Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4ZJgmgzALzjbERiRI7xZJQZz6J8.roa
File: 4ZJgmgzALzjbERiRI7xZJQZz6J8.roa (raw, json)
Hash identifier: POohcmltwRtLhTRjp3od7Ud21eB+eNjyMvOx8T/qn/w=
Subject key identifier: E1:92:60:9A:0C:C0:2F:38:DB:11:18:91:23:BC:59:25:06:73:E8:9F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01928AE741F53C623865790F0C83B5A1391E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4ZJgmgzALzjbERiRI7xZJQZz6J8.roa
Signing time: Mon 14 Oct 2024 12:01:04 +0000
ROA not before: Mon 14 Oct 2024 12:01:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 12:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:e7:41:f5:3c:62:38:65:79:0f:0c:83:b5:a1:39:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 12:01:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e192609a0cc02f38db11189123bc59250673e89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f8:0b:fe:43:91:24:80:3c:33:b3:a6:bc:26:
c3:f7:d0:d0:71:43:92:c0:8c:a0:d1:89:b6:b0:b5:
9c:dc:88:a3:d7:64:48:df:28:83:57:5b:76:45:73:
e7:ed:ca:12:b9:4a:11:f8:9c:30:52:e0:46:21:6a:
b2:df:81:eb:28:6f:c4:f7:6f:fc:bb:68:3b:a7:84:
ec:2d:0d:81:e4:c3:0e:b8:55:fb:89:ca:70:d5:ea:
85:7e:f1:6f:ab:ae:ba:25:c0:ab:45:08:3f:c3:aa:
d5:48:bd:a5:10:9f:69:ac:09:cb:85:4a:26:a1:88:
93:94:85:8e:5b:a2:e7:91:21:b4:be:2f:b7:7f:b6:
12:ac:b2:52:4b:2c:dc:be:f8:3d:bc:c0:d5:b3:07:
ab:65:06:83:d4:cd:86:38:3d:e2:30:a8:f8:d0:1b:
ba:05:19:38:db:56:cc:3b:ba:8f:af:09:75:57:a9:
08:72:6c:47:04:f3:7c:64:24:12:e4:e5:d8:40:2d:
c6:9e:d2:d7:01:aa:89:ba:dd:65:99:59:64:0e:2a:
98:36:f6:dd:d7:4e:ad:82:f1:7a:c0:d5:6e:95:8f:
99:1b:93:b2:14:32:ff:13:06:ab:ed:e3:c3:8f:14:
74:d3:8e:67:1c:bd:28:4e:21:bb:2b:51:ad:47:7f:
15:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:92:60:9A:0C:C0:2F:38:DB:11:18:91:23:BC:59:25:06:73:E8:9F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4ZJgmgzALzjbERiRI7xZJQZz6J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.121.12.0/22
185.126.82.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:10:64:fa:38:02:5b:1e:99:87:58:2d:f0:84:61:f0:00:35:
22:08:cd:99:14:72:cb:88:da:56:3c:6d:de:26:10:b8:cd:c3:
46:57:12:64:2e:d9:58:c3:6d:ed:b1:96:bb:54:ec:72:9b:b9:
82:89:c3:5b:01:5e:2f:21:42:d2:c4:a8:4b:8e:c4:12:92:f4:
62:29:f7:8f:63:d1:66:9e:f0:65:d2:fa:c0:58:59:5b:19:8c:
7b:7a:58:e8:3f:d3:4c:2e:ba:9e:33:33:8d:bf:5b:61:6c:1b:
a9:80:67:c9:b3:a1:d0:08:32:aa:f8:59:f6:43:a8:3a:cc:1a:
8f:4a:2c:09:73:e9:f8:6c:a3:1e:19:c7:55:6c:42:ec:9b:2e:
1e:14:a1:ed:26:67:a7:9d:34:a7:85:c4:6d:af:1c:15:c4:e4:
a0:5b:69:02:c1:40:62:be:ee:38:ef:d2:62:9b:6c:ae:f6:70:
cb:d9:2c:a1:10:66:34:62:c5:57:cd:51:83:72:3c:e5:7a:05:
cf:0c:f9:77:79:43:bd:6c:e5:33:3a:84:93:46:97:90:62:d9:
65:8c:64:2c:64:0f:b7:79:1d:1b:5f:7e:61:7a:c3:e9:ae:16:
36:03:af:7d:ec:f2:1c:7f:03:a9:90:99:0f:9c:5b:a9:d5:60:
d1:60:61:61
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZKK50H1PGI4ZXkPDIO1oTkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDE0MTIwMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTkyNjA5YTBjYzAyZjM4ZGIxMTE4OTEyM2JjNTkyNTA2NzNlODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/gL/kORJIA8M7OmvCbD99DQcUOS
wIyg0Ym2sLWc3Iij12RI3yiDV1t2RXPn7coSuUoR+JwwUuBGIWqy34HrKG/E92/8
u2g7p4TsLQ2B5MMOuFX7icpw1eqFfvFvq666JcCrRQg/w6rVSL2lEJ9prAnLhUom
oYiTlIWOW6LnkSG0vi+3f7YSrLJSSyzcvvg9vMDVswerZQaD1M2GOD3iMKj40Bu6
BRk421bMO7qPrwl1V6kIcmxHBPN8ZCQS5OXYQC3GntLXAaqJut1lmVlkDiqYNvbd
106tgvF6wNVulY+ZG5OyFDL/Ewar7ePDjxR0045nHL0oTiG7K1GtR38VMwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOGSYJoMwC842xEYkSO8WSUGc+ifMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNFpKZ21nekFMempiRVJpUkk3eFpKUVp6Nko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQC
uXkMAwQAuX5SAwQAudplAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQBwQhwAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQA6EGT6OAJbHpmHWC3whGHwADUiCM2ZFHLL
iNpWPG3eJhC4zcNGVxJkLtlYw23tsZa7VOxym7mCicNbAV4vIULSxKhLjsQSkvRi
KfePY9FmnvBl0vrAWFlbGYx7eljoP9NMLrqeMzONv1thbBupgGfJs6HQCDKq+Fn2
Q6g6zBqPSiwJc+n4bKMeGcdVbELsmy4eFKHtJmennTSnhcRtrxwVxOSgW2kCwUBi
vu4479Jim2yu9nDL2SyhEGY0YsVXzVGDcjzlegXPDPl3eUO9bOUzOoSTRpeQYtll
jGQsZA+3eR0bX35hesPprhY2A6997PIcfwOpkJkPnFup1WDRYGFh
-----END CERTIFICATE-----
Generated at Mon Oct 14 15:20:32 2024 by rpki-client on console-fra.rpki-client.org