Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3o1ecS2jI-onANPikaKdfSlo0K8.roa
File: 3o1ecS2jI-onANPikaKdfSlo0K8.roa (raw, json)
Hash identifier: Q//4vwixoxhaRqGh7p+VMv0z+XpPC9TTW5aocgNFNPo=
Subject key identifier: DE:8D:5E:71:2D:A3:23:EA:27:00:D3:E2:91:A2:9D:7D:29:68:D0:AF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A02C0D168F4DD710C5B653CC95F031374
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3o1ecS2jI-onANPikaKdfSlo0K8.roa
Signing time: Thu 17 Aug 2023 09:08:25 +0000
ROA not before: Thu 17 Aug 2023 09:08:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.194.177.0/24 maxlen: 24
185.223.81.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.222.31.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.250.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.218.23.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Aug 2023 10:15:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:c0:d1:68:f4:dd:71:0c:5b:65:3c:c9:5f:03:13:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 17 09:08:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de8d5e712da323ea2700d3e291a29d7d2968d0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:53:3d:32:3c:8a:98:7c:68:5e:77:11:12:83:
c6:63:04:79:fb:06:9a:f6:38:e4:2e:f1:f7:3d:9b:
10:12:2d:6f:0b:6e:f8:a1:e2:0d:ec:a4:d1:62:57:
ae:77:9e:db:bd:40:3f:dd:0f:bc:82:54:5f:72:8d:
99:ce:67:5e:08:77:9a:96:f3:82:c0:91:4e:57:1e:
b8:97:3b:26:51:3d:4c:be:cb:a4:5a:83:0a:3b:c7:
4d:e0:85:90:dc:73:9c:59:34:88:db:9c:a0:df:f0:
99:e8:1d:bd:97:ef:60:11:9f:ef:01:fc:f2:02:94:
a9:b0:93:d4:fb:0b:1c:d8:43:12:d2:a4:11:d5:cb:
5b:3e:b8:c9:31:bc:66:93:ab:1b:6c:99:aa:96:cb:
06:ac:b4:3f:26:dc:72:bf:f4:c2:39:51:59:be:b4:
5e:bb:3f:4c:f9:cf:81:b3:a4:e6:33:17:97:d7:88:
33:a5:3e:c0:02:46:7e:22:10:eb:26:62:78:d9:1d:
1b:a8:ac:2f:ee:9f:98:fa:82:3d:04:bd:f4:b7:ae:
54:31:6d:cc:8e:ed:e5:bd:3a:09:d1:4d:4a:a4:38:
51:39:10:e5:76:e4:b7:3d:ef:4b:ab:1a:65:18:7d:
7b:b5:59:d2:9f:75:f9:57:a7:38:10:39:45:58:1c:
74:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8D:5E:71:2D:A3:23:EA:27:00:D3:E2:91:A2:9D:7D:29:68:D0:AF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3o1ecS2jI-onANPikaKdfSlo0K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.194.177.0/24
185.209.75.0/24
185.210.232.0/24
185.210.235.0/24
185.218.23.0/24
185.220.250.0/23
185.221.20.0/24
185.222.30.0/23
185.223.80.0/23
185.223.83.0/24
185.225.0.0/23
185.225.20.0/24
185.225.22.0/24
185.226.106.0/24
185.227.144.0/23
185.228.75.0/24
185.230.52.0/24
185.246.115.0/24
185.251.229.0-185.251.231.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:19:d8:04:7b:87:b3:d6:cf:35:a5:33:bf:20:c9:68:b2:fe:
45:44:57:08:06:21:1b:26:6b:2e:3a:ac:bc:4a:66:c5:4b:35:
51:cb:d5:2a:34:68:4a:93:cb:bf:ed:2e:75:5b:7c:04:72:76:
99:21:8c:a0:96:22:57:8b:18:ce:d9:a8:1c:fa:3c:34:0d:c8:
d3:2e:08:cb:a4:83:d0:3c:cf:47:42:4e:c8:de:5f:83:ea:db:
c3:6b:a8:bf:c8:8d:fc:0c:32:f0:07:ef:dd:48:8d:69:77:27:
dd:53:5f:4e:f7:52:6a:66:6b:c3:c3:3d:3e:62:11:bc:64:3b:
ee:d3:a0:9a:a7:d6:91:3b:25:e5:f0:71:07:a6:38:4b:7d:dd:
d8:fe:f2:6c:84:74:24:18:f2:df:2d:bb:ab:da:4b:0c:cd:b8:
5f:35:26:f3:4e:85:e3:89:f3:2e:c9:78:3a:f4:c7:43:28:79:
db:78:13:52:34:ef:94:ad:fd:5d:1a:37:0b:38:a5:66:27:64:
6c:8f:bb:f7:dd:64:16:ee:51:bc:30:c6:b4:f7:17:b9:35:40:
68:a2:a9:a2:0d:49:48:5e:94:bf:93:26:e7:58:42:9d:66:92:
0b:19:84:ab:1e:a4:43:7e:2e:c4:92:41:17:05:17:f3:47:84:
1b:3f:b1:a0
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYoCwNFo9N1xDFtlPMlfAxN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODE3MDkwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThkNWU3MTJkYTMyM2VhMjcwMGQzZTI5MWEyOWQ3ZDI5NjhkMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVM9MjyKmHxoXncREoPGYwR5+waa
9jjkLvH3PZsQEi1vC274oeIN7KTRYleud57bvUA/3Q+8glRfco2ZzmdeCHealvOC
wJFOVx64lzsmUT1MvsukWoMKO8dN4IWQ3HOcWTSI25yg3/CZ6B29l+9gEZ/vAfzy
ApSpsJPU+wsc2EMS0qQR1ctbPrjJMbxmk6sbbJmqlssGrLQ/Jtxyv/TCOVFZvrRe
uz9M+c+Bs6TmMxeX14gzpT7AAkZ+IhDrJmJ42R0bqKwv7p+Y+oI9BL30t65UMW3M
ju3lvToJ0U1KpDhRORDlduS3Pe9LqxplGH17tVnSn3X5V6c4EDlFWBx09QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFN6NXnEtoyPqJwDT4pGinX0paNCvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM28xZWNTMmpJLW9uQU5QaWthS2RmU2xvMEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAt
CBUDBAAtk+ADBAC5wrEDBAC50UsDBAC50ugDBAC50usDBAC52hcDBAG53PoDBAC5
3RQDBAG53h4DBAG531ADBAC531MDBAG54QADBAC54RQDBAC54RYDBAC54moDBAG5
45ADBAC55EsDBAC55jQDBAC59nMwDAMEALn75QMEA7n74AMEAME6kAMEAcE6kgME
AMIFQTANBgkqhkiG9w0BAQsFAAOCAQEAohnYBHuHs9bPNaUzvyDJaLL+RURXCAYh
GyZrLjqsvEpmxUs1UcvVKjRoSpPLv+0udVt8BHJ2mSGMoJYiV4sYztmoHPo8NA3I
0y4Iy6SD0DzPR0JOyN5fg+rbw2uov8iN/Awy8Afv3UiNaXcn3VNfTvdSamZrw8M9
PmIRvGQ77tOgmqfWkTsl5fBxB6Y4S33d2P7ybIR0JBjy3y27q9pLDM24XzUm806F
44nzLsl4OvTHQyh523gTUjTvlK39XRo3CzilZidkbI+7991kFu5RvDDGtPcXuTVA
aKKpog1JSF6Uv5Mm51hCnWaSCxmEqx6kQ34uxJJBFwUX80eEGz+xoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org