Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4sUm9GbMQ36o0NGNbTIzUSqOf6w.roa
File: 4sUm9GbMQ36o0NGNbTIzUSqOf6w.roa (raw, json)
Hash identifier: 9ULNEA2efGFQNPhbuzk+0RTQwUzzJd8B8eXQRrwxgOU=
Subject key identifier: E2:C5:26:F4:66:CC:43:7E:A8:D0:D1:8D:6D:32:33:51:2A:8E:7F:AC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ACCBC275876E4798911B852FAE1B161B7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4sUm9GbMQ36o0NGNbTIzUSqOf6w.roa
Signing time: Mon 25 Sep 2023 14:26:37 +0000
ROA not before: Mon 25 Sep 2023 14:26:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 08:37:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:bc:27:58:76:e4:79:89:11:b8:52:fa:e1:b1:61:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 25 14:26:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2c526f466cc437ea8d0d18d6d3233512a8e7fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:89:e5:18:69:9e:e5:eb:a2:dc:97:d4:e2:c8:
4b:cd:f7:95:f4:e6:1f:c5:fe:32:e7:9c:d1:fc:fa:
e6:6c:12:e9:5b:da:48:8b:d5:f5:d2:37:1a:19:eb:
0a:d4:d7:0d:9c:16:c1:17:c3:3e:4a:25:0a:fd:cd:
56:62:98:9a:2e:d2:0f:05:b4:69:2a:49:1f:8a:35:
66:30:66:6c:fa:a3:f7:a5:0b:6a:c8:c3:2d:2b:23:
4b:85:c8:bd:3a:c2:44:6e:1c:f7:5b:09:21:15:12:
b8:3a:3d:e0:43:b0:50:b1:43:21:67:36:6f:f6:30:
a3:13:72:8c:95:df:e8:a2:33:98:4e:06:5f:9c:fe:
1c:fc:4c:68:26:ad:fb:2f:b4:39:66:3d:46:29:09:
24:07:24:01:dd:2f:05:65:a6:c6:c1:69:1c:87:56:
fa:e6:76:5f:fb:7b:4e:9a:83:d4:bd:de:1c:ec:48:
76:60:76:c2:4f:43:ee:f5:f3:45:3a:46:71:ef:98:
d0:c9:03:da:5c:cc:aa:0b:b7:d8:b0:47:31:31:05:
ed:ed:3e:5f:a5:d5:3a:9d:38:fc:b7:b3:6c:e9:f3:
69:e9:80:16:9e:6c:db:97:cd:36:12:04:23:f6:dc:
24:d1:0b:fb:27:99:50:eb:f3:81:11:ce:9e:36:41:
c1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:C5:26:F4:66:CC:43:7E:A8:D0:D1:8D:6D:32:33:51:2A:8E:7F:AC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4sUm9GbMQ36o0NGNbTIzUSqOf6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
176.125.248.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:b5:bb:6c:8a:d2:35:74:0a:c6:0f:be:90:30:e4:5d:56:0b:
64:ac:c4:bf:e1:45:3c:1e:2c:96:d7:e0:1a:51:ee:7d:4c:c5:
8c:e7:06:2f:fe:d8:40:a5:2b:1c:a4:59:6c:de:c7:e0:2d:f7:
bf:12:7e:55:84:17:a5:9c:73:92:f3:b7:3e:8a:9a:00:bf:81:
58:a2:88:4f:2c:92:0f:fe:ec:1a:74:08:e1:7d:dd:20:94:e2:
f3:7f:00:26:81:67:f0:8a:73:d3:78:88:52:85:f7:b7:b1:6d:
b7:f9:33:0d:65:64:76:fe:66:4e:a1:35:dd:bd:3d:86:f4:7b:
1d:fd:d7:34:8a:d9:1c:57:b3:33:55:7a:75:9e:1a:2a:e1:36:
36:91:d0:60:a6:bf:d2:4f:b0:42:1d:d8:01:d4:45:5d:36:04:
bb:0f:fb:02:76:fd:a7:2c:e7:3b:00:e2:c0:91:4c:6a:1e:a2:
2b:94:66:b6:79:37:e3:48:a8:52:55:7f:04:73:5e:0c:b8:7b:
d3:25:e0:7b:96:4c:d2:ee:44:ed:ec:d1:16:1d:66:7a:f5:b1:
20:52:78:16:41:93:89:a8:a1:6f:ab:83:6c:5c:e7:a1:2c:ab:
36:49:0a:c0:4d:bf:78:5d:26:63:ac:71:e3:28:af:17:5a:56:
22:18:98:f0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYrMvCdYduR5iRG4UvrhsWG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTI1MTQyNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmM1MjZmNDY2Y2M0MzdlYThkMGQxOGQ2ZDMyMzM1MTJhOGU3ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgonlGGme5eui3JfU4shLzfeV9OYf
xf4y55zR/PrmbBLpW9pIi9X10jcaGesK1NcNnBbBF8M+SiUK/c1WYpiaLtIPBbRp
KkkfijVmMGZs+qP3pQtqyMMtKyNLhci9OsJEbhz3WwkhFRK4Oj3gQ7BQsUMhZzZv
9jCjE3KMld/oojOYTgZfnP4c/ExoJq37L7Q5Zj1GKQkkByQB3S8FZabGwWkch1b6
5nZf+3tOmoPUvd4c7Eh2YHbCT0Pu9fNFOkZx75jQyQPaXMyqC7fYsEcxMQXt7T5f
pdU6nTj8t7Ns6fNp6YAWnmzbl802EgQj9twk0Qv7J5lQ6/OBEc6eNkHBDwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOLFJvRmzEN+qNDRjW0yM1Eqjn+sMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNHNVbTlHYk1RMzZvME5HTmJUSXpVU3FPZjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
LZPgAwQAsH34AwQAud9QAwQBueEAAwQAueEWAwQAufvlAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBetbtsitI1dArGD76QMORdVgtkrMS/4UU8HiyW1+AaUe59TMWM
5wYv/thApSscpFls3sfgLfe/En5VhBelnHOS87c+ipoAv4FYoohPLJIP/uwadAjh
fd0glOLzfwAmgWfwinPTeIhShfe3sW23+TMNZWR2/mZOoTXdvT2G9Hsd/dc0itkc
V7MzVXp1nhoq4TY2kdBgpr/ST7BCHdgB1EVdNgS7D/sCdv2nLOc7AOLAkUxqHqIr
lGa2eTfjSKhSVX8Ec14MuHvTJeB7lkzS7kTt7NEWHWZ69bEgUngWQZOJqKFvq4Ns
XOehLKs2SQrATb94XSZjrHHjKK8XWlYiGJjw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org