Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0HxQ9ih3V94kbDZHy-h5Y-C5uk0.roa
File: 0HxQ9ih3V94kbDZHy-h5Y-C5uk0.roa (raw, json)
Hash identifier: GGayJ3omh8m4HJgjr9Qi/iAtk0gwOi8S7CsELYCbIBg=
Subject key identifier: D0:7C:50:F6:28:77:57:DE:24:6C:36:47:CB:E8:79:63:E0:B9:BA:4D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187EBC89B8AFF8C6686B9774AF60608F8CB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0HxQ9ih3V94kbDZHy-h5Y-C5uk0.roa
Signing time: Fri 05 May 2023 12:00:05 +0000
ROA not before: Fri 05 May 2023 12:00:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.228.74.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.228.0/22 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 11:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:c8:9b:8a:ff:8c:66:86:b9:77:4a:f6:06:08:f8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 5 12:00:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d07c50f6287757de246c3647cbe87963e0b9ba4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:2c:8d:08:36:ff:1b:58:48:b9:84:5c:00:
6e:78:7d:68:6e:64:99:cc:c7:c5:99:bf:97:19:91:
59:66:47:96:89:21:8b:ce:6b:43:02:41:6e:87:66:
f1:77:a2:0b:c7:a4:79:65:5f:b8:1a:eb:da:2c:a4:
8e:c8:39:c5:f5:90:f8:69:ab:ba:f7:b6:79:85:8e:
3c:63:2c:9a:f7:ce:62:bb:a0:03:a0:ef:3a:80:4e:
99:bc:05:ce:e4:15:97:56:a3:db:13:26:bc:82:6f:
e5:27:cd:85:52:de:2a:b1:d1:27:be:35:22:be:f1:
23:69:8d:3b:26:43:0e:ce:3d:6b:1a:06:a5:f6:78:
b4:d2:16:6b:a6:8f:42:1a:39:de:df:22:ee:d1:92:
3c:df:6a:67:55:ef:67:83:f9:ea:fe:24:1c:60:7d:
46:d4:9c:b0:2f:db:c6:2f:de:5f:96:e6:65:51:c8:
79:37:69:9b:4d:d9:c0:c6:97:62:68:63:67:f6:be:
c1:b4:81:c9:03:95:fe:10:62:f1:9f:57:cf:fa:d8:
4a:3f:12:ce:30:3b:56:b0:d3:a6:7b:1e:a8:3c:4a:
27:27:b9:d3:51:78:d1:e2:be:1d:55:bc:56:82:10:
4f:3e:f5:b5:25:fe:92:be:ad:f8:3b:bc:e4:29:16:
62:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7C:50:F6:28:77:57:DE:24:6C:36:47:CB:E8:79:63:E0:B9:BA:4D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0HxQ9ih3V94kbDZHy-h5Y-C5uk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/24
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.223.76.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.228.74.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:10:95:9f:47:fd:d0:5c:58:7f:12:bf:d8:39:db:39:34:64:
68:fd:61:7a:21:87:3f:c1:40:6c:2b:ad:34:48:3b:9b:97:54:
8f:31:28:c0:02:36:f4:c5:63:16:ac:48:3d:53:1f:fb:c2:c0:
9e:f2:ce:b6:34:aa:69:13:dd:94:ee:8c:fc:eb:b3:ea:bc:87:
24:33:8d:86:6c:fa:59:6c:64:fd:ce:ea:19:f5:7b:a5:78:01:
fe:89:07:90:f8:c1:06:50:06:4c:c3:d9:ac:c5:84:9f:e6:a5:
d1:83:a8:66:3a:72:a7:76:1d:2e:ed:da:84:7b:a2:3e:cc:cf:
e5:19:43:cd:3d:a3:a5:05:34:97:8d:d1:68:9c:82:83:68:42:
69:32:12:50:b2:a1:f2:5f:bb:52:d6:a0:a0:18:f7:ba:3c:86:
6c:6e:47:dc:cc:89:58:7b:fc:54:ce:f7:c7:b4:b9:a8:68:72:
ce:4e:c9:ac:b5:11:3b:8b:d3:55:1f:48:38:e8:fc:24:16:92:
6c:53:3d:75:be:0e:83:4f:3a:29:f1:00:14:e0:b6:5f:8c:24:
13:60:53:16:d9:77:31:74:67:f2:39:77:b4:ff:12:62:ff:0f:
46:0d:75:c8:33:76:5f:d7:fc:14:df:b5:dd:06:20:80:7b:91:
1e:d9:75:a4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYfryJuK/4xmhrl3SvYGCPjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTA1MTIwMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdjNTBmNjI4Nzc1N2RlMjQ2YzM2NDdjYmU4Nzk2M2UwYjliYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeMsjQg2/xtYSLmEXABueH1obmSZ
zMfFmb+XGZFZZkeWiSGLzmtDAkFuh2bxd6ILx6R5ZV+4GuvaLKSOyDnF9ZD4aau6
97Z5hY48Yyya985iu6ADoO86gE6ZvAXO5BWXVqPbEya8gm/lJ82FUt4qsdEnvjUi
vvEjaY07JkMOzj1rGgal9ni00hZrpo9CGjne3yLu0ZI832pnVe9ng/nq/iQcYH1G
1JywL9vGL95fluZlUch5N2mbTdnAxpdiaGNn9r7BtIHJA5X+EGLxn1fP+thKPxLO
MDtWsNOmex6oPEonJ7nTUXjR4r4dVbxWghBPPvW1Jf6Svq34O7zkKRZi3wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNB8UPYod1feJGw2R8voeWPgubpNMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMEh4UTlpaDNWOTRrYkRaSHktaDVZLUM1dWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAuSTMAwQC
uXkMAwQAuc74AwQAuc77AwQAud9MAwQAueECAwQAueJpAwQAueJrAwQAueRKAwQB
ueY0AwQCueoUAwQCue7kAwQBufB4AwQAufvnAwQAuf98MA0GCSqGSIb3DQEBCwUA
A4IBAQBrEJWfR/3QXFh/Er/YOds5NGRo/WF6IYc/wUBsK600SDubl1SPMSjAAjb0
xWMWrEg9Ux/7wsCe8s62NKppE92U7oz867PqvIckM42GbPpZbGT9zuoZ9XuleAH+
iQeQ+MEGUAZMw9msxYSf5qXRg6hmOnKndh0u7dqEe6I+zM/lGUPNPaOlBTSXjdFo
nIKDaEJpMhJQsqHyX7tS1qCgGPe6PIZsbkfczIlYe/xUzvfHtLmoaHLOTsmstRE7
i9NVH0g46PwkFpJsUz11vg6DTzop8QAU4LZfjCQTYFMW2XcxdGfyOXe0/xJi/w9G
DXXIM3Zf1/wU37XdBiCAe5Ee2XWk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org