Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Yv5qg-nThCsbx6OSD4sM6QogLeM.roa
File: Yv5qg-nThCsbx6OSD4sM6QogLeM.roa (raw, json)
Hash identifier: MZf2qivFAdeHawal3nvYni2Ve/uXRZxMWN94TdRMsJw=
Subject key identifier: 62:FE:6A:83:E9:D3:84:2B:1B:C7:A3:92:0F:8B:0C:E9:0A:20:2D:E3
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CD68351F703B9DBD20338DAFD70D91DA5
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Yv5qg-nThCsbx6OSD4sM6QogLeM.roa
Signing time: Thu 04 Jan 2024 22:06:19 +0000
ROA not before: Thu 04 Jan 2024 22:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209706
IP address blocks: 185.172.20.0/22 maxlen: 22
89.37.228.0/22 maxlen: 24
93.113.184.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
91.232.136.0/22 maxlen: 24
86.105.104.0/22 maxlen: 24
188.240.40.0/23 maxlen: 24
188.212.104.0/22 maxlen: 22
94.190.248.0/22 maxlen: 24
89.37.188.0/22 maxlen: 24
89.36.236.0/22 maxlen: 24
89.36.32.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
188.211.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 19:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:83:51:f7:03:b9:db:d2:03:38:da:fd:70:d9:1d:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 4 22:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62fe6a83e9d3842b1bc7a3920f8b0ce90a202de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b0:20:48:b4:fb:54:87:27:7a:9c:44:f4:11:
da:bd:9b:f2:aa:4c:e8:ea:0f:e8:0c:34:20:8b:a2:
33:e0:15:ea:ca:cf:4a:ec:75:b2:08:43:18:86:01:
02:da:4f:c1:7d:7d:3d:7b:a7:dc:a7:03:68:1e:4a:
b8:e0:d6:fd:21:75:fd:95:ce:5c:9a:1b:b9:45:c2:
1f:69:6b:f6:81:4c:7e:14:1d:50:8c:88:74:3a:89:
f2:5f:1f:23:8d:09:a3:fa:31:5b:78:97:b9:59:f4:
be:5f:2a:02:50:61:9a:b9:d9:88:80:08:9b:a8:78:
07:a4:fa:2b:33:a8:d9:9a:05:25:dc:c9:b0:1f:39:
98:7b:77:e5:d5:7c:1c:3d:cb:02:99:a9:36:83:e0:
89:42:f6:22:9f:1f:9c:18:81:41:b1:65:65:c2:57:
44:81:4f:b3:40:9e:a4:6c:79:48:e2:1b:01:6f:79:
9e:97:d2:59:a2:ce:15:0b:64:94:4a:9d:55:3f:78:
6f:e1:22:86:3b:c1:00:9b:76:78:fe:c8:bb:28:50:
36:89:15:54:ab:d5:5b:04:80:b6:e6:85:d3:07:8e:
e5:f1:c7:d4:05:11:3d:7c:a4:c0:7e:b1:88:69:d5:
f3:2d:eb:f3:f1:4b:9a:e6:19:3b:02:65:62:df:7c:
94:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FE:6A:83:E9:D3:84:2B:1B:C7:A3:92:0F:8B:0C:E9:0A:20:2D:E3
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Yv5qg-nThCsbx6OSD4sM6QogLeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
86.105.104.0/22
89.36.32.0/22
89.36.236.0/22
89.37.188.0/22
89.37.228.0/22
91.232.136.0/22
93.113.184.0/21
94.190.248.0/22
185.77.250.0/23
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
188.240.40.0/23
Signature Algorithm: sha256WithRSAEncryption
76:e4:09:c3:37:98:d2:e8:3b:6c:06:38:15:9a:5e:3b:66:96:
47:15:90:2d:e9:07:8c:ad:db:05:0f:fb:18:9e:2b:ac:aa:27:
60:87:ec:09:8c:b1:d6:b0:17:14:82:a1:ff:72:20:7e:a5:52:
dc:32:3c:4b:f2:be:3c:53:67:cd:ae:94:8d:24:d3:80:f9:d7:
99:8a:b2:90:f0:bb:32:c9:24:40:cf:55:af:03:f2:7a:86:59:
aa:5b:38:2e:74:1d:70:64:e5:c4:9d:f3:fb:f2:70:0b:a7:ca:
c8:3d:56:f8:58:bf:d4:1f:97:06:1c:5f:1b:32:5c:1c:58:58:
2e:57:c9:ae:79:36:c9:dc:3d:cd:20:cd:43:e0:c1:1f:17:24:
17:7e:95:1d:3c:d9:99:4c:86:62:13:87:2f:34:1c:d0:ab:20:
21:a8:02:8e:cf:56:6a:73:2c:5e:54:c9:a7:bd:26:0f:9c:13:
b0:a4:95:c6:17:7b:80:c7:1a:d9:cc:84:eb:de:92:e5:d5:e8:
0a:85:8f:1a:4c:02:d7:45:b0:62:5b:8e:c3:b0:9a:57:84:08:
3b:2b:69:c0:87:f3:0f:80:b8:ed:82:6a:cf:cd:92:ed:30:88:
b5:aa:3f:2a:e2:60:89:3a:47:f7:68:a6:71:ab:09:3c:d3:1f:
cd:bb:93:62
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzWg1H3A7nb0gM42v1w2R2lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTA0MjIwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZlNmE4M2U5ZDM4NDJiMWJjN2EzOTIwZjhiMGNlOTBhMjAyZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7AgSLT7VIcnepxE9BHavZvyqkzo
6g/oDDQgi6Iz4BXqys9K7HWyCEMYhgEC2k/BfX09e6fcpwNoHkq44Nb9IXX9lc5c
mhu5RcIfaWv2gUx+FB1QjIh0OonyXx8jjQmj+jFbeJe5WfS+XyoCUGGaudmIgAib
qHgHpPorM6jZmgUl3MmwHzmYe3fl1XwcPcsCmak2g+CJQvYinx+cGIFBsWVlwldE
gU+zQJ6kbHlI4hsBb3mel9JZos4VC2SUSp1VP3hv4SKGO8EAm3Z4/si7KFA2iRVU
q9VbBIC25oXTB47l8cfUBRE9fKTAfrGIadXzLevz8Uua5hk7AmVi33yUdwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGL+aoPp04QrG8ejkg+LDOkKIC3jMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvWXY1cWctblRoQ3NieDZPU0Q0c002UW9nTGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBPnAMAwQC
VmloAwQCWSQgAwQCWSTsAwQCWSW8AwQCWSXkAwQCW+iIAwQDXXG4AwQCXr74AwQB
uU36AwQCuawUAwQCvNP8AwQCvNRoAwQBvPAoMA0GCSqGSIb3DQEBCwUAA4IBAQB2
5AnDN5jS6DtsBjgVml47ZpZHFZAt6QeMrdsFD/sYniusqidgh+wJjLHWsBcUgqH/
ciB+pVLcMjxL8r48U2fNrpSNJNOA+deZirKQ8LsyySRAz1WvA/J6hlmqWzgudB1w
ZOXEnfP78nALp8rIPVb4WL/UH5cGHF8bMlwcWFguV8mueTbJ3D3NIM1D4MEfFyQX
fpUdPNmZTIZiE4cvNBzQqyAhqAKOz1ZqcyxeVMmnvSYPnBOwpJXGF3uAxxrZzITr
3pLl1egKhY8aTALXRbBiW47DsJpXhAg7K2nAh/MPgLjtgmrPzZLtMIi1qj8q4mCJ
Okf3aKZxqwk80x/Nu5Ni
-----END CERTIFICATE-----
Generated at Thu Feb 1 21:43:21 2024 by rpki-client on console-fra.rpki-client.org