Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5zrGp7VBF3g1uj7CxCtDd5fNCLg.roa
File: 5zrGp7VBF3g1uj7CxCtDd5fNCLg.roa (raw, json)
Hash identifier: mHisoq6FGH0F60+mlMY9otzV5mabtTfSgfmu6WoVJWw=
Subject key identifier: E7:3A:C6:A7:B5:41:17:78:35:BA:3E:C2:C4:2B:43:77:97:CD:08:B8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B04BEC97A98DBC9516F10A63E2A32AF3F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5zrGp7VBF3g1uj7CxCtDd5fNCLg.roa
Signing time: Fri 06 Oct 2023 11:28:13 +0000
ROA not before: Fri 06 Oct 2023 11:28:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Oct 2023 14:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:be:c9:7a:98:db:c9:51:6f:10:a6:3e:2a:32:af:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 6 11:28:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e73ac6a7b541177835ba3ec2c42b437797cd08b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:54:61:67:7f:9d:ae:2a:a9:98:0a:de:47:53:
30:69:2f:f6:f3:7c:ed:91:60:68:ae:04:c7:84:8a:
15:bb:b3:9c:4a:c8:88:6f:3e:93:88:3c:0d:3f:81:
3d:99:e6:67:ea:06:1a:3c:77:66:70:04:79:dd:93:
62:a6:17:87:70:a4:7c:05:ca:e0:e6:ed:d5:16:42:
e9:eb:d5:c9:fd:b6:4f:c0:17:54:62:d6:ef:21:8f:
92:4b:cc:08:60:d3:1a:a4:f2:37:40:90:7d:b2:0b:
b6:52:87:8b:36:ea:f7:b5:f4:9b:d5:07:dd:ec:c5:
d4:1f:05:87:5b:d4:10:71:98:df:52:9f:c2:d0:a5:
1f:72:ea:83:24:44:11:4b:07:c9:70:70:05:66:e0:
a6:54:dd:b3:fd:81:ea:46:39:0f:60:1d:fb:d2:18:
e7:88:83:5a:74:ca:c3:7d:3e:42:b7:05:7c:7c:46:
ab:cb:b5:d2:c0:1e:84:75:b4:ab:52:5d:67:63:f6:
5a:36:0f:d4:61:08:aa:4b:63:a0:57:90:03:19:a4:
cc:55:9d:84:21:38:36:a7:0f:f3:ea:d1:91:4f:06:
f2:ed:1c:d9:3e:3f:28:cc:2d:91:55:de:94:9e:60:
ca:db:03:c0:23:8b:1d:16:50:0c:63:81:b4:12:5a:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3A:C6:A7:B5:41:17:78:35:BA:3E:C2:C4:2B:43:77:97:CD:08:B8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5zrGp7VBF3g1uj7CxCtDd5fNCLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:5a:7c:cd:2f:d5:42:03:b9:79:50:40:c7:a7:60:d2:54:dc:
5c:46:5e:cf:9d:95:00:38:54:90:dd:25:4a:83:62:e0:87:79:
4b:03:30:f2:9f:56:a6:f7:7f:9a:8f:63:7b:16:f2:57:6a:21:
f4:4f:7b:1e:ca:53:d3:63:a7:cd:5a:d2:1b:98:15:e4:88:34:
f8:e8:49:e2:16:6a:8d:6d:f7:b4:a5:1b:d9:3a:5a:52:9a:15:
ad:ad:60:bb:47:8e:f3:de:ce:51:91:31:c3:28:64:85:f7:d9:
7c:6f:2a:ce:44:40:94:c3:61:b3:f4:0e:f1:78:29:db:b7:c3:
d1:cc:65:f8:20:d9:9b:0f:db:3c:4f:8c:06:b4:cc:82:a0:03:
18:47:7c:80:79:46:fa:24:5f:e4:3c:34:ea:e2:38:66:8a:7b:
cd:d3:de:e6:a1:06:59:d9:73:63:85:a6:59:7f:32:cb:a6:64:
05:85:3a:83:20:12:40:34:98:a2:ef:23:1d:c9:0c:58:72:27:
11:d9:97:80:e5:a4:ba:6b:e9:07:5b:6c:05:16:91:93:6e:e9:
7d:00:69:a5:f5:91:c3:a4:f4:c9:7c:0b:e8:0f:30:74:d5:f6:
49:e0:05:1a:5c:69:8c:85:58:78:54:d8:2b:0f:66:67:f1:d1:
45:f6:19:ee
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYsEvsl6mNvJUW8Qpj4qMq8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDA2MTEyODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNhYzZhN2I1NDExNzc4MzViYTNlYzJjNDJiNDM3Nzk3Y2QwOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1RhZ3+driqpmAreR1MwaS/283zt
kWBorgTHhIoVu7OcSsiIbz6TiDwNP4E9meZn6gYaPHdmcAR53ZNipheHcKR8Bcrg
5u3VFkLp69XJ/bZPwBdUYtbvIY+SS8wIYNMapPI3QJB9sgu2UoeLNur3tfSb1Qfd
7MXUHwWHW9QQcZjfUp/C0KUfcuqDJEQRSwfJcHAFZuCmVN2z/YHqRjkPYB370hjn
iINadMrDfT5CtwV8fEary7XSwB6EdbSrUl1nY/ZaNg/UYQiqS2OgV5ADGaTMVZ2E
ITg2pw/z6tGRTwby7RzZPj8ozC2RVd6UnmDK2wPAI4sdFlAMY4G0EloTwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOc6xqe1QRd4Nbo+wsQrQ3eXzQi4MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNXpyR3A3VkJGM2cxdWo3Q3hDdERkNWZOQ0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAueJrAwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQANWnzNL9VCA7l5UEDHp2DSVNxcRl7PnZUAOFSQ3SVK
g2Lgh3lLAzDyn1am93+aj2N7FvJXaiH0T3seylPTY6fNWtIbmBXkiDT46EniFmqN
bfe0pRvZOlpSmhWtrWC7R47z3s5RkTHDKGSF99l8byrORECUw2Gz9A7xeCnbt8PR
zGX4INmbD9s8T4wGtMyCoAMYR3yAeUb6JF/kPDTq4jhminvN097moQZZ2XNjhaZZ
fzLLpmQFhTqDIBJANJii7yMdyQxYcicR2ZeA5aS6a+kHW2wFFpGTbul9AGml9ZHD
pPTJfAvoDzB01fZJ4AUaXGmMhVh4VNgrD2Zn8dFF9hnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org