Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3Aq6UmuqCrGISj5NUdCRRUi3pVE.roa
File: 3Aq6UmuqCrGISj5NUdCRRUi3pVE.roa (raw, json)
Hash identifier: 0sFs2dlIdh3Czp0TXEi4AWxDDeaBImb6MEmNfBBXFA8=
Subject key identifier: DC:0A:BA:52:6B:AA:0A:B1:88:4A:3E:4D:51:D0:91:45:48:B7:A5:51
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01886DCDD0FED789E37408F574E87FA96084
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3Aq6UmuqCrGISj5NUdCRRUi3pVE.roa
Signing time: Tue 30 May 2023 17:56:24 +0000
ROA not before: Tue 30 May 2023 17:56:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6d:cd:d0:fe:d7:89:e3:74:08:f5:74:e8:7f:a9:60:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 30 17:56:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc0aba526baa0ab1884a3e4d51d0914548b7a551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:03:43:51:02:f5:ac:81:b5:08:3e:13:c4:a0:
97:e1:98:04:ca:65:cf:1a:fc:d7:b3:6f:c9:99:8f:
9b:c9:fc:b3:dd:db:36:5a:6d:a8:60:fe:da:2f:46:
e3:0c:e1:5e:2b:34:6b:3f:3f:5d:1b:ff:5f:d7:aa:
cf:e0:93:09:70:84:5d:8d:e7:be:72:e9:79:4e:03:
25:0d:57:1e:ab:01:7e:90:b7:a6:ab:a4:a9:94:30:
44:4d:e7:d8:d4:d1:20:fd:bc:f0:97:e6:8d:e2:e1:
79:4a:43:9a:ab:b6:b8:d0:7a:43:5e:e6:f4:7e:b4:
16:18:50:97:bf:95:7b:b0:6d:fd:74:8c:53:92:e9:
ad:3f:55:5e:41:ff:03:c2:94:2e:1f:48:93:b0:01:
3c:c3:13:48:7b:3c:30:c6:19:88:9b:d1:78:7d:50:
ad:b9:cb:e2:69:b6:56:94:77:4b:ee:40:7f:56:21:
31:bd:7d:fa:a5:4e:5d:25:86:c6:42:86:32:92:59:
b3:e7:db:e0:b8:23:12:cc:81:d0:44:6a:46:4a:c3:
c3:4f:5e:a7:3f:ec:41:fb:8a:e6:47:4c:39:34:aa:
14:2a:cd:14:72:06:0f:ac:17:99:1a:c4:b0:cc:b6:
8e:df:85:5f:c2:6c:4d:4f:cc:6f:f3:05:60:b2:1b:
10:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0A:BA:52:6B:AA:0A:B1:88:4A:3E:4D:51:D0:91:45:48:B7:A5:51
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3Aq6UmuqCrGISj5NUdCRRUi3pVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.225.0.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:47:38:d1:11:b2:01:a3:05:0a:76:40:3b:95:66:fe:8d:3b:
1f:46:1a:95:59:dc:44:b6:bd:14:e6:4e:60:1e:74:0d:96:6f:
5d:56:4d:3d:e7:7f:86:d2:55:f6:c0:d2:b8:91:bb:16:f3:46:
a8:5b:0d:58:f3:33:2f:6b:1a:61:ad:3d:68:4e:10:45:51:48:
48:0a:b5:97:99:36:f8:a3:bc:49:3b:a6:9b:3d:f2:4f:fb:73:
ad:a2:0b:34:aa:5c:5a:19:6d:9e:81:a5:df:44:a6:20:4b:84:
6e:02:53:50:11:8c:b8:10:f7:89:8e:60:31:fc:05:95:b7:fd:
78:af:4d:64:2f:2f:c0:a0:6d:88:12:bb:58:90:83:5c:dc:9a:
50:dd:9b:d1:79:61:4f:40:b4:4b:72:9c:d8:90:76:fb:3f:a1:
dd:7d:ba:a8:69:84:81:33:35:6d:b3:c5:37:3d:a5:9e:58:85:
42:7a:b1:7c:92:5b:dd:d4:2b:1e:97:ec:93:74:d0:2b:a9:23:
c5:b9:50:40:ba:76:41:49:04:d1:29:a7:15:f6:75:de:2e:be:
29:e6:04:b7:f9:a6:b0:05:ab:63:6d:42:53:25:c5:ba:99:c4:
a2:6d:47:59:07:98:6d:4d:09:17:bd:2a:25:10:c1:96:61:b3:
f6:77:86:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhtzdD+14njdAj1dOh/qWCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTMwMTc1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBhYmE1MjZiYWEwYWIxODg0YTNlNGQ1MWQwOTE0NTQ4YjdhNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQNDUQL1rIG1CD4TxKCX4ZgEymXP
GvzXs2/JmY+byfyz3ds2Wm2oYP7aL0bjDOFeKzRrPz9dG/9f16rP4JMJcIRdjee+
cul5TgMlDVceqwF+kLemq6SplDBETefY1NEg/bzwl+aN4uF5SkOaq7a40HpDXub0
frQWGFCXv5V7sG39dIxTkumtP1VeQf8DwpQuH0iTsAE8wxNIezwwxhmIm9F4fVCt
ucviabZWlHdL7kB/ViExvX36pU5dJYbGQoYyklmz59vguCMSzIHQRGpGSsPDT16n
P+xB+4rmR0w5NKoUKs0UcgYPrBeZGsSwzLaO34VfwmxNT8xv8wVgshsQ5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNwKulJrqgqxiEo+TVHQkUVIt6VRMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM0FxNlVtdXFDckdJU2o1TlVkQ1JSVWkzcFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQgVAwQA
LZPgAwQBueEAAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBbRzjREbIBowUKdkA7
lWb+jTsfRhqVWdxEtr0U5k5gHnQNlm9dVk0953+G0lX2wNK4kbsW80aoWw1Y8zMv
axphrT1oThBFUUhICrWXmTb4o7xJO6abPfJP+3Otogs0qlxaGW2egaXfRKYgS4Ru
AlNQEYy4EPeJjmAx/AWVt/14r01kLy/AoG2IErtYkINc3JpQ3ZvReWFPQLRLcpzY
kHb7P6HdfbqoaYSBMzVts8U3PaWeWIVCerF8klvd1Csel+yTdNArqSPFuVBAunZB
SQTRKacV9nXeLr4p5gS3+aawBatjbUJTJcW6mcSibUdZB5htTQkXvSolEMGWYbP2
d4bh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org