Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5fubOPUfx_hX9zS7JdiwuRdAgtQ.roa
File: 5fubOPUfx_hX9zS7JdiwuRdAgtQ.roa (raw, json)
Hash identifier: 2yzrVMwfyHlIAZpNBJrE/qV4PhWznav1xcZnKEG4PLw=
Subject key identifier: E5:FB:9B:38:F5:1F:C7:F8:57:F7:34:BB:25:D8:B0:B9:17:40:82:D4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D3613EE578A106CDE72EEB049A2E8E05A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5fubOPUfx_hX9zS7JdiwuRdAgtQ.roa
Signing time: Tue 23 Jan 2024 11:28:12 +0000
ROA not before: Tue 23 Jan 2024 11:28:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.22.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jan 2024 22:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:13:ee:57:8a:10:6c:de:72:ee:b0:49:a2:e8:e0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 23 11:28:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5fb9b38f51fc7f857f734bb25d8b0b9174082d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:94:2a:de:14:64:38:ef:32:14:ba:a4:9f:
bf:15:95:c3:c3:c0:07:97:7c:e4:eb:10:3d:e9:dd:
0c:64:f0:2e:ea:dd:60:94:92:89:d3:e5:06:31:cc:
1d:a8:84:86:b7:b3:ba:9e:8e:61:73:56:e2:00:34:
d3:c4:52:61:69:88:99:44:3f:3a:ad:19:be:96:46:
bf:88:af:33:ad:fd:4a:28:88:43:6f:aa:d6:0d:6d:
29:18:74:45:21:f2:f1:4b:6f:c1:12:43:45:ec:12:
b7:c1:40:c7:11:cf:65:ba:c6:08:92:b5:1c:1f:d0:
8c:ba:c5:46:95:06:20:01:88:09:85:db:36:e9:6c:
a3:64:b9:91:22:44:f4:8a:27:99:bb:b5:45:a5:06:
5b:bf:3d:69:75:b2:d4:b4:ac:6c:f7:21:79:86:74:
79:c3:46:b4:86:19:b1:51:a6:eb:97:90:b7:6a:50:
fb:e9:69:bc:00:f9:28:7a:52:69:39:ec:60:fd:e1:
1d:e6:91:de:3e:3e:27:a5:e8:aa:cb:ba:7f:73:0f:
43:9a:48:7a:a2:6c:64:12:4b:31:55:41:7e:18:6b:
fe:9c:21:48:ad:8d:6e:52:a3:f5:df:82:7d:08:37:
e2:82:43:da:2a:dd:f5:21:f7:18:35:66:23:44:8b:
10:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FB:9B:38:F5:1F:C7:F8:57:F7:34:BB:25:D8:B0:B9:17:40:82:D4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5fubOPUfx_hX9zS7JdiwuRdAgtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.225.22.0/24
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
83:98:a3:d1:a7:7e:1e:4b:a6:f3:5c:19:88:43:be:a7:49:7c:
3d:8e:e1:3c:a5:d5:e4:e0:68:0b:4f:78:f4:11:3f:ac:93:7c:
1c:b4:b5:d5:30:c6:59:2d:6f:f0:e8:e7:4b:4d:bc:48:d9:2f:
eb:6e:42:79:37:8d:e0:dd:5e:3b:45:f6:2f:7b:46:39:be:81:
e6:91:5f:82:9e:9b:56:0d:93:0b:25:0e:40:d9:fa:48:e8:eb:
b6:f2:ae:93:c6:9e:71:d1:25:c3:45:09:db:83:1e:75:92:4b:
24:b0:58:b6:cd:c5:26:41:b2:5f:66:90:44:5d:e9:32:85:64:
4a:d9:10:a4:d0:40:39:80:9d:f9:b6:de:5e:86:37:80:7d:ea:
0f:fa:cd:87:d3:5b:95:2f:b5:71:dc:a5:c7:9a:a6:5e:5f:cc:
63:59:d3:45:ba:f1:37:5b:c3:44:bf:e1:17:e6:40:32:63:2d:
59:64:62:4f:63:7e:05:40:b3:b2:c9:17:2c:94:c1:b7:87:71:
04:fe:f0:56:4a:13:bc:2c:e0:a3:a9:5c:e2:91:63:0b:b5:e4:
b6:fe:e9:f9:53:02:19:b8:1f:01:af:0c:6f:19:ed:01:99:60:
16:3b:bc:13:e2:cf:14:83:aa:9a:b2:98:07:2f:72:3a:79:0b:
91:13:42:0c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY02E+5XihBs3nLusEmi6OBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTIzMTEyODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZiOWIzOGY1MWZjN2Y4NTdmNzM0YmIyNWQ4YjBiOTE3NDA4MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFiUKt4UZDjvMhS6pJ+/FZXDw8AH
l3zk6xA96d0MZPAu6t1glJKJ0+UGMcwdqISGt7O6no5hc1biADTTxFJhaYiZRD86
rRm+lka/iK8zrf1KKIhDb6rWDW0pGHRFIfLxS2/BEkNF7BK3wUDHEc9lusYIkrUc
H9CMusVGlQYgAYgJhds26WyjZLmRIkT0iieZu7VFpQZbvz1pdbLUtKxs9yF5hnR5
w0a0hhmxUabrl5C3alD76Wm8APkoelJpOexg/eEd5pHePj4npeiqy7p/cw9Dmkh6
omxkEksxVUF+GGv+nCFIrY1uUqP134J9CDfigkPaKt31IfcYNWYjRIsQRQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOX7mzj1H8f4V/c0uyXYsLkXQILUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNWZ1Yk9QVWZ4X2hYOXpTN0pkaXd1UmRBZ3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQAueEWAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQCDmKPRp34eS6bzXBmIQ76nSXw9juE8pdXk4GgLT3j0ET+sk3wc
tLXVMMZZLW/w6OdLTbxI2S/rbkJ5N43g3V47RfYve0Y5voHmkV+CnptWDZMLJQ5A
2fpI6Ou28q6Txp5x0SXDRQnbgx51kksksFi2zcUmQbJfZpBEXekyhWRK2RCk0EA5
gJ35tt5ehjeAfeoP+s2H01uVL7Vx3KXHmqZeX8xjWdNFuvE3W8NEv+EX5kAyYy1Z
ZGJPY34FQLOyyRcslMG3h3EE/vBWShO8LOCjqVzikWMLteS2/un5UwIZuB8Brwxv
Ge0BmWAWO7wT4s8Ug6qaspgHL3I6eQuRE0IM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org