Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MkTI64PcfQuqQgt-C2gyjzl-IA.roa
File: 4MkTI64PcfQuqQgt-C2gyjzl-IA.roa (raw, json)
Hash identifier: 3u1vQTJMq3xcDrVH0N5PA+Nf16uA/Bn2Xb70Ahzl/f0=
Subject key identifier: E0:C9:13:23:AE:0F:71:F4:2E:A9:08:2D:F8:2D:A0:CA:3C:E5:F8:80
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018820606C46F7D6B825DCB1CC494E2B144A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MkTI64PcfQuqQgt-C2gyjzl-IA.roa
Signing time: Mon 15 May 2023 17:06:10 +0000
ROA not before: Mon 15 May 2023 17:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.53.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
45.131.132.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.131.135.0/24 maxlen: 24
45.131.133.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 12:17:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:60:6c:46:f7:d6:b8:25:dc:b1:cc:49:4e:2b:14:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 15 17:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0c91323ae0f71f42ea9082df82da0ca3ce5f880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5f:db:78:b2:00:9b:d9:be:9e:dc:fe:1c:e7:
dc:20:83:80:a7:17:36:0c:e9:52:8b:6b:48:94:f6:
a1:e1:27:eb:d7:43:d3:49:06:b7:b3:dd:f4:70:cd:
50:83:2f:42:66:b5:41:34:b5:58:d3:ce:90:1c:5c:
d9:2d:85:4e:7c:21:95:16:2c:40:4d:80:41:c4:7e:
c8:c6:c2:14:d3:eb:21:dc:49:a5:57:4d:13:d3:f9:
76:4b:79:d4:3b:f5:28:7f:85:41:08:db:7c:82:27:
2d:0a:63:59:9d:75:ea:cb:b9:1a:8e:6b:1a:0e:6a:
05:2a:22:e7:12:d4:90:7a:91:8c:9f:fe:36:86:87:
d5:84:80:26:92:22:16:6c:6e:49:82:22:79:21:d2:
59:e1:9a:00:c8:ea:b7:58:4f:b6:ad:97:39:4f:46:
24:dc:af:51:8b:5c:63:17:f1:46:2c:05:65:91:d5:
41:6d:f0:1d:2a:01:73:be:76:99:4e:79:9a:9a:b7:
b8:98:5f:fd:c0:96:16:ca:20:4a:c8:e0:db:08:03:
b3:9c:05:34:dc:d6:d0:e7:04:fd:c9:9a:ce:86:8d:
dd:32:7f:9b:53:e9:97:c7:45:a2:1e:8f:0d:b9:02:
ed:b3:e3:d6:54:21:0b:bd:55:89:04:78:ff:46:95:
a7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C9:13:23:AE:0F:71:F4:2E:A9:08:2D:F8:2D:A0:CA:3C:E5:F8:80
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4MkTI64PcfQuqQgt-C2gyjzl-IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.132.0/22
45.147.224.0/24
45.147.226.0/24
185.225.0.0/23
185.230.53.0/24
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
17:5f:fa:21:27:2c:70:6a:d6:de:ab:dd:20:44:c0:1e:78:f9:
45:3f:bc:d7:80:59:af:16:e1:18:44:1c:7b:95:2c:0d:4e:13:
cd:b1:8e:69:dd:25:25:6f:e0:62:eb:fd:89:0a:0f:b8:fa:4d:
a0:6d:98:b9:ce:97:2e:c6:ad:87:89:d4:5a:ee:ef:87:75:1f:
ec:d0:cc:24:96:89:3d:62:2d:c0:a6:6d:af:46:40:ad:a2:c1:
50:67:20:0d:5e:1b:0a:d4:81:b9:c7:d5:69:1f:30:ef:56:f4:
f7:e7:d5:22:8e:77:cc:2b:3a:5a:d4:0e:c0:ee:2a:57:33:3c:
48:1b:93:8b:0d:26:87:e1:e4:95:00:18:ab:5f:54:cc:1e:73:
f5:3e:74:fa:f3:70:8f:51:71:aa:f3:13:d1:c4:72:1e:09:2a:
25:c1:73:c5:1c:73:f9:bc:c0:18:d9:00:18:23:c9:70:dd:b3:
ff:c3:82:db:5a:d7:10:2d:48:03:6d:99:68:6d:6f:fc:b6:56:
bc:33:dc:bf:8b:46:fb:04:82:8d:55:fa:8c:33:54:99:12:b1:
82:57:5c:cd:b0:89:87:3d:6a:69:82:7e:00:80:82:c3:cc:11:
44:88:e1:a9:ca:d7:ba:91:d2:36:04:a7:d5:03:23:7a:e7:b9:
21:5d:cf:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYggYGxG99a4JdyxzElOKxRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTE1MTcwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM5MTMyM2FlMGY3MWY0MmVhOTA4MmRmODJkYTBjYTNjZTVmODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF/beLIAm9m+ntz+HOfcIIOApxc2
DOlSi2tIlPah4Sfr10PTSQa3s930cM1Qgy9CZrVBNLVY086QHFzZLYVOfCGVFixA
TYBBxH7IxsIU0+sh3EmlV00T0/l2S3nUO/Uof4VBCNt8gictCmNZnXXqy7kajmsa
DmoFKiLnEtSQepGMn/42hofVhIAmkiIWbG5JgiJ5IdJZ4ZoAyOq3WE+2rZc5T0Yk
3K9Ri1xjF/FGLAVlkdVBbfAdKgFzvnaZTnmamre4mF/9wJYWyiBKyODbCAOznAU0
3NbQ5wT9yZrOho3dMn+bU+mXx0WiHo8NuQLts+PWVCELvVWJBHj/RpWncwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFODJEyOuD3H0LqkILfgtoMo85fiAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNE1rVEk2NFBjZlF1cVFndC1DMmd5anpsLUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQC
LYOEAwQALZPgAwQALZPiAwQBueEAAwQAueY1AwQAufZzMA0GCSqGSIb3DQEBCwUA
A4IBAQAXX/ohJyxwatbeq90gRMAeePlFP7zXgFmvFuEYRBx7lSwNThPNsY5p3SUl
b+Bi6/2JCg+4+k2gbZi5zpcuxq2HidRa7u+HdR/s0Mwklok9Yi3Apm2vRkCtosFQ
ZyANXhsK1IG5x9VpHzDvVvT359UijnfMKzpa1A7A7ipXMzxIG5OLDSaH4eSVABir
X1TMHnP1PnT683CPUXGq8xPRxHIeCSolwXPFHHP5vMAY2QAYI8lw3bP/w4LbWtcQ
LUgDbZlobW/8tla8M9y/i0b7BIKNVfqMM1SZErGCV1zNsImHPWppgn4AgILDzBFE
iOGpyte6kdI2BKfVAyN657khXc8L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org