Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0b7_jq4FX3UiPr3hTbWNaKMdV_0.roa
File: 0b7_jq4FX3UiPr3hTbWNaKMdV_0.roa (raw, json)
Hash identifier: YzHpxyZAcnV8a+7DAS9F73SjNCCk4caM9j3ZaSDripw=
Subject key identifier: D1:BE:FF:8E:AE:05:5F:75:22:3E:BD:E1:4D:B5:8D:68:A3:1D:57:FD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0190E032BA173144B7F6DFF227ABEEF2B9CF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0b7_jq4FX3UiPr3hTbWNaKMdV_0.roa
Signing time: Tue 23 Jul 2024 15:25:39 +0000
ROA not before: Tue 23 Jul 2024 15:25:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 10:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:32:ba:17:31:44:b7:f6:df:f2:27:ab:ee:f2:b9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 23 15:25:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1beff8eae055f75223ebde14db58d68a31d57fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:86:f4:0d:f6:a1:5d:49:81:5c:b0:21:fd:
7c:b1:52:62:3c:84:ba:cc:cc:f7:38:44:20:f5:e3:
41:d0:1c:56:9e:f5:27:4b:ed:60:29:69:f8:e7:71:
ba:39:0d:66:0e:c9:e9:8a:f9:fd:2e:e9:a6:9c:0d:
50:20:db:a3:65:0d:2b:bb:bd:4f:53:1c:e5:4e:47:
27:7f:1d:6f:40:b9:94:8d:de:f6:f6:b3:6c:c4:18:
14:25:d1:99:21:be:7c:b3:ff:0e:35:ca:41:e1:e6:
a5:f2:4d:b4:97:74:39:b3:4b:d5:b9:8e:e3:1c:62:
6e:6c:16:31:c2:16:37:92:26:de:d8:ee:72:aa:d2:
68:c2:64:87:78:0e:39:2d:99:3e:f7:2d:c1:76:e1:
14:dc:d1:42:d5:7c:a8:0d:6c:95:1a:74:e0:d8:52:
72:ed:e5:7b:6c:12:2b:33:09:8f:6e:5e:84:5e:d8:
a8:3a:d0:cd:bc:7a:34:f1:d0:7a:f2:9b:12:78:d4:
b0:42:87:69:dd:e7:08:b8:dc:21:62:0a:31:a0:2e:
1f:84:12:72:34:9b:02:1c:03:5c:96:7b:64:e0:ad:
f5:38:3a:1e:e9:7a:24:f6:4a:2a:0d:bf:a4:bc:08:
56:29:b3:3a:ea:fc:34:35:31:80:3d:f9:f5:53:5b:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BE:FF:8E:AE:05:5F:75:22:3E:BD:E1:4D:B5:8D:68:A3:1D:57:FD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0b7_jq4FX3UiPr3hTbWNaKMdV_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0-193.8.114.255
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:36:57:1d:5e:51:b7:7e:80:92:63:e3:46:2c:71:2d:30:71:
c1:c8:27:f8:63:8e:70:52:e6:7e:3a:07:c4:10:be:fe:3c:31:
28:3f:1c:54:b3:88:db:80:f0:9d:9c:8c:3a:00:76:7d:72:f7:
d7:76:f6:74:99:22:55:87:e2:53:ee:f9:a1:13:e6:58:db:9f:
91:07:94:cc:ee:de:cf:f5:ec:79:b7:a7:5c:51:59:2f:74:46:
bb:16:60:80:7c:b2:49:9d:fc:3f:47:24:80:e4:be:19:73:54:
28:1d:b5:11:c6:d6:32:5b:54:f7:1d:d7:a8:18:71:6d:95:3d:
8f:f4:cb:4e:7e:59:50:ba:e4:5a:68:d9:35:7e:5d:8a:ee:7e:
e9:14:0f:87:94:d5:9f:2e:0b:de:92:52:88:e0:97:d3:18:34:
c1:e8:90:9f:4f:61:23:49:4d:b4:3a:aa:e8:eb:31:0b:36:3d:
fa:e0:a6:0c:ad:b3:11:77:48:19:52:16:1e:c3:c7:ef:0e:55:
1c:59:92:9c:b1:90:e4:f2:7d:a1:2f:92:15:72:ca:6f:39:7c:
fe:74:c9:a6:fb:24:7e:fe:c8:f8:fa:1d:96:f1:3d:d4:e3:41:
40:58:f1:55:f0:d3:78:81:b6:81:55:55:07:5e:88:12:32:0a:
79:46:3e:35
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZDgMroXMUS39t/yJ6vu8rnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNzIzMTUyNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJlZmY4ZWFlMDU1Zjc1MjIzZWJkZTE0ZGI1OGQ2OGEzMWQ1N2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy6G9A32oV1JgVywIf18sVJiPIS6
zMz3OEQg9eNB0BxWnvUnS+1gKWn453G6OQ1mDsnpivn9LummnA1QINujZQ0ru71P
UxzlTkcnfx1vQLmUjd729rNsxBgUJdGZIb58s/8ONcpB4eal8k20l3Q5s0vVuY7j
HGJubBYxwhY3kibe2O5yqtJowmSHeA45LZk+9y3BduEU3NFC1XyoDWyVGnTg2FJy
7eV7bBIrMwmPbl6EXtioOtDNvHo08dB68psSeNSwQodp3ecIuNwhYgoxoC4fhBJy
NJsCHANclntk4K31ODoe6Xok9koqDb+kvAhWKbM66vw0NTGAPfn1U1tQoQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNG+/46uBV91Ij694U21jWijHVf9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMGI3X2pxNEZYM1VpUHIzaFRiV05hS01kVl8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSMAwDBATBCHADBADBCHIDBAHBOpIw
DQYJKoZIhvcNAQELBQADggEBAA82Vx1eUbd+gJJj40YscS0wccHIJ/hjjnBS5n46
B8QQvv48MSg/HFSziNuA8J2cjDoAdn1y99d29nSZIlWH4lPu+aET5ljbn5EHlMzu
3s/17Hm3p1xRWS90RrsWYIB8skmd/D9HJIDkvhlzVCgdtRHG1jJbVPcd16gYcW2V
PY/0y05+WVC65Fpo2TV+XYrufukUD4eU1Z8uC96SUojgl9MYNMHokJ9PYSNJTbQ6
qujrMQs2PfrgpgytsxF3SBlSFh7Dx+8OVRxZkpyxkOTyfaEvkhVyym85fP50yab7
JH7+yPj6HZbxPdTjQUBY8VXw03iBtoFVVQdeiBIyCnlGPjU=
-----END CERTIFICATE-----
Generated at Wed Jul 24 12:45:20 2024 by rpki-client on console-ams.rpki-client.org