Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2K5YVzKEQOXFjUV2SLkqRHd6uwI.roa
File: 2K5YVzKEQOXFjUV2SLkqRHd6uwI.roa (raw, json)
Hash identifier: SwP6ZRX4jym79J8yzQroStfUV5H6Deu4F/5zNY9vidI=
Subject key identifier: D8:AE:58:57:32:84:40:E5:C5:8D:45:76:48:B9:2A:44:77:7A:BB:02
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E513A64F222CD3EC1BC1B959CF23A8D09
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2K5YVzKEQOXFjUV2SLkqRHd6uwI.roa
Signing time: Mon 18 Mar 2024 11:02:45 +0000
ROA not before: Mon 18 Mar 2024 11:02:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.234.20.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 09:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:3a:64:f2:22:cd:3e:c1:bc:1b:95:9c:f2:3a:8d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 18 11:02:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8ae5857328440e5c58d457648b92a44777abb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9c:d7:95:5e:d1:77:8f:89:7a:79:74:91:36:
f8:b2:cd:6a:69:e4:58:08:d6:81:42:d8:c8:8e:15:
07:fb:cf:24:e9:0d:0d:b5:9b:49:13:b8:60:8f:1c:
e2:6e:f3:14:6c:99:a4:d9:41:2d:1c:48:2a:e9:91:
03:69:b4:3d:4a:a2:10:6e:82:91:68:49:8a:da:4e:
f2:c4:55:84:64:e4:d5:ac:54:7e:fe:02:31:f2:44:
f2:1a:65:06:a9:51:1f:de:3f:56:08:fa:a5:d6:cd:
88:33:7c:1c:e8:88:ed:1e:5b:18:74:bb:b5:1c:e3:
69:6d:e6:eb:40:ab:b2:3a:45:d5:da:08:4c:7b:69:
ed:58:2d:c0:f9:75:46:55:20:9f:ed:29:1a:5f:45:
b4:d0:e8:6b:ca:96:73:2e:25:9c:a3:93:40:0c:6e:
26:25:3b:29:df:3c:c2:7e:97:9a:fd:4f:77:c9:71:
19:5f:eb:b6:67:6a:63:41:d4:c3:be:7a:dc:72:a2:
4e:e9:3e:4a:6d:3d:07:4f:88:85:9a:81:ed:be:5a:
8b:53:29:c7:df:91:92:90:23:a8:07:60:2f:5c:04:
ef:42:4d:f9:5c:35:75:5b:87:b5:98:d7:18:d1:56:
45:f3:29:7b:75:03:ae:2f:98:52:9b:38:21:13:4a:
a2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AE:58:57:32:84:40:E5:C5:8D:45:76:48:B9:2A:44:77:7A:BB:02
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2K5YVzKEQOXFjUV2SLkqRHd6uwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.81.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.234.20.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:f6:f4:fc:92:84:85:0e:1c:77:db:cb:1d:25:2e:57:e7:28:
14:38:ca:35:e7:9e:f5:b4:26:ff:1c:cb:92:b7:99:23:db:5e:
76:4c:5e:33:29:4d:c5:3a:a3:a9:4e:97:55:c8:ad:27:e9:c7:
cd:b8:34:f6:55:d4:9f:85:ce:87:85:05:a4:fb:fa:4a:9a:ce:
5d:1a:b0:52:0e:9d:ee:0c:56:3f:aa:cd:a5:7b:81:af:98:99:
77:aa:13:75:06:fd:5f:4e:fd:50:78:e8:b7:72:b3:b4:2b:14:
61:cc:3a:c1:a1:a5:6b:13:62:1c:19:dd:86:90:69:c9:db:f4:
01:c7:0f:8a:5c:64:8d:c4:1d:42:bd:04:de:38:37:59:ed:65:
b5:91:bf:dc:3b:94:e4:8c:53:bf:17:46:cc:c4:81:d8:af:be:
35:7d:5c:b7:24:36:65:1d:e0:52:6e:b0:bb:5e:a6:1b:ac:3e:
16:0b:c4:eb:b9:ef:7e:7d:26:52:cf:e3:57:07:60:03:1c:be:
8d:5b:38:af:9b:67:f7:e3:b7:71:e3:f7:ba:8f:9d:9f:b4:8d:
11:38:59:ff:f1:35:d5:20:b4:70:15:33:66:7a:57:d8:2b:a2:
50:c6:22:8e:97:cd:95:ea:94:ec:18:09:ea:dc:95:5a:44:d6:
4f:a5:a6:2b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY5ROmTyIs0+wbwblZzyOo0JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzE4MTEwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFlNTg1NzMyODQ0MGU1YzU4ZDQ1NzY0OGI5MmE0NDc3N2FiYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJzXlV7Rd4+Jenl0kTb4ss1qaeRY
CNaBQtjIjhUH+88k6Q0NtZtJE7hgjxzibvMUbJmk2UEtHEgq6ZEDabQ9SqIQboKR
aEmK2k7yxFWEZOTVrFR+/gIx8kTyGmUGqVEf3j9WCPql1s2IM3wc6IjtHlsYdLu1
HONpbebrQKuyOkXV2ghMe2ntWC3A+XVGVSCf7SkaX0W00OhrypZzLiWco5NADG4m
JTsp3zzCfpea/U93yXEZX+u2Z2pjQdTDvnrccqJO6T5KbT0HT4iFmoHtvlqLUynH
35GSkCOoB2AvXATvQk35XDV1W4e1mNcY0VZF8yl7dQOuL5hSmzghE0qirwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNiuWFcyhEDlxY1Fdki5KkR3ersCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMks1WVZ6S0VRT1hGalVWMlNMa3FSSGQ2dXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5RAwQBudz6AwQAud9SAwQBueEAAwQAueJoAwQBueOSAwQAueoUAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCc9vT8koSFDhx328sdJS5X5ygUOMo15571tCb/HMuS
t5kj2152TF4zKU3FOqOpTpdVyK0n6cfNuDT2VdSfhc6HhQWk+/pKms5dGrBSDp3u
DFY/qs2le4GvmJl3qhN1Bv1fTv1QeOi3crO0KxRhzDrBoaVrE2IcGd2GkGnJ2/QB
xw+KXGSNxB1CvQTeODdZ7WW1kb/cO5TkjFO/F0bMxIHYr741fVy3JDZlHeBSbrC7
XqYbrD4WC8True9+fSZSz+NXB2ADHL6NWzivm2f347dx4/e6j52ftI0ROFn/8TXV
ILRwFTNmelfYK6JQxiKOl82V6pTsGAnq3JVaRNZPpaYr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org