Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4XsKRWsIW76arowpPCCdU8T4JAM.roa
File: 4XsKRWsIW76arowpPCCdU8T4JAM.roa (raw, json)
Hash identifier: RD/cgOc5m1a3swQQTTZ6NYTSMt9W3YJO5WNZAz6N3jE=
Subject key identifier: E1:7B:0A:45:6B:08:5B:BE:9A:AE:8C:29:3C:20:9D:53:C4:F8:24:03
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C0CA83E0EEE9A8AC1F986C94874F2BD14
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4XsKRWsIW76arowpPCCdU8T4JAM.roa
Signing time: Sun 26 Nov 2023 17:23:21 +0000
ROA not before: Sun 26 Nov 2023 17:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.108.204.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.222.30.0/23 maxlen: 24
185.206.250.0/24 maxlen: 24
45.90.16.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.23.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 10:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0c:a8:3e:0e:ee:9a:8a:c1:f9:86:c9:48:74:f2:bd:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 26 17:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e17b0a456b085bbe9aae8c293c209d53c4f82403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:56:1c:53:f9:2d:da:72:93:d2:90:34:83:65:
d2:b3:5e:d2:51:47:ff:8f:3d:4e:29:23:26:23:d1:
e8:38:66:9f:a1:8c:99:89:e2:a6:40:50:c7:16:18:
1d:04:97:10:19:80:42:4f:35:0e:6f:4c:ec:3d:51:
98:cd:d3:bc:8a:84:2b:01:2d:16:25:b2:0c:2d:cb:
73:3a:4f:1f:d9:c2:56:44:5e:3f:f2:d3:64:32:c4:
94:fb:5a:ed:79:5a:04:ab:f8:07:25:fb:00:72:7a:
3d:70:6a:6c:b2:ad:1d:7e:8c:31:30:b9:a8:d6:5d:
fe:96:89:a2:d9:38:e0:47:31:9f:a5:b9:fc:13:73:
5b:c6:fe:1b:aa:75:d8:ae:48:2f:e4:79:61:4a:c2:
c7:fd:40:b9:9e:5b:d2:c2:a0:ad:f0:0b:fa:3b:bb:
04:3e:97:c6:5d:e9:31:8a:de:72:d9:e5:0c:49:96:
16:17:22:1e:52:9e:f0:f8:6b:93:4d:c3:67:70:e3:
24:7b:eb:da:de:03:49:3e:27:2f:ac:81:c4:04:d8:
35:c2:f1:13:d5:6b:8c:11:9a:94:59:07:0d:89:a5:
cd:22:8e:e1:58:a3:35:18:7c:c2:d2:74:c9:ad:6e:
38:36:e8:21:de:0d:e5:cf:23:77:4c:cb:27:4a:7f:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7B:0A:45:6B:08:5B:BE:9A:AE:8C:29:3C:20:9D:53:C4:F8:24:03
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4XsKRWsIW76arowpPCCdU8T4JAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.8.23.0/24
45.90.16.0/24
45.147.224.0/24
185.108.204.0/23
185.206.250.0/24
185.209.38.0/24
185.220.249.0-185.220.251.255
185.222.30.0/23
185.223.78.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
65:00:89:34:28:a9:47:58:8f:3b:19:6b:15:26:07:ce:38:3e:
81:b0:cc:a6:1c:de:5a:e4:f6:7a:68:59:7e:48:59:99:0b:c0:
11:50:d9:b5:64:da:9f:e8:2a:ba:11:c2:e5:63:8e:d7:3e:6a:
f3:df:e9:c3:a0:ce:4e:d0:55:79:3c:82:d6:76:5e:f4:f7:6a:
ff:c1:1c:0e:b0:f8:1a:48:5d:6a:5c:05:01:e2:ad:1b:25:33:
e1:11:40:c4:d9:d4:2f:25:ff:0e:7a:1f:c4:77:51:8e:ad:be:
5c:66:13:d9:e2:69:82:be:aa:d1:44:32:c2:9d:5e:10:1d:c2:
6d:91:90:cb:c3:99:77:88:dd:c9:01:a2:93:e3:35:ea:d7:db:
d6:e5:d1:77:e1:62:a7:bb:d2:bc:52:84:7c:a4:71:b7:48:8a:
bb:91:c3:2d:bb:90:66:92:6c:19:e8:b8:3c:dd:05:8c:d0:7c:
b5:1f:24:9a:3a:3d:5d:a3:ed:b9:d4:43:d1:67:fb:ef:b8:d0:
85:e1:9d:11:99:dd:05:5f:bd:3a:fc:53:41:ce:a5:43:07:c8:
f6:2b:52:00:50:1a:a9:4d:ea:3f:22:a8:f6:39:87:9a:a5:3f:
98:dd:05:a6:6d:ca:98:b4:ae:26:b4:19:bd:fd:8d:07:56:47:
44:d9:94:9b
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYwMqD4O7pqKwfmGyUh08r0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTI2MTcyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdiMGE0NTZiMDg1YmJlOWFhZThjMjkzYzIwOWQ1M2M0ZjgyNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFYcU/kt2nKT0pA0g2XSs17SUUf/
jz1OKSMmI9HoOGafoYyZieKmQFDHFhgdBJcQGYBCTzUOb0zsPVGYzdO8ioQrAS0W
JbIMLctzOk8f2cJWRF4/8tNkMsSU+1rteVoEq/gHJfsAcno9cGpssq0dfowxMLmo
1l3+lomi2TjgRzGfpbn8E3Nbxv4bqnXYrkgv5HlhSsLH/UC5nlvSwqCt8Av6O7sE
PpfGXekxit5y2eUMSZYWFyIeUp7w+GuTTcNncOMke+va3gNJPicvrIHEBNg1wvET
1WuMEZqUWQcNiaXNIo7hWKM1GHzC0nTJrW44Nugh3g3lzyN3TMsnSn/JYQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFOF7CkVrCFu+mq6MKTwgnVPE+CQDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNFhzS1JXc0lXNzZhcm93cFBDQ2RVOFQ0SkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALQgVAwQA
LQgXAwQALVoQAwQALZPgAwQBuWzMAwQAuc76AwQAudEmMAwDBAC53PkDBAK53PgD
BAG53h4DBAC5304DBAG54QADBAG545IDBAC5++UDBAC5++cDBAHBOpIwDQYJKoZI
hvcNAQELBQADggEBAGUAiTQoqUdYjzsZaxUmB844PoGwzKYc3lrk9npoWX5IWZkL
wBFQ2bVk2p/oKroRwuVjjtc+avPf6cOgzk7QVXk8gtZ2XvT3av/BHA6w+BpIXWpc
BQHirRslM+ERQMTZ1C8l/w56H8R3UY6tvlxmE9niaYK+qtFEMsKdXhAdwm2RkMvD
mXeI3ckBopPjNerX29bl0XfhYqe70rxShHykcbdIiruRwy27kGaSbBnouDzdBYzQ
fLUfJJo6PV2j7bnUQ9Fn+++40IXhnRGZ3QVfvTr8U0HOpUMHyPYrUgBQGqlN6j8i
qPY5h5qlP5jdBaZtypi0ria0Gb39jQdWR0TZlJs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org