Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Xm96n_HLPiM6Sr0qee7E57kg20o.roa
File: Xm96n_HLPiM6Sr0qee7E57kg20o.roa (raw, json)
Hash identifier: JvMZMcSHpt04w2Xl+mOYc/mPwfSwW6EexBc1cIeT8N8=
Subject key identifier: 5E:6F:7A:9F:F1:CB:3E:23:3A:4A:BD:2A:79:EE:C4:E7:B9:20:DB:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F4DFF9F8377E488EB58ACE68774BFF7E5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Xm96n_HLPiM6Sr0qee7E57kg20o.roa
Signing time: Mon 06 May 2024 13:02:29 +0000
ROA not before: Mon 06 May 2024 13:02:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 09:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:ff:9f:83:77:e4:88:eb:58:ac:e6:87:74:bf:f7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 6 13:02:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6f7a9ff1cb3e233a4abd2a79eec4e7b920db4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cc:9f:40:c0:d0:dd:26:df:c6:a5:8a:5c:68:
07:2d:a3:02:ef:1e:00:1b:ee:df:92:86:03:15:64:
98:56:de:09:8f:26:61:9d:67:4f:36:9b:66:53:6c:
c8:4f:8d:91:11:26:6c:a8:73:18:ed:4b:17:cb:25:
e6:e4:9f:7b:d0:fc:fa:f6:d0:70:f8:56:6f:27:42:
51:65:c0:02:b0:5b:24:82:07:20:a0:8b:1c:bf:2a:
16:a7:f9:0c:93:d7:23:7c:4c:10:8b:66:fe:44:9a:
0b:c2:48:ee:81:6e:74:cc:eb:f0:bb:97:0d:47:e3:
8b:0e:66:21:0e:a1:00:5a:9f:83:95:86:0b:8f:c1:
59:2d:cb:00:86:45:de:1f:bf:0c:57:32:a6:0c:c1:
3e:39:f4:4b:73:21:f2:5d:2e:d3:d6:16:0f:69:fb:
1b:fe:1d:f9:b7:58:8f:d6:e5:5c:5e:46:2a:ae:6e:
a2:a7:03:59:51:77:aa:20:95:91:e0:d4:5c:73:4d:
71:45:c8:9b:aa:ad:35:f4:b9:b8:20:12:60:a8:d4:
00:b8:96:80:ca:bd:5f:4e:7c:02:b9:0b:23:a1:43:
9d:84:3d:73:68:91:62:d6:d3:da:46:45:3b:ee:20:
ba:e4:3b:02:8e:d1:a5:4d:3a:77:ac:0b:43:cd:00:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6F:7A:9F:F1:CB:3E:23:3A:4A:BD:2A:79:EE:C4:E7:B9:20:DB:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Xm96n_HLPiM6Sr0qee7E57kg20o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:1d:aa:77:6e:b1:ae:a1:6d:96:cc:8b:51:34:51:2b:a2:3f:
61:31:9f:5d:90:bf:b6:0d:1f:ec:5a:ac:39:a4:f2:8e:2c:37:
ce:fc:9e:e2:b8:dc:9d:60:df:a0:50:4b:17:d8:9b:42:2a:1f:
ea:1b:2b:68:c9:6f:5f:55:0b:0e:75:89:ee:c7:09:3c:4a:6c:
fb:35:1e:35:de:e5:50:c7:9b:21:a5:b0:15:dc:f1:17:2e:02:
f3:eb:fc:de:69:35:c9:46:ca:36:95:93:c1:2c:8f:a6:3c:cd:
4d:bf:87:cd:f0:5f:9b:55:0b:41:b1:bf:ca:84:4f:a9:f6:05:
aa:0b:bf:e2:07:13:ed:69:2d:32:3b:da:e1:c5:05:ed:8c:24:
3b:61:17:ba:ab:56:92:8f:a3:32:59:fb:c8:f8:1d:c3:0c:49:
5c:97:a2:68:59:10:dd:21:51:0d:75:0c:e1:02:b7:98:b0:7c:
33:23:25:df:bf:fd:24:06:c6:6e:d7:69:c4:d5:bf:cb:a6:34:
d7:cc:b2:36:45:ae:8d:23:5c:f5:1e:4b:d5:f5:d7:92:17:9f:
2a:37:b4:6b:80:ab:ac:fa:04:2e:13:39:c1:99:34:69:92:62:
fc:3e:b0:0b:69:6d:0f:05:4d:83:1b:b9:3c:f8:09:74:f8:71:
f9:5b:6c:40
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY9N/5+Dd+SI61is5od0v/flMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNTA2MTMwMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZmN2E5ZmYxY2IzZTIzM2E0YWJkMmE3OWVlYzRlN2I5MjBkYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMyfQMDQ3SbfxqWKXGgHLaMC7x4A
G+7fkoYDFWSYVt4JjyZhnWdPNptmU2zIT42RESZsqHMY7UsXyyXm5J970Pz69tBw
+FZvJ0JRZcACsFskggcgoIscvyoWp/kMk9cjfEwQi2b+RJoLwkjugW50zOvwu5cN
R+OLDmYhDqEAWp+DlYYLj8FZLcsAhkXeH78MVzKmDME+OfRLcyHyXS7T1hYPafsb
/h35t1iP1uVcXkYqrm6ipwNZUXeqIJWR4NRcc01xRcibqq019Lm4IBJgqNQAuJaA
yr1fTnwCuQsjoUOdhD1zaJFi1tPaRkU77iC65DsCjtGlTTp3rAtDzQCp+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF5vep/xyz4jOkq9KnnuxOe5INtKMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWG05Nm5fSExQaU02U3IwcWVlN0U1N2tnMjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCqHap3brGuoW2WzItRNFEroj9hMZ9dkL+2DR/sWqw5pPKOLDfO/J7iuNyd
YN+gUEsX2JtCKh/qGytoyW9fVQsOdYnuxwk8Smz7NR413uVQx5shpbAV3PEXLgLz
6/zeaTXJRso2lZPBLI+mPM1Nv4fN8F+bVQtBsb/KhE+p9gWqC7/iBxPtaS0yO9rh
xQXtjCQ7YRe6q1aSj6MyWfvI+B3DDElcl6JoWRDdIVENdQzhAreYsHwzIyXfv/0k
BsZu12nE1b/LpjTXzLI2Ra6NI1z1HkvV9deSF58qN7RrgKus+gQuEznBmTRpkmL8
PrALaW0PBU2DG7k8+Al0+HH5W2xA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org