Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Zab5C5G4AQL2Nl2Ov52yT8Em1Y.roa
File: 2Zab5C5G4AQL2Nl2Ov52yT8Em1Y.roa (raw, json)
Hash identifier: lNTigEAm2sNHgX3qtQxTJ9NfbVbrCn4MWHBu4Kc1i64=
Subject key identifier: D9:96:9B:E4:2E:46:E0:04:0B:D8:D9:76:3A:FE:76:C9:3F:04:9B:56
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B6664619EE6C2EEDCC590C5BBB8330499
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Zab5C5G4AQL2Nl2Ov52yT8Em1Y.roa
Signing time: Wed 25 Oct 2023 10:32:16 +0000
ROA not before: Wed 25 Oct 2023 10:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 10:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:64:61:9e:e6:c2:ee:dc:c5:90:c5:bb:b8:33:04:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 25 10:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9969be42e46e0040bd8d9763afe76c93f049b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:91:89:ba:f0:22:45:71:ab:31:ae:25:5e:cd:
41:4e:43:11:14:17:7e:b0:28:2e:1f:21:ae:68:95:
28:47:aa:e3:43:bd:7a:7a:11:b1:46:e6:b7:41:e1:
b2:a8:b6:03:6a:44:95:86:61:f3:cf:53:5b:7c:63:
87:87:de:51:98:b6:ed:6d:d5:b5:ea:93:84:73:54:
60:51:32:1d:02:93:fd:e1:62:c6:33:bc:f7:be:04:
e8:a1:9c:d6:60:47:8b:11:4f:b6:d2:64:60:c5:d7:
c7:3d:85:32:8b:b8:8f:a5:b1:1d:e6:0e:65:07:3a:
d5:55:a8:fa:48:38:71:8d:9a:7e:fc:5b:dd:e9:f6:
90:20:ce:ce:5a:6c:d6:80:e2:b5:d4:1a:c3:68:2d:
c2:5b:f2:f2:54:fb:d3:1a:1f:28:de:92:48:e7:ed:
95:74:a2:c0:9d:b4:57:11:e0:e2:86:36:a4:f1:ae:
aa:b5:ef:16:b0:1e:24:10:40:72:d9:4a:27:3a:62:
1d:82:78:64:5b:91:56:bb:25:c8:8f:6a:0a:72:24:
06:74:3d:b1:3f:be:4f:59:f8:18:c4:7a:e6:bb:61:
0c:bb:de:09:f9:d1:dd:aa:74:67:af:1b:e8:2e:a0:
ba:ae:5c:87:f0:c4:70:2e:2a:d0:e0:f0:c8:33:dc:
41:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:96:9B:E4:2E:46:E0:04:0B:D8:D9:76:3A:FE:76:C9:3F:04:9B:56
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Zab5C5G4AQL2Nl2Ov52yT8Em1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:46:f1:ec:b2:a9:21:70:50:3d:d3:a1:35:a2:1c:83:5c:fa:
65:b4:58:c4:a8:8e:d7:38:fd:8f:8a:0a:fa:30:a6:1b:11:58:
11:f5:3f:8f:ee:f8:06:f4:17:e4:ea:a2:2e:12:43:49:d3:96:
eb:03:02:b1:39:7b:cc:36:66:e3:00:0f:d0:98:e7:b7:d3:27:
04:04:76:4e:bd:62:d8:37:c9:69:fa:e2:8f:b1:68:30:3b:7d:
4e:70:bb:0b:28:a2:cc:5d:61:c4:4c:86:79:a3:fb:ee:f7:d6:
c2:f2:4f:73:5a:6a:00:a8:86:f0:df:8f:e5:a5:3c:fa:71:32:
98:31:f7:86:ca:15:20:ce:b4:a9:34:65:8d:32:7a:5b:a5:80:
9d:47:6a:52:39:59:cf:0f:94:46:6b:8a:25:70:97:df:7b:48:
a5:b5:3e:13:40:1f:ab:47:a5:ca:f5:cb:26:22:23:85:15:4a:
b3:b2:dc:94:96:73:39:9a:ca:20:89:c5:48:a1:1d:ca:ad:7f:
ea:58:b8:69:23:ce:9c:a7:25:c3:f7:fb:d2:d3:17:f9:30:17:
50:91:f9:35:1d:cc:c0:51:07:e8:e7:3a:39:15:73:fd:29:75:
1b:0f:ba:a4:53:16:85:8f:39:95:16:c5:d9:d1:5d:f7:a2:d9:
69:7d:31:74
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYtmZGGe5sLu3MWQxbu4MwSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI1MTAzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk2OWJlNDJlNDZlMDA0MGJkOGQ5NzYzYWZlNzZjOTNmMDQ5YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpGJuvAiRXGrMa4lXs1BTkMRFBd+
sCguHyGuaJUoR6rjQ716ehGxRua3QeGyqLYDakSVhmHzz1NbfGOHh95RmLbtbdW1
6pOEc1RgUTIdApP94WLGM7z3vgTooZzWYEeLEU+20mRgxdfHPYUyi7iPpbEd5g5l
BzrVVaj6SDhxjZp+/Fvd6faQIM7OWmzWgOK11BrDaC3CW/LyVPvTGh8o3pJI5+2V
dKLAnbRXEeDihjak8a6qte8WsB4kEEBy2UonOmIdgnhkW5FWuyXIj2oKciQGdD2x
P75PWfgYxHrmu2EMu94J+dHdqnRnrxvoLqC6rlyH8MRwLirQ4PDIM9xBbwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNmWm+QuRuAEC9jZdjr+dsk/BJtWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMlphYjVDNUc0QVFMMk5sMk92NTJ5VDhFbTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LZPgAwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAueJrAwQAufZyAwQA
ufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQC9RvHssqkhcFA906E1ohyDXPpl
tFjEqI7XOP2Pigr6MKYbEVgR9T+P7vgG9Bfk6qIuEkNJ05brAwKxOXvMNmbjAA/Q
mOe30ycEBHZOvWLYN8lp+uKPsWgwO31OcLsLKKLMXWHETIZ5o/vu99bC8k9zWmoA
qIbw34/lpTz6cTKYMfeGyhUgzrSpNGWNMnpbpYCdR2pSOVnPD5RGa4olcJffe0il
tT4TQB+rR6XK9csmIiOFFUqzstyUlnM5msogicVIoR3KrX/qWLhpI86cpyXD9/vS
0xf5MBdQkfk1HczAUQfo5zo5FXP9KXUbD7qkUxaFjzmVFsXZ0V33otlpfTF0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org