Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MG4K4eIu2vKi5XwIIPRCiqsru8.roa
File: 4MG4K4eIu2vKi5XwIIPRCiqsru8.roa (raw, json)
Hash identifier: m5VmQj4Twq80/xcXJ9oo32UfUyfPQkbwiq2G3yiTVEU=
Subject key identifier: E0:C1:B8:2B:87:88:BB:6B:CA:8B:95:F0:20:83:D1:0A:2A:AC:AE:EF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187614A772D60307B100FDC50D9508780FF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MG4K4eIu2vKi5XwIIPRCiqsru8.roa
Signing time: Sat 08 Apr 2023 14:34:42 +0000
ROA not before: Sat 08 Apr 2023 14:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.16.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Apr 2023 14:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:4a:77:2d:60:30:7b:10:0f:dc:50:d9:50:87:80:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 8 14:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c1b82b8788bb6bca8b95f02083d10a2aacaeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:55:ee:5c:0e:1b:22:46:87:01:f8:5d:57:
34:11:45:ba:9c:78:8a:68:bc:13:3d:d0:47:c5:9e:
4d:6a:04:17:b9:27:c7:dc:30:42:ba:e7:c0:b5:31:
1a:00:c7:5a:b3:05:4a:84:04:9e:30:e8:8e:70:e0:
65:c9:1c:72:22:47:48:ba:10:1e:e4:4c:9f:d2:a9:
14:3f:b6:97:56:e9:4a:80:08:4f:94:47:b4:bd:d1:
00:d1:cc:2c:ed:e3:25:6a:2a:ab:db:81:c5:af:09:
82:cd:8d:a8:d2:87:64:60:0d:13:f2:32:f9:6f:01:
41:47:9e:cf:7f:6c:81:e3:c9:80:51:ce:00:8a:f6:
0d:f6:bd:ed:21:53:66:85:af:3a:e2:4f:93:d5:7f:
64:37:19:2b:05:14:69:de:8d:4e:79:43:3d:64:71:
5f:5d:9a:d0:59:54:1d:dc:d0:38:96:98:40:ea:ba:
6a:eb:d7:59:52:d3:20:69:ad:86:46:7c:08:70:83:
2a:e3:84:bd:e1:1e:b6:1a:fb:d4:17:fd:9b:ff:94:
99:24:da:b1:9c:30:d6:3c:13:56:98:e7:3f:58:0b:
1a:21:fc:27:02:5c:4c:2f:30:c0:ab:72:55:f4:38:
88:fd:0d:a3:76:95:7d:95:75:4f:54:ce:c8:5d:27:
b8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C1:B8:2B:87:88:BB:6B:CA:8B:95:F0:20:83:D1:0A:2A:AC:AE:EF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MG4K4eIu2vKi5XwIIPRCiqsru8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.131.134.0/24
45.147.224.0/24
185.218.20.0/24
185.225.0.0/23
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:95:d2:08:04:ee:a3:2b:25:b9:9c:d8:93:26:2a:33:96:f9:
7b:35:8d:f9:45:c5:64:28:a7:4e:df:68:f4:d3:89:47:94:7a:
00:84:61:18:f6:42:d6:1a:75:89:ff:69:51:3b:8f:64:1d:9d:
d5:d4:ac:ae:35:e0:aa:68:cf:da:c6:45:be:7e:c5:19:d1:f9:
54:58:dc:d9:66:e6:06:c8:40:ce:83:36:10:e0:dc:55:b2:f3:
b8:f3:6a:01:cd:68:e5:10:8b:5f:a3:4a:5c:07:2e:e0:a7:11:
6b:9a:53:6b:4b:35:68:ea:16:45:b5:97:a6:b4:40:bd:f1:07:
e4:8c:d6:dc:13:07:a0:9c:8c:63:47:2a:57:a2:57:5f:96:3f:
9f:6e:73:ca:e0:41:e9:88:e7:37:c8:23:4a:ec:a3:ea:4b:1c:
73:5f:31:1d:75:b4:6e:d3:7e:ac:8b:1e:72:bd:c7:af:69:13:
9b:73:09:45:dc:78:fc:4b:ef:58:83:5f:b8:e2:e8:38:7e:2b:
36:51:0b:7b:03:3d:03:c9:4d:90:db:7e:a2:c7:bd:57:4a:ce:
c6:32:5e:19:20:d6:b0:eb:53:4a:c2:4d:a0:a8:6e:ea:58:e3:
3d:d4:38:cd:a6:1f:1d:1c:6f:d6:8a:9b:c1:69:62:23:11:25:
c9:e3:a2:a0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdhSnctYDB7EA/cUNlQh4D/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDA4MTQzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGMxYjgyYjg3ODhiYjZiY2E4Yjk1ZjAyMDgzZDEwYTJhYWNhZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYtV7lwOGyJGhwH4XVc0EUW6nHiK
aLwTPdBHxZ5NagQXuSfH3DBCuufAtTEaAMdaswVKhASeMOiOcOBlyRxyIkdIuhAe
5Eyf0qkUP7aXVulKgAhPlEe0vdEA0cws7eMlaiqr24HFrwmCzY2o0odkYA0T8jL5
bwFBR57Pf2yB48mAUc4AivYN9r3tIVNmha864k+T1X9kNxkrBRRp3o1OeUM9ZHFf
XZrQWVQd3NA4lphA6rpq69dZUtMgaa2GRnwIcIMq44S94R62GvvUF/2b/5SZJNqx
nDDWPBNWmOc/WAsaIfwnAlxMLzDAq3JV9DiI/Q2jdpV9lXVPVM7IXSe4RQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFODBuCuHiLtryouV8CCD0QoqrK7vMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNE1HNEs0ZUl1MnZLaTVYd0lJUFJDaXFzcnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVoQAwQA
LYOGAwQALZPgAwQAudoUAwQBueEAAwQAwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQBd
ldIIBO6jKyW5nNiTJiozlvl7NY35RcVkKKdO32j004lHlHoAhGEY9kLWGnWJ/2lR
O49kHZ3V1KyuNeCqaM/axkW+fsUZ0flUWNzZZuYGyEDOgzYQ4NxVsvO482oBzWjl
EItfo0pcBy7gpxFrmlNrSzVo6hZFtZemtEC98QfkjNbcEwegnIxjRypXoldflj+f
bnPK4EHpiOc3yCNK7KPqSxxzXzEddbRu036six5yvcevaRObcwlF3Hj8S+9Yg1+4
4ug4fis2UQt7Az0DyU2Q236ix71XSs7GMl4ZINaw61NKwk2gqG7qWOM91DjNph8d
HG/WipvBaWIjESXJ46Kg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org