:0b:3d:d0:c0:6d:eb:bd:20:56:1a:08:ea:c5:
a0:34:f1:78:98:1d:55:88:d7:98:0e:23:6d:35:8e:64:d1:fd:
78:bf:1b:b7:92:68:de:2f:d6:0e:a9:e5:4b:3a:9e:61:a5:c2:
2a:5e:a9:46:44:fb:43:c8:8e:41:81:9e:f7:ac:ab:50:da:85:
1c:8b:2a:ea:79:c7:28:99:e4:4f:c8:b2:2b:19:4a:e4:dd:ee:
39:dc:c4:05:6e:6e:1b:4d:f7:6a:78:fd:8e:42:af:61:c8:09:
e1:b7:9e:b4:f2:24:89:4a:03:f5:68:24:8b:89:96:29:e2:e3:
ad:b5:b8:80:73:20:7b:53:aa:ae:af:aa:52:17:61:0d:b3:6c:
e8:53:f1:79:a9:2c:34:a4:03:31:36:d6:e0:4a:ae:21:da:7d:
25:8c:6c:1b:3a:62:4f:fe:71:c0:b0:85:50:9f:4c:2c:c0:f8:
40:a1:29:e9:70:78:36:dd:ee:a6:e7:05:a8:6b:8e:73:82:10:
fa:14:85:4c:e2:14:8f:b1:b9:e6:d2:24:16:c1:a8:a5:46:48:
96:31:7e:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJOUqzdoduWyf1oCSkYZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTJjMmVjZjU4YzQ0YjM1YTBkYTI5NTdmZjRkY2EyZTYw
YjY4NmEwHhcNMjQwMTAxMDgzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjg3ODQ4NzY4NDcyNzQ4NzM4MWU0ZTk0ZWEzZjM0Mzk5N2IxNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK4fUWiyc2/m944y27AwTwGKfN1+
4FduXVXZjo4UwNksvwarK0Xu5JJ91gIBcyY7+1zbNoN0GRKpuBnfq9Zb2x9hXrb5
rn/KEU3zraSX7Qp7ymE7GjUrcaLWXass36taqHYEIRkob/SYf5JHMsHkMl7PliDO
Db87i5/RTnYUcPL4tRTg4PZvTewFQlhFDIGF3OfA5vq6kcE5HpodKSpgVJuKLfei
l9KWxR3RC2zPolaTG+x3XnIKx5lcX/wnjSkpeTCrH1jhf3IYfjVoMhPQWsAWQ4qT
odxuEBzUlagYq0eiQOyckaVTerfKoleEhP8JIIDbYc/Zpt4hTQp0Asl3rQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGKHhIdoRydIc4Hk6U6j80OZexSkMB8GA1UdIwQY
MBaAFJmiwuz1jESzWg2ilX/03KLmC2hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAt
ZTVkNTA3YTgyNmJmLzEvWW9lRWgyaEhKMGh6Z2VUcFRxUHpRNWw3RktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAtZTVkNTA3YTgyNmJm
LzEvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+aqAwQC
W+awAwQCucJUAwQBwtVyMA0GCSqGSIb3DQEBCwUAA4IBAQChGZeKeId2cTQetsb/
YgbRUpLgdUtTYavfYyvx9j8h0GyZJHY16D1Pzgs90MBt670gVhoI6sWgNPF4mB1V
iNeYDiNtNY5k0f14vxu3kmjeL9YOqeVLOp5hpcIqXqlGRPtDyI5BgZ73rKtQ2oUc
iyrqeccomeRPyLIrGUrk3e453MQFbm4bTfdqeP2OQq9hyAnht5608iSJSgP1aCSL
iZYp4uOttbiAcyB7U6qur6pSF2ENs2zoU/F5qSw0pAMxNtbgSq4h2n0ljGwbOmJP
/nHAsIVQn0wswPhAoSnpcHg23e6m5wWoa45zghD6FIVM4hSPsbnm0iQWwailRkiW
MX5C
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:40:19 2025 by rpki-client