Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-9yI7g9iSERLYmOZm4bKnzEJ8zs.roa
File: 1-9yI7g9iSERLYmOZm4bKnzEJ8zs.roa (raw, json)
Hash identifier: L/OSzVjp24Ci1h5HIrVDWOz+P+Suotp9/IHs00/eQuU=
Subject key identifier: FB:DC:88:EE:0F:62:48:44:4B:62:63:99:9B:86:CA:9F:31:09:F3:3B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B5BE8F765CACC6852962995DD3932D91F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-9yI7g9iSERLYmOZm4bKnzEJ8zs.roa
Signing time: Mon 23 Oct 2023 09:41:16 +0000
ROA not before: Mon 23 Oct 2023 09:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
185.240.122.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Oct 2023 10:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:e8:f7:65:ca:cc:68:52:96:29:95:dd:39:32:d9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 23 09:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbdc88ee0f6248444b6263999b86ca9f3109f33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9d:f1:1e:6e:5e:27:21:1c:d3:3a:2a:b6:4f:
5d:65:ea:bf:e7:84:86:2b:b2:7f:32:de:24:2b:d6:
38:cd:2d:35:6c:bb:d3:5a:dd:4c:43:57:bc:65:67:
bd:68:9a:3e:62:4f:74:eb:a9:ef:72:ac:4c:92:77:
7b:1f:ad:a7:8f:41:1e:e0:a7:fe:7c:1d:e0:b9:8a:
cd:ff:6d:d7:4b:7b:96:cc:d4:8d:8c:b4:64:b2:c5:
13:e1:91:68:0a:cb:04:e5:04:b7:84:6f:84:bd:05:
e1:e9:5e:fb:47:ca:f5:a9:14:48:f8:a5:9a:78:04:
bf:24:da:ee:7a:59:63:0b:08:50:07:1c:62:16:7e:
d0:7c:31:4d:a9:20:73:7d:82:9d:20:81:84:4f:9e:
62:4f:08:8e:a5:89:ca:d8:26:62:69:2b:54:cf:d0:
18:67:5a:fc:34:cf:bc:b6:42:a6:4a:44:33:be:9b:
09:a7:6a:cb:a1:46:ab:42:04:0a:a4:58:e2:92:d1:
66:74:28:aa:0f:30:12:32:9c:f6:cc:39:7b:4f:55:
b6:11:a1:93:1d:06:d8:08:98:a9:b3:82:a3:c1:50:
5a:54:36:bc:49:3d:53:51:36:e1:47:03:cb:70:49:
2e:da:18:ce:6f:c5:1b:da:14:e4:52:3e:4c:0a:b5:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DC:88:EE:0F:62:48:44:4B:62:63:99:9B:86:CA:9F:31:09:F3:3B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-9yI7g9iSERLYmOZm4bKnzEJ8zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.240.122.0/24
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
39:ae:0a:bd:33:dd:5f:d3:cc:b3:47:a9:2c:f0:5c:64:84:b8:
00:d3:03:2a:0e:68:6f:bd:bc:44:25:d6:e8:dd:c2:b5:5e:35:
d4:08:b4:b2:39:c3:e9:ac:20:45:e6:36:b7:8c:5d:18:4d:22:
b6:01:a1:41:33:7d:22:4a:78:0c:bc:96:47:df:d7:c7:a8:7b:
1b:8d:61:fa:f5:fc:ba:2e:8f:19:c6:18:d3:fd:92:0b:07:f9:
ed:0b:08:c3:83:d1:b0:fa:25:1b:17:46:01:8a:f7:35:f4:a6:
c5:0e:9e:78:39:1c:65:bc:9b:16:0d:fd:4c:8f:4d:f6:c1:25:
82:de:4a:9d:0f:85:cb:ef:55:f8:25:e5:76:c0:4c:8a:1b:b5:
a1:c0:8c:79:80:5a:e0:d3:ea:82:31:3a:4c:b5:9c:7e:69:22:
cf:d2:1c:d6:bc:80:6e:b7:0b:1e:fb:a4:98:da:2c:c8:8b:85:
8c:2c:c0:94:1b:34:5c:2b:73:d8:c3:b4:4c:3e:c8:b2:e9:3c:
97:36:ad:a9:c4:12:ed:97:23:a7:24:dc:23:4e:21:37:de:5f:
cc:7e:c4:bd:f8:53:03:88:b2:9c:c3:5c:68:11:d5:a3:a2:61:
c2:58:74:99:d0:cc:34:e2:f6:a6:4b:e9:c2:bc:ad:3a:8f:98:
a4:b9:91:a4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYtb6PdlysxoUpYpld05MtkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDIzMDk0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRjODhlZTBmNjI0ODQ0NGI2MjYzOTk5Yjg2Y2E5ZjMxMDlmMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA053xHm5eJyEc0zoqtk9dZeq/54SG
K7J/Mt4kK9Y4zS01bLvTWt1MQ1e8ZWe9aJo+Yk9066nvcqxMknd7H62nj0Ee4Kf+
fB3guYrN/23XS3uWzNSNjLRkssUT4ZFoCssE5QS3hG+EvQXh6V77R8r1qRRI+KWa
eAS/JNruelljCwhQBxxiFn7QfDFNqSBzfYKdIIGET55iTwiOpYnK2CZiaStUz9AY
Z1r8NM+8tkKmSkQzvpsJp2rLoUarQgQKpFjiktFmdCiqDzASMpz2zDl7T1W2EaGT
HQbYCJips4KjwVBaVDa8ST1TUTbhRwPLcEku2hjOb8Ub2hTkUj5MCrWJBQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPvciO4PYkhES2JjmZuGyp8xCfM7MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS05eUk3ZzlpU0VSTFltT1ptNGJLbnpFSjh6cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAC0IFQME
AC2T4AMEALnRJgMEAbnc+gMEAbneHgMEALnfUAMEAbnhAAMEALniawMEALnwegME
ALn2cgMEALn75QMEAcE6kjANBgkqhkiG9w0BAQsFAAOCAQEAOa4KvTPdX9PMs0ep
LPBcZIS4ANMDKg5ob728RCXW6N3CtV411Ai0sjnD6awgReY2t4xdGE0itgGhQTN9
Ikp4DLyWR9/Xx6h7G41h+vX8ui6PGcYY0/2SCwf57QsIw4PRsPolGxdGAYr3NfSm
xQ6eeDkcZbybFg39TI9N9sElgt5KnQ+Fy+9V+CXldsBMihu1ocCMeYBa4NPqgjE6
TLWcfmkiz9Ic1ryAbrcLHvukmNosyIuFjCzAlBs0XCtz2MO0TD7Isuk8lzatqcQS
7ZcjpyTcI04hN95fzH7EvfhTA4iynMNcaBHVo6Jhwlh0mdDMNOL2pkvpwrytOo+Y
pLmRpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:19 2024 by rpki-client on console-ams.rpki-client.org