Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4kjnTUp9kwBqf7Eey_2tHasuBTE.roa
File: 4kjnTUp9kwBqf7Eey_2tHasuBTE.roa (raw, json)
Hash identifier: oItgWgbJLXzF3dTohuhl4K3+8GgVNgX/zW5iSF9jACc=
Subject key identifier: E2:48:E7:4D:4A:7D:93:00:6A:7F:B1:1E:CB:FD:AD:1D:AB:2E:05:31
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193E06260F511C83465B512BD708671897A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4kjnTUp9kwBqf7Eey_2tHasuBTE.roa
Signing time: Thu 19 Dec 2024 19:26:03 +0000
ROA not before: Thu 19 Dec 2024 19:26:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 09:25:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e0:62:60:f5:11:c8:34:65:b5:12:bd:70:86:71:89:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 19 19:26:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e248e74d4a7d93006a7fb11ecbfdad1dab2e0531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:2f:0e:22:c1:fc:a7:68:66:ff:58:d4:21:
74:ad:40:f5:8a:10:46:15:04:c2:09:c9:e9:7b:b4:
5c:fc:34:54:f1:99:c4:3f:0a:41:cf:a2:13:99:ba:
5c:ae:6b:90:56:5e:4d:13:ab:c9:de:c9:03:b3:92:
00:bd:8d:e1:3f:19:38:61:ef:56:58:eb:e7:94:1e:
29:4c:c9:48:8c:ee:62:f7:3e:89:b5:c7:3d:91:79:
9c:b0:0e:7d:f9:89:bf:c6:39:01:c3:55:7b:bb:7a:
fe:4e:b2:97:76:93:50:c2:31:d8:a3:e5:4e:5a:1b:
69:be:ea:c5:22:7f:2b:76:64:68:ac:f0:ff:46:68:
61:d8:db:80:4f:10:d5:30:5c:38:51:8e:0a:78:e2:
ac:2e:d2:aa:4f:d0:dd:f4:0f:68:bd:9e:2d:c4:ec:
69:e2:ac:2f:37:3b:cb:62:f0:7c:f1:5e:60:25:2f:
1b:92:bd:a9:a1:f4:ff:97:c1:2b:7c:f8:b5:f2:c8:
de:af:e0:01:7d:45:8d:ba:5b:0e:6d:13:5b:0b:f3:
66:32:7b:b5:eb:b8:51:90:d7:75:7b:56:a3:c7:83:
ef:87:89:55:a3:c1:27:58:76:08:ce:60:3d:ba:e8:
a7:bf:f3:f5:61:24:98:a1:6b:c4:5b:e0:b0:19:2c:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:48:E7:4D:4A:7D:93:00:6A:7F:B1:1E:CB:FD:AD:1D:AB:2E:05:31
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4kjnTUp9kwBqf7Eey_2tHasuBTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.251.230.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:68:89:24:7e:24:eb:15:df:71:79:df:06:b4:a5:e2:4e:2c:
2a:d7:7a:21:ff:9a:1a:6f:96:b9:a2:8b:99:da:15:33:ad:26:
18:de:14:3d:8a:42:cf:1b:a1:fd:7c:c4:ee:15:00:fa:ed:5b:
71:b7:0f:c0:b4:0c:21:55:91:f5:a0:9b:0d:d7:ad:7e:a8:df:
63:fc:9d:92:01:64:b7:8f:e5:9f:78:34:5f:08:05:c4:a9:2b:
63:f8:13:02:69:a4:0e:1d:34:d1:13:f0:7e:bb:72:db:a5:fa:
26:1d:3d:96:56:7e:8f:9e:d1:08:0e:5e:c1:54:06:fa:d3:25:
03:25:34:93:84:b4:ab:86:3b:7f:83:34:29:84:18:e1:33:4d:
02:0f:42:a1:8b:ac:66:87:40:4a:76:49:f7:41:60:f7:1a:b4:
9b:dd:fe:2d:10:20:c8:e5:59:7e:00:57:eb:c0:ec:41:89:6d:
c7:9c:41:9f:84:03:ae:a3:e2:fc:8f:92:f1:91:2c:36:07:32:
90:f7:73:a7:25:7d:4d:41:4e:be:81:70:0e:75:86:4a:be:1c:
00:dd:2a:d5:55:98:15:96:a0:0b:3d:20:a3:21:f7:3a:4d:23:
53:69:d5:de:82:41:fb:26:3b:7a:88:d4:bd:79:e1:17:83:33:
aa:41:4c:cf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZPgYmD1Ecg0ZbUSvXCGcYl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjE5MTkyNjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQ4ZTc0ZDRhN2Q5MzAwNmE3ZmIxMWVjYmZkYWQxZGFiMmUwNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkQvDiLB/KdoZv9Y1CF0rUD1ihBG
FQTCCcnpe7Rc/DRU8ZnEPwpBz6ITmbpcrmuQVl5NE6vJ3skDs5IAvY3hPxk4Ye9W
WOvnlB4pTMlIjO5i9z6Jtcc9kXmcsA59+Ym/xjkBw1V7u3r+TrKXdpNQwjHYo+VO
WhtpvurFIn8rdmRorPD/Rmhh2NuATxDVMFw4UY4KeOKsLtKqT9Dd9A9ovZ4txOxp
4qwvNzvLYvB88V5gJS8bkr2pofT/l8ErfPi18sjer+ABfUWNulsObRNbC/NmMnu1
67hRkNd1e1ajx4Pvh4lVo8EnWHYIzmA9uuinv/P1YSSYoWvEW+CwGSzApwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOJI501KfZMAan+xHsv9rR2rLgUxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNGtqblRVcDlrd0JxZjdFZXlfMnRIYXN1QlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQAufvmAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQCPaIkkfiTrFd9xed8GtKXiTiwq13oh/5oab5a5oouZ2hUzrSYY
3hQ9ikLPG6H9fMTuFQD67Vtxtw/AtAwhVZH1oJsN161+qN9j/J2SAWS3j+WfeDRf
CAXEqStj+BMCaaQOHTTRE/B+u3LbpfomHT2WVn6PntEIDl7BVAb60yUDJTSThLSr
hjt/gzQphBjhM00CD0Khi6xmh0BKdkn3QWD3GrSb3f4tECDI5Vl+AFfrwOxBiW3H
nEGfhAOuo+L8j5LxkSw2BzKQ93OnJX1NQU6+gXAOdYZKvhwA3SrVVZgVlqALPSCj
Ifc6TSNTadXegkH7Jjt6iNS9eeEXgzOqQUzP
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:38 2025 by rpki-client