Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Y3pq1uMwYMd8i6wQAidbybnXzIM.roa
File: Y3pq1uMwYMd8i6wQAidbybnXzIM.roa (raw, json)
Hash identifier: 1uDlMzy5IX3+aMFViS30jkE0ofzgwx/16AERw86JQWc=
Subject key identifier: 63:7A:6A:D6:E3:30:60:C7:7C:8B:AC:10:02:27:5B:C9:B9:D7:CC:83
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018CC80183DC2C5EA326C0E90D2162903A11
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Y3pq1uMwYMd8i6wQAidbybnXzIM.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.16.0/24 maxlen: 24
185.201.19.0/24 maxlen: 24
45.140.132.0/24 maxlen: 24
45.131.180.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
45.91.121.0/24 maxlen: 24
45.93.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 14:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:83:dc:2c:5e:a3:26:c0:e9:0d:21:62:90:3a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=637a6ad6e33060c77c8bac1002275bc9b9d7cc83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:27:52:35:32:92:22:4e:fe:15:80:65:ce:ff:
2a:4c:59:7d:09:f0:0d:87:d4:ea:80:16:2f:83:6f:
10:f7:3d:6e:18:3e:6e:71:d0:d7:88:69:4d:13:b2:
90:78:22:1d:35:67:ed:62:93:c2:5b:a0:c4:74:35:
cc:f8:54:8c:f6:9e:11:0c:08:33:37:19:1f:fe:03:
e2:46:96:5b:d6:b0:3c:3f:2a:30:24:22:9b:50:b2:
63:68:3e:12:f2:e4:f5:ca:d3:32:4d:8e:21:7a:33:
a6:dd:44:9e:89:bf:c9:ab:15:f5:45:53:c3:89:ec:
67:47:b9:3d:01:7e:f4:31:a4:d7:75:55:fd:fc:97:
b0:e2:49:a1:6c:6a:0b:31:74:9e:fd:4b:5c:95:a4:
5c:77:4d:d8:e3:8b:82:8c:72:93:c0:d5:f1:a4:f5:
d9:2f:89:19:f2:66:39:33:00:6b:6a:db:ec:bd:00:
3a:9b:36:01:5b:96:2e:b5:d8:c4:d6:21:1c:46:ab:
ac:3d:2d:f9:48:dc:d7:5e:f6:a2:7e:3b:d2:8d:a1:
e3:f7:be:4b:50:b0:42:4e:7e:b9:56:5b:75:91:1d:
62:54:e8:41:db:9a:8a:7e:f1:61:6a:5a:53:d8:35:
31:dd:10:80:ec:98:de:03:d6:51:0d:8e:b2:3b:c4:
be:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:7A:6A:D6:E3:30:60:C7:7C:8B:AC:10:02:27:5B:C9:B9:D7:CC:83
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Y3pq1uMwYMd8i6wQAidbybnXzIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.121.0/24
45.93.148.0/24
45.131.180.0/24
45.140.132.0/24
45.147.95.0/24
46.229.240.0/24
185.201.16.0/23
185.201.19.0/24
Signature Algorithm: sha256WithRSAEncryption
67:42:e9:f3:a1:4c:6b:bd:c0:36:bb:ae:9c:89:dd:7c:11:fb:
e2:b3:0a:f8:f3:68:77:d2:ec:58:a0:57:ef:1f:f1:d7:ef:24:
cb:67:77:23:41:d3:45:54:35:4b:40:b7:b6:b1:ce:35:a6:23:
c5:9d:1f:b1:66:17:a2:37:ff:59:ae:bd:fa:78:98:f6:2a:23:
fb:84:43:2b:8d:46:0f:9b:9d:2f:74:6b:cd:62:09:cb:00:f8:
be:43:c1:c3:3d:19:32:46:8c:95:70:7f:dc:28:1f:ee:d8:2e:
96:e2:07:1c:33:b9:87:c9:56:d3:ed:bf:e8:d5:e0:c9:cc:fd:
6f:d3:32:0b:f4:10:2d:ab:97:29:04:7e:42:16:fd:b1:11:90:
c1:9d:d9:af:76:d9:ec:ad:cc:4b:ed:76:8e:47:2b:44:b3:c0:
ce:d1:5e:df:dc:04:f1:89:a9:3f:fb:15:69:53:b5:f8:3b:27:
42:a6:29:d4:0d:92:e7:fa:85:a4:bd:37:89:a0:8f:b2:0d:69:
88:3a:5f:41:0e:90:da:37:04:d6:e2:29:4c:d5:ea:02:84:d1:
7e:90:0a:40:f3:e9:62:71:7a:23:be:a5:52:c9:bc:c5:a6:17:
00:16:dd:8c:ea:a3:77:87:38:82:24:66:c1:75:ad:5b:c3:8f:
df:fa:dd:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIAYPcLF6jJsDpDSFikDoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzdhNmFkNmUzMzA2MGM3N2M4YmFjMTAwMjI3NWJjOWI5ZDdjYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhydSNTKSIk7+FYBlzv8qTFl9CfAN
h9TqgBYvg28Q9z1uGD5ucdDXiGlNE7KQeCIdNWftYpPCW6DEdDXM+FSM9p4RDAgz
Nxkf/gPiRpZb1rA8PyowJCKbULJjaD4S8uT1ytMyTY4hejOm3USeib/JqxX1RVPD
iexnR7k9AX70MaTXdVX9/Jew4kmhbGoLMXSe/UtclaRcd03Y44uCjHKTwNXxpPXZ
L4kZ8mY5MwBratvsvQA6mzYBW5YutdjE1iEcRqusPS35SNzXXvaifjvSjaHj975L
ULBCTn65Vlt1kR1iVOhB25qKfvFhalpT2DUx3RCA7JjeA9ZRDY6yO8S+LQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGN6atbjMGDHfIusEAInW8m518yDMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvWTNwcTF1TXdZTWQ4aTZ3UUFpZGJ5Ym5YeklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVt5AwQA
LV2UAwQALYO0AwQALYyEAwQALZNfAwQALuXwAwQBuckQAwQAuckTMA0GCSqGSIb3
DQEBCwUAA4IBAQBnQunzoUxrvcA2u66cid18Efviswr482h30uxYoFfvH/HX7yTL
Z3cjQdNFVDVLQLe2sc41piPFnR+xZheiN/9Zrr36eJj2KiP7hEMrjUYPm50vdGvN
YgnLAPi+Q8HDPRkyRoyVcH/cKB/u2C6W4gccM7mHyVbT7b/o1eDJzP1v0zIL9BAt
q5cpBH5CFv2xEZDBndmvdtnsrcxL7XaORytEs8DO0V7f3ATxiak/+xVpU7X4OydC
pinUDZLn+oWkvTeJoI+yDWmIOl9BDpDaNwTW4ilM1eoChNF+kApA8+licXojvqVS
ybzFphcAFt2M6qN3hziCJGbBda1bw4/f+t0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:32 2024 by rpki-client on console-ams.rpki-client.org