Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0RsaoIyw5ynMSUnTBRi8s3O8N7c.roa
File: 0RsaoIyw5ynMSUnTBRi8s3O8N7c.roa (raw, json)
Hash identifier: fWzpZbnigMAXJkiUCH3WdhTeDMp1VyWCl+8J+yW2iR4=
Subject key identifier: D1:1B:1A:A0:8C:B0:E7:29:CC:49:49:D3:05:18:BC:B3:73:BC:37:B7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D74C1177B618DD14FB393981E0AA30D86
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0RsaoIyw5ynMSUnTBRi8s3O8N7c.roa
Signing time: Sun 04 Feb 2024 15:33:48 +0000
ROA not before: Sun 04 Feb 2024 15:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:74:c1:17:7b:61:8d:d1:4f:b3:93:98:1e:0a:a3:0d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 4 15:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d11b1aa08cb0e729cc4949d30518bcb373bc37b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:32:f1:11:70:c7:c9:18:5f:3a:79:fa:10:df:
be:46:22:83:e4:cc:8f:14:47:ac:0d:f3:5a:6c:41:
a6:87:f9:a5:f8:ac:a7:fb:97:24:8d:db:4c:ac:db:
cd:36:a7:10:79:0b:cf:85:54:35:81:c0:64:fe:c7:
f3:03:74:3e:b0:03:47:21:92:98:38:f2:1b:17:c8:
5f:3e:c9:cf:0d:b0:bd:39:1f:6a:b7:9a:cb:29:a7:
8f:3b:d2:1b:3d:b5:f1:6c:9a:01:fb:47:f2:b2:a5:
34:e1:80:55:47:ed:e0:96:6f:fb:0c:55:66:46:25:
f1:8e:f3:15:86:9c:dd:57:0f:cc:45:cb:ea:fa:ed:
4c:71:c6:21:d3:b9:33:a4:78:e4:09:91:2a:d3:40:
a6:d6:11:4f:38:19:f8:e8:9b:a1:fd:6f:eb:a2:be:
02:1e:f3:39:67:92:7c:25:97:84:8c:39:42:f5:99:
60:db:dd:c7:bb:95:85:bc:a1:cd:dd:f5:a0:89:06:
72:82:51:9f:30:ae:52:54:f2:51:50:bf:aa:47:75:
72:74:0d:ef:b6:8a:3e:07:8e:9c:0f:09:51:67:39:
6b:56:27:ef:d4:02:ec:67:b0:b1:6f:0e:cc:4a:dc:
fb:87:49:ed:e5:16:42:cf:46:17:e3:93:dd:1a:8f:
39:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1B:1A:A0:8C:B0:E7:29:CC:49:49:D3:05:18:BC:B3:73:BC:37:B7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0RsaoIyw5ynMSUnTBRi8s3O8N7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.73.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5a:dc:af:bc:10:9c:f7:d9:d6:63:ed:c4:c3:08:12:e9:74:
5f:6c:3c:5c:a8:ac:eb:ba:20:ad:0a:7a:f9:06:19:d5:00:14:
a9:8c:53:f0:db:91:c5:4b:7f:a6:b7:4a:b4:8a:d9:8e:78:11:
6b:d5:db:d7:90:04:41:3b:96:3b:8d:61:e5:b8:8f:cb:19:f3:
d5:3e:8f:9f:b9:38:9b:b3:76:0d:d4:28:52:2a:b4:bf:07:dd:
67:24:0a:94:17:07:29:9c:1c:7e:9f:7c:45:0f:86:14:73:89:
40:d1:57:4d:7e:9f:49:ac:d4:7d:7a:72:a5:08:4b:3e:ed:29:
2f:b4:f1:f7:09:59:77:f1:35:54:3d:22:e5:11:d9:65:94:bf:
82:70:f0:e3:ff:0f:e3:7f:16:b9:f0:ce:28:26:18:62:ce:30:
93:59:6b:7b:e9:c1:62:50:6f:b2:30:56:d4:0b:fa:1d:f5:43:
6f:a0:7f:5a:81:a6:9f:8c:fe:1d:e7:44:36:96:b1:da:a2:07:
52:7c:77:90:18:64:de:a7:13:30:64:3f:cd:a2:ff:ea:5b:c9:
63:fd:44:eb:40:ab:3d:b6:3f:b2:f6:1f:9c:bc:52:82:e9:e6:
ba:78:a2:68:e2:5d:b7:d5:f5:bc:87:8f:31:c7:e5:3e:90:d8:
04:8a:16:23
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY10wRd7YY3RT7OTmB4Kow2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA0MTUzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTFiMWFhMDhjYjBlNzI5Y2M0OTQ5ZDMwNTE4YmNiMzczYmMzN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTLxEXDHyRhfOnn6EN++RiKD5MyP
FEesDfNabEGmh/ml+Kyn+5ckjdtMrNvNNqcQeQvPhVQ1gcBk/sfzA3Q+sANHIZKY
OPIbF8hfPsnPDbC9OR9qt5rLKaePO9IbPbXxbJoB+0fysqU04YBVR+3glm/7DFVm
RiXxjvMVhpzdVw/MRcvq+u1MccYh07kzpHjkCZEq00Cm1hFPOBn46Juh/W/ror4C
HvM5Z5J8JZeEjDlC9Zlg293Hu5WFvKHN3fWgiQZyglGfMK5SVPJRUL+qR3VydA3v
too+B46cDwlRZzlrVifv1ALsZ7Cxbw7MStz7h0nt5RZCz0YX45PdGo85BQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNEbGqCMsOcpzElJ0wUYvLNzvDe3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMFJzYW9JeXc1eW5NU1VuVEJSaThzM084TjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAucKxAwQA
udFJAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQAeWtyvvBCc
99nWY+3EwwgS6XRfbDxcqKzruiCtCnr5BhnVABSpjFPw25HFS3+mt0q0itmOeBFr
1dvXkARBO5Y7jWHluI/LGfPVPo+fuTibs3YN1ChSKrS/B91nJAqUFwcpnBx+n3xF
D4YUc4lA0VdNfp9JrNR9enKlCEs+7SkvtPH3CVl38TVUPSLlEdlllL+CcPDj/w/j
fxa58M4oJhhizjCTWWt76cFiUG+yMFbUC/od9UNvoH9agaafjP4d50Q2lrHaogdS
fHeQGGTepxMwZD/Nov/qW8lj/UTrQKs9tj+y9h+cvFKC6ea6eKJo4l231fW8h48x
x+U+kNgEihYj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org