Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Jm8PTL6NoflRn9rH1BvPwSrKWI.roa
File: 0Jm8PTL6NoflRn9rH1BvPwSrKWI.roa (raw, json)
Hash identifier: hUsUr+wRXK7+vd09FMHfGt/uA5OdIT5MATwFU18esSI=
Subject key identifier: D0:99:BC:3D:32:FA:36:87:E5:46:7F:6B:1F:50:6F:3F:04:AB:29:62
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0190C0269D45CD361ED472F6118B8E95F6EE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Jm8PTL6NoflRn9rH1BvPwSrKWI.roa
Signing time: Wed 17 Jul 2024 10:04:34 +0000
ROA not before: Wed 17 Jul 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 14:44:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:26:9d:45:cd:36:1e:d4:72:f6:11:8b:8e:95:f6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 17 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d099bc3d32fa3687e5467f6b1f506f3f04ab2962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:63:2a:ad:71:1b:9b:9f:9b:80:e6:57:c8:c2:
32:a8:75:43:ce:ff:c1:39:b7:61:4c:cb:2d:8d:d1:
1f:f4:ac:24:11:0a:c0:95:78:23:55:7d:29:79:4b:
75:cf:2d:35:c8:7b:b2:78:9e:78:52:a4:12:b8:9d:
24:8f:c3:a7:df:22:ae:4a:c7:ef:e0:c8:fa:87:8f:
9d:b3:b6:6c:52:55:b8:8e:c9:7e:0d:20:cb:77:83:
2a:d3:49:45:09:54:bc:7e:17:e9:76:c1:ae:86:a3:
24:c3:4d:ad:98:0a:00:29:0e:1e:ae:ce:96:93:45:
53:dd:26:e4:80:4c:99:bf:19:09:3f:01:7a:7c:cf:
03:52:ed:e8:45:ce:9f:fe:09:bd:a3:9c:7b:75:cc:
69:1f:76:3b:7a:0a:ba:7f:26:db:83:1d:f1:b7:80:
7c:c4:13:00:e2:1c:6a:91:98:8f:21:1c:c2:52:51:
ee:fc:eb:e2:f7:2e:f8:fc:8c:0b:e6:39:48:aa:d9:
69:90:b0:3c:e9:53:46:7e:c2:9d:34:45:81:bb:ba:
79:6d:bc:81:c5:d8:0b:bc:6f:b3:23:43:66:97:02:
95:60:82:1c:8d:ee:7b:db:ae:69:63:84:30:f1:66:
c7:c6:99:67:76:28:08:40:50:4c:e0:e3:c8:6f:85:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:99:BC:3D:32:FA:36:87:E5:46:7F:6B:1F:50:6F:3F:04:AB:29:62
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Jm8PTL6NoflRn9rH1BvPwSrKWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
af:f6:32:c4:c6:a2:b6:6e:87:85:0a:6d:5f:a0:a4:60:21:fa:
c0:02:9a:dd:68:42:90:6c:6b:ab:28:28:02:40:04:f4:ec:34:
c4:86:3c:95:a6:15:be:5e:6c:f2:85:06:5a:b0:e8:c4:e3:ca:
5c:b6:25:4c:9c:2a:56:10:45:d7:4f:d9:c0:75:26:9d:60:bc:
5f:56:e7:4d:f4:9d:15:df:c3:ed:89:5c:2e:90:ed:df:84:b8:
a1:aa:40:b2:eb:17:3a:9e:f8:da:95:72:3c:97:eb:a3:25:07:
83:de:d6:6f:a6:26:cc:96:bc:77:dc:0d:93:5b:02:eb:12:95:
6a:41:7b:ed:82:d6:9f:8b:9f:bb:b3:5b:27:d8:ae:e2:37:ed:
c0:92:7a:1e:39:e7:18:71:e1:18:5b:b5:49:5d:26:5d:36:10:
fa:dd:78:21:56:be:12:7e:cd:63:5e:3c:e7:05:b3:51:2b:1a:
69:df:0a:0a:09:2e:53:d9:a7:87:0b:2f:3b:c7:1f:45:a8:ab:
bc:30:88:83:46:f3:3d:d0:23:65:89:96:3b:9b:c9:57:6b:ca:
b4:96:88:6e:fe:08:49:c5:e6:b7:08:51:6e:d3:40:38:49:a0:
6b:ee:cd:59:32:80:4d:64:4d:b2:a2:af:68:cd:ef:ed:d1:1e:
03:da:f1:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZDAJp1FzTYe1HL2EYuOlfbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNzE3MTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk5YmMzZDMyZmEzNjg3ZTU0NjdmNmIxZjUwNmYzZjA0YWIyOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWMqrXEbm5+bgOZXyMIyqHVDzv/B
ObdhTMstjdEf9KwkEQrAlXgjVX0peUt1zy01yHuyeJ54UqQSuJ0kj8On3yKuSsfv
4Mj6h4+ds7ZsUlW4jsl+DSDLd4Mq00lFCVS8fhfpdsGuhqMkw02tmAoAKQ4ers6W
k0VT3SbkgEyZvxkJPwF6fM8DUu3oRc6f/gm9o5x7dcxpH3Y7egq6fybbgx3xt4B8
xBMA4hxqkZiPIRzCUlHu/Ovi9y74/IwL5jlIqtlpkLA86VNGfsKdNEWBu7p5bbyB
xdgLvG+zI0NmlwKVYIIcje57265pY4Qw8WbHxplndigIQFBM4OPIb4UQ/wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNCZvD0y+jaH5UZ/ax9Qbz8EqyliMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMEptOFBUTDZOb2ZsUm45ckgxQnZQd1NyS1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCv9jLExqK2boeFCm1foKRgIfrAAprdaEKQbGurKCgC
QAT07DTEhjyVphW+XmzyhQZasOjE48pctiVMnCpWEEXXT9nAdSadYLxfVudN9J0V
38PtiVwukO3fhLihqkCy6xc6nvjalXI8l+ujJQeD3tZvpibMlrx33A2TWwLrEpVq
QXvtgtafi5+7s1sn2K7iN+3AknoeOecYceEYW7VJXSZdNhD63XghVr4Sfs1jXjzn
BbNRKxpp3woKCS5T2aeHCy87xx9FqKu8MIiDRvM90CNliZY7m8lXa8q0lohu/ghJ
xea3CFFu00A4SaBr7s1ZMoBNZE2yoq9oze/t0R4D2vFd
-----END CERTIFICATE-----
Generated at Tue Jul 23 19:32:03 2024 by rpki-client on console-fra.rpki-client.org