Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0MRrTtJ4JJZI_Yn0dhxcpCP2xik.roa
File: 0MRrTtJ4JJZI_Yn0dhxcpCP2xik.roa (raw, json)
Hash identifier: Dy4zvybykGVtm1ZVvwNHp6jUI3SETN6Rx8DVn2EmEn4=
Subject key identifier: D0:C4:6B:4E:D2:78:24:96:48:FD:89:F4:76:1C:5C:A4:23:F6:C6:29
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B67637B9CAEC1602608B7351B2B3A221F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0MRrTtJ4JJZI_Yn0dhxcpCP2xik.roa
Signing time: Wed 25 Oct 2023 15:10:54 +0000
ROA not before: Wed 25 Oct 2023 15:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212830
IP address blocks: 185.128.52.0/22 maxlen: 24
185.175.152.0/22 maxlen: 24
185.199.44.0/22 maxlen: 24
185.119.48.0/22 maxlen: 24
194.124.68.0/23 maxlen: 24
194.124.70.0/23 maxlen: 24
194.124.68.0/24 maxlen: 24
185.223.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:63:7b:9c:ae:c1:60:26:08:b7:35:1b:2b:3a:22:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 25 15:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0c46b4ed278249648fd89f4761c5ca423f6c629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:b6:26:ea:d1:56:de:4b:d6:7e:e5:a6:3c:
23:40:c3:57:de:f9:4c:e5:fc:58:76:1f:cc:30:f4:
d1:90:58:38:9f:fd:c9:0c:19:1d:13:d5:f1:45:67:
2b:cc:4e:df:9c:11:1c:e2:bb:89:5a:41:fc:82:c1:
60:8b:68:fb:53:56:53:4f:05:0f:26:b5:56:bf:07:
fc:55:6d:1a:29:4d:90:01:72:f7:54:d6:03:ee:20:
92:1a:c1:07:d4:24:0c:8f:10:49:30:86:1a:58:79:
76:45:dd:5b:94:b9:e6:36:14:08:7f:7f:83:0f:eb:
bc:7a:14:e9:2a:4e:44:63:73:b2:e9:b7:56:47:af:
e6:4c:d8:8d:e5:57:bd:97:56:e1:13:58:e0:78:57:
52:f8:60:ec:3a:2b:7e:ae:1a:f9:10:82:ce:7b:9e:
65:4f:3b:67:74:ae:b7:98:d2:be:1e:d1:75:c8:0b:
c2:2d:60:02:01:f1:ac:11:6c:f3:2d:39:3e:69:3b:
33:e7:28:0f:7f:f3:4d:b1:cb:31:87:a3:10:61:e1:
8c:50:77:36:c6:16:0b:7b:88:fc:d2:4f:33:9b:e2:
52:49:82:54:54:1b:5d:37:9f:2f:f7:1e:f2:41:b2:
27:b5:7e:2c:3a:89:7d:bf:d6:43:4a:e4:25:dd:9b:
7f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C4:6B:4E:D2:78:24:96:48:FD:89:F4:76:1C:5C:A4:23:F6:C6:29
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0MRrTtJ4JJZI_Yn0dhxcpCP2xik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.48.0/22
185.128.52.0/22
185.175.152.0/22
185.199.44.0/22
185.223.60.0/22
194.124.68.0/22
Signature Algorithm: sha256WithRSAEncryption
af:68:fa:6e:0c:04:17:4b:f9:d7:2b:eb:1d:ac:f4:9e:92:9e:
23:86:cc:6a:9d:39:7f:eb:ac:f2:cb:3c:f4:3a:ee:69:c5:3b:
82:2e:87:ec:c3:61:7b:75:b8:a2:d0:3d:40:c1:d0:c6:48:47:
13:f6:66:18:35:0d:dc:97:e5:82:73:59:e5:03:ea:12:19:19:
f4:96:a5:ab:0b:13:f3:9d:12:b8:d4:63:06:4a:15:46:96:ca:
21:06:bf:d1:4e:4b:df:d3:b5:80:16:23:d7:38:a6:7f:53:90:
53:27:42:f9:b5:bf:da:1c:9f:c5:83:5d:11:05:9b:f3:a9:a5:
ff:12:4d:fe:96:95:37:3f:07:f6:b7:18:b9:ac:c5:d6:51:a7:
ae:e8:b7:81:24:eb:51:cf:ce:d4:77:56:2b:84:e0:cc:09:a9:
18:bf:44:f0:1f:44:af:16:ad:ac:ef:5b:a3:09:7d:30:94:73:
d5:6c:2c:06:e2:ee:83:f6:e0:08:0e:9b:e5:b2:c0:c1:f0:4e:
77:f9:e3:80:f9:e8:4a:a6:a5:8a:77:4b:c7:8e:57:89:33:a3:
8a:80:d0:c9:39:e9:41:30:09:63:1d:cf:76:54:0f:fa:d4:fc:
51:61:ea:5b:9a:ac:a0:3c:76:40:88:ce:22:3a:33:f6:ce:99:
11:06:cc:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtnY3ucrsFgJgi3NRsrOiIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI1MTUxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM0NmI0ZWQyNzgyNDk2NDhmZDg5ZjQ3NjFjNWNhNDIzZjZjNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsC2JurRVt5L1n7lpjwjQMNX3vlM
5fxYdh/MMPTRkFg4n/3JDBkdE9XxRWcrzE7fnBEc4ruJWkH8gsFgi2j7U1ZTTwUP
JrVWvwf8VW0aKU2QAXL3VNYD7iCSGsEH1CQMjxBJMIYaWHl2Rd1blLnmNhQIf3+D
D+u8ehTpKk5EY3Oy6bdWR6/mTNiN5Ve9l1bhE1jgeFdS+GDsOit+rhr5EILOe55l
TztndK63mNK+HtF1yAvCLWACAfGsEWzzLTk+aTsz5ygPf/NNscsxh6MQYeGMUHc2
xhYLe4j80k8zm+JSSYJUVBtdN58v9x7yQbIntX4sOol9v9ZDSuQl3Zt/wwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNDEa07SeCSWSP2J9HYcXKQj9sYpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvME1SclR0SjRKSlpJX1luMGRoeGNwQ1AyeGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuXcwAwQC
uYA0AwQCua+YAwQCuccsAwQCud88AwQCwnxEMA0GCSqGSIb3DQEBCwUAA4IBAQCv
aPpuDAQXS/nXK+sdrPSekp4jhsxqnTl/66zyyzz0Ou5pxTuCLofsw2F7dbii0D1A
wdDGSEcT9mYYNQ3cl+WCc1nlA+oSGRn0lqWrCxPznRK41GMGShVGlsohBr/RTkvf
07WAFiPXOKZ/U5BTJ0L5tb/aHJ/Fg10RBZvzqaX/Ek3+lpU3Pwf2txi5rMXWUaeu
6LeBJOtRz87Ud1YrhODMCakYv0TwH0SvFq2s71ujCX0wlHPVbCwG4u6D9uAIDpvl
ssDB8E53+eOA+ehKpqWKd0vHjleJM6OKgNDJOelBMAljHc92VA/61PxRYepbmqyg
PHZAiM4iOjP2zpkRBsxm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org