Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-LA3tREWj5OM0r_AMfI-MqhePxA.roa
File: 1-LA3tREWj5OM0r_AMfI-MqhePxA.roa (raw, json)
Hash identifier: OINq3/BX/Iftbh8m65m9JO6MlPiz7/G4qVL7Xf31hVU=
Subject key identifier: F8:B0:37:B5:11:16:8F:93:8C:D2:BF:C0:31:F2:3E:32:A8:5E:3F:10
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E5CB0A9B48F18A3F7B94E00433F64F434
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-LA3tREWj5OM0r_AMfI-MqhePxA.roa
Signing time: Wed 20 Mar 2024 16:27:45 +0000
ROA not before: Wed 20 Mar 2024 16:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212017
IP address blocks: 45.90.236.0/24 maxlen: 24
45.90.237.0/24 maxlen: 24
185.121.12.0/22 maxlen: 22
185.128.52.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 May 2024 10:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:b0:a9:b4:8f:18:a3:f7:b9:4e:00:43:3f:64:f4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 20 16:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8b037b511168f938cd2bfc031f23e32a85e3f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:10:fe:56:21:b5:ad:45:f5:db:c1:1c:bc:
66:c6:77:93:5f:4f:6c:8e:54:0a:e9:2b:bf:05:72:
66:21:e4:e0:d3:c7:2f:e5:21:8e:80:c1:99:90:a3:
20:70:44:a8:71:7f:7d:50:f4:79:a1:eb:1f:8d:e3:
0f:f5:24:28:c1:bd:67:9e:cb:16:4d:c3:6f:1a:95:
01:7e:b1:27:9a:1b:2e:ff:57:9d:15:e1:c3:13:f6:
22:14:d6:63:ec:b3:45:ed:55:f9:50:55:01:8c:c2:
3f:fc:8b:99:9e:a3:b8:55:91:0a:2a:6b:bd:d5:d5:
0d:f4:44:98:2e:49:ee:e5:5b:65:f5:2f:c0:cc:ed:
78:8e:da:c5:89:ac:ad:47:44:ff:99:51:54:10:20:
fd:af:df:e0:d7:fe:05:68:c4:49:61:e3:09:fe:3c:
33:64:e4:69:dd:0a:a2:67:f7:ca:d2:ee:a8:90:16:
80:f0:12:50:ae:85:86:44:19:79:b0:e9:e8:4e:16:
03:d5:bc:fb:ba:f0:2c:a6:c7:b1:99:2f:f7:3c:b8:
4f:74:30:0e:89:fb:29:f9:eb:0a:b6:6f:76:2b:2e:
37:9a:c0:97:d4:08:92:e7:c4:58:b6:87:c4:6e:11:
21:20:ac:fa:2b:65:ae:e0:f8:26:f7:5d:fb:bd:ed:
51:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B0:37:B5:11:16:8F:93:8C:D2:BF:C0:31:F2:3E:32:A8:5E:3F:10
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-LA3tREWj5OM0r_AMfI-MqhePxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/23
185.121.12.0/22
185.128.52.0/22
185.227.172.0/22
193.17.180.0/24
193.17.182.0/24
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
48:e7:8b:6f:18:c4:10:bc:21:a2:22:50:da:d4:a9:a2:f0:0a:
7b:b6:77:4e:45:50:4c:ef:ec:da:72:81:ad:66:82:ec:9d:bf:
03:1f:eb:af:22:ab:26:9f:6c:a4:ff:9f:76:07:7e:22:bd:4a:
54:6f:d4:c5:30:86:43:1c:fa:60:dc:0b:f3:3f:3c:72:fb:6d:
26:cb:55:ff:79:a0:92:07:f2:69:ba:10:37:16:cf:ff:02:c3:
4d:76:b0:4f:3c:7b:76:15:10:72:2b:9b:97:c9:87:fc:db:4c:
25:b1:7f:57:f5:dd:3c:aa:bf:82:a9:dc:7e:56:45:4f:69:3a:
ac:65:e8:b0:95:d0:4c:48:21:de:b6:ee:a2:ed:d1:87:33:d2:
f1:6e:f4:3f:f7:69:10:88:30:03:f6:d8:5c:ef:b9:ca:49:e6:
aa:5d:65:ca:68:b1:1c:bb:6e:90:7f:03:bf:c6:4a:3d:0f:cf:
e1:44:43:00:95:d3:8c:b7:e5:55:7b:b7:4c:e0:71:94:dd:ba:
2b:ef:d9:df:c8:b3:7c:58:46:99:4d:6e:66:04:ef:7e:94:73:
93:bf:32:24:0a:60:a1:4f:22:c9:54:d4:9f:ec:a4:3a:76:81:
d2:8f:62:64:7d:0a:e3:6b:81:86:6c:6c:70:f2:60:c1:67:4e:
4c:0e:dc:e5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY5csKm0jxij97lOAEM/ZPQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzIwMTYyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGIwMzdiNTExMTY4ZjkzOGNkMmJmYzAzMWYyM2UzMmE4NWUzZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4QQ/lYhta1F9dvBHLxmxneTX09s
jlQK6Su/BXJmIeTg08cv5SGOgMGZkKMgcESocX99UPR5oesfjeMP9SQowb1nnssW
TcNvGpUBfrEnmhsu/1edFeHDE/YiFNZj7LNF7VX5UFUBjMI//IuZnqO4VZEKKmu9
1dUN9ESYLknu5Vtl9S/AzO14jtrFiaytR0T/mVFUECD9r9/g1/4FaMRJYeMJ/jwz
ZORp3QqiZ/fK0u6okBaA8BJQroWGRBl5sOnoThYD1bz7uvAspsexmS/3PLhPdDAO
ifsp+esKtm92Ky43msCX1AiS58RYtofEbhEhIKz6K2Wu4Pgm9137ve1RBwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPiwN7URFo+TjNK/wDHyPjKoXj8QMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1MQTN0UkVXajVPTTByX0FNZkktTXFoZVB4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAS1a7AME
Arl5DAMEArmANAMEArnjrAMEAMERtAMEAMERtgMEAsIwjDANBgkqhkiG9w0BAQsF
AAOCAQEASOeLbxjEELwhoiJQ2tSpovAKe7Z3TkVQTO/s2nKBrWaC7J2/Ax/rryKr
Jp9spP+fdgd+Ir1KVG/UxTCGQxz6YNwL8z88cvttJstV/3mgkgfyaboQNxbP/wLD
TXawTzx7dhUQciubl8mH/NtMJbF/V/XdPKq/gqncflZFT2k6rGXosJXQTEgh3rbu
ou3RhzPS8W70P/dpEIgwA/bYXO+5yknmql1lymixHLtukH8Dv8ZKPQ/P4URDAJXT
jLflVXu3TOBxlN26K+/Z38izfFhGmU1uZgTvfpRzk78yJApgoU8iyVTUn+ykOnaB
0o9iZH0K42uBhmxscPJgwWdOTA7c5Q==
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:35 2024 by rpki-client on console-ams.rpki-client.org