Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Q_ukjg0BSmRzd0V7Kcaafvw2Y8.roa
File: 0Q_ukjg0BSmRzd0V7Kcaafvw2Y8.roa (raw, json)
Hash identifier: NosXkE8L/tiye7U5pVpn3ZjLWbaCYS5r62jovTq6zhE=
Subject key identifier: D1:0F:EE:92:38:34:05:29:91:CD:DD:15:EC:A7:1A:69:FB:F0:D9:8F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C6D43265EA04F19873291C8952DDB9095
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Q_ukjg0BSmRzd0V7Kcaafvw2Y8.roa
Signing time: Fri 15 Dec 2023 11:36:06 +0000
ROA not before: Fri 15 Dec 2023 11:36:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.222.29.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:43:26:5e:a0:4f:19:87:32:91:c8:95:2d:db:90:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 15 11:36:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10fee923834052991cddd15eca71a69fbf0d98f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:93:28:c4:f0:53:a7:eb:00:8e:03:9c:cb:96:
cf:47:90:ea:e5:6a:5f:b2:e6:ed:bf:07:7c:1d:fd:
c1:2e:40:ad:17:24:5d:50:6d:ce:02:9e:cc:eb:f9:
68:2e:96:1b:c5:60:11:69:c3:1b:52:bc:ce:25:14:
1f:94:5d:6d:69:a4:ed:fa:4d:95:d9:6a:43:c1:d3:
71:1a:3c:1f:6c:d5:ee:cb:f1:f5:b5:f1:ef:01:09:
66:47:87:30:eb:bc:3e:d2:ca:61:e2:b4:0b:60:3e:
38:9e:85:b9:52:fe:b7:91:71:f4:42:d0:fa:20:ae:
d3:9f:5c:78:82:80:6d:92:10:60:e6:80:17:2f:31:
d8:4f:ec:ad:36:25:ac:e6:3d:30:57:64:4c:79:08:
a9:41:10:e9:a2:b3:ba:39:2b:e0:c7:21:3f:0a:0f:
98:54:07:cc:3f:39:e2:f7:82:38:28:df:43:33:e3:
c6:9d:c6:a6:ff:0a:1c:3e:7f:49:ad:25:c2:18:9f:
c6:11:8d:ad:3b:fe:21:06:6e:f2:43:3e:0c:53:25:
bb:79:93:a9:5a:2c:c9:82:73:62:1f:c3:54:50:4a:
97:90:42:d6:46:9d:13:0f:96:99:3f:48:15:d6:d6:
1e:69:4b:8a:0e:12:90:91:17:5b:ff:f2:30:b7:d7:
1f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0F:EE:92:38:34:05:29:91:CD:DD:15:EC:A7:1A:69:FB:F0:D9:8F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0Q_ukjg0BSmRzd0V7Kcaafvw2Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.73.0/24
185.218.101.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:8f:3e:42:b9:71:c1:ba:b8:cf:db:3c:3c:66:aa:18:17:36:
cb:83:cf:8e:b5:53:fe:dc:f1:66:d8:f3:4b:1a:3b:50:6d:28:
f6:55:33:77:de:ad:eb:7a:12:7c:ac:f5:69:a8:11:de:3d:b6:
6c:31:5d:7f:11:0b:67:a3:ae:1b:56:72:e8:42:dc:1d:72:e5:
16:ec:54:10:84:1c:a9:d7:24:00:71:b5:b5:81:60:d0:a5:21:
9a:8d:53:e6:bd:b4:c7:87:2d:75:d8:86:b4:89:8f:25:b2:74:
89:f0:74:f6:54:f7:14:92:9b:60:1d:32:4d:14:09:f2:6c:c2:
da:cc:e5:85:e2:74:f8:bc:2d:d7:09:d1:75:81:57:65:1b:02:
ae:fa:9c:ae:37:60:80:d7:20:98:d3:09:bf:f8:cb:cb:84:ca:
76:c7:86:12:d5:22:79:5d:ee:0f:98:49:05:50:73:16:44:24:
e0:57:fa:7b:58:86:90:38:8c:aa:5f:50:93:aa:c2:a2:79:2c:
2c:13:17:4b:a5:f8:77:74:90:b9:74:77:a9:04:d6:63:64:f2:
ab:51:e2:29:c6:5b:02:4b:62:58:ab:9f:e5:12:4b:6c:20:27:
f7:7c:e7:7d:3f:e5:02:14:4b:3f:23:fa:a1:6b:04:df:c9:36:
b4:0f:00:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYxtQyZeoE8ZhzKRyJUt25CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE1MTEzNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBmZWU5MjM4MzQwNTI5OTFjZGRkMTVlY2E3MWE2OWZiZjBkOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJMoxPBTp+sAjgOcy5bPR5Dq5Wpf
subtvwd8Hf3BLkCtFyRdUG3OAp7M6/loLpYbxWARacMbUrzOJRQflF1taaTt+k2V
2WpDwdNxGjwfbNXuy/H1tfHvAQlmR4cw67w+0sph4rQLYD44noW5Uv63kXH0QtD6
IK7Tn1x4goBtkhBg5oAXLzHYT+ytNiWs5j0wV2RMeQipQRDporO6OSvgxyE/Cg+Y
VAfMPzni94I4KN9DM+PGncam/wocPn9JrSXCGJ/GEY2tO/4hBm7yQz4MUyW7eZOp
WizJgnNiH8NUUEqXkELWRp0TD5aZP0gV1tYeaUuKDhKQkRdb//Iwt9cfvwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNEP7pI4NAUpkc3dFeynGmn78NmPMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMFFfdWtqZzBCU21SemQwVjdLY2FhZnZ3Mlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAucKxAwQA
udFJAwQAudplAwQAud4dAwQAufZwAwQAwTqSAwQAwgVAMA0GCSqGSIb3DQEBCwUA
A4IBAQCjjz5CuXHBurjP2zw8ZqoYFzbLg8+OtVP+3PFm2PNLGjtQbSj2VTN33q3r
ehJ8rPVpqBHePbZsMV1/EQtno64bVnLoQtwdcuUW7FQQhByp1yQAcbW1gWDQpSGa
jVPmvbTHhy112Ia0iY8lsnSJ8HT2VPcUkptgHTJNFAnybMLazOWF4nT4vC3XCdF1
gVdlGwKu+pyuN2CA1yCY0wm/+MvLhMp2x4YS1SJ5Xe4PmEkFUHMWRCTgV/p7WIaQ
OIyqX1CTqsKieSwsExdLpfh3dJC5dHepBNZjZPKrUeIpxlsCS2JYq5/lEktsICf3
fOd9P+UCFEs/I/qhawTfyTa0DwCe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org