Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7CN2stwm7IWh5SuK-RInDgvBvRQ.roa
File: 7CN2stwm7IWh5SuK-RInDgvBvRQ.roa (raw, json)
Hash identifier: 80kbDFhsqiA8zfWRh0eQF5GeXp92t6HXGC8XvgsYtkg=
Subject key identifier: EC:23:76:B2:DC:26:EC:85:A1:E5:2B:8A:F9:12:27:0E:0B:C1:BD:14
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C86F5D2E9524F0CFD359A39AC0B8555BF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7CN2stwm7IWh5SuK-RInDgvBvRQ.roa
Signing time: Wed 20 Dec 2023 11:21:46 +0000
ROA not before: Wed 20 Dec 2023 11:21:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.225.22.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 21 Dec 2023 09:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:f5:d2:e9:52:4f:0c:fd:35:9a:39:ac:0b:85:55:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 20 11:21:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec2376b2dc26ec85a1e52b8af912270e0bc1bd14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:da:b3:dd:e5:1d:4d:0f:b9:eb:60:80:fc:
fd:e0:2c:c0:27:75:c6:53:92:eb:a7:fc:f0:eb:6d:
97:e8:a4:c2:7e:96:fb:a6:be:6b:37:6e:d8:2e:17:
94:38:13:48:5d:7e:8f:46:95:f2:f8:ba:b1:5b:9c:
8a:21:d1:0d:43:a0:73:4d:9b:c4:eb:fe:cb:43:2c:
6b:9e:86:82:be:1a:a4:a7:e8:a1:f4:bb:7a:ef:af:
80:ce:96:ed:3b:48:6c:01:8c:cb:43:a8:62:e7:4a:
97:de:3b:84:17:ec:fa:a4:de:37:e1:97:9a:e2:e0:
3e:4b:e2:23:8a:ca:b0:1c:f8:54:8f:33:9a:71:6e:
a5:da:8b:18:e7:0a:86:96:3d:a2:97:87:52:16:2f:
f6:30:94:60:53:2b:17:ef:85:1b:e9:3e:de:d9:43:
8a:2b:b0:87:cd:35:87:3d:aa:2a:4b:33:39:9b:df:
2e:2c:41:68:89:03:e7:e6:f9:b0:2a:53:d8:b7:d4:
3a:50:0b:9e:37:db:19:0a:75:17:da:30:45:dd:61:
c1:a1:48:92:92:5d:2e:a2:67:55:fe:1b:a2:cc:09:
3e:85:45:5a:c6:b6:98:86:ac:19:83:e8:40:21:44:
d6:23:53:ae:2a:80:90:9a:f1:b1:18:ed:10:40:95:
d5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:23:76:B2:DC:26:EC:85:A1:E5:2B:8A:F9:12:27:0E:0B:C1:BD:14
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7CN2stwm7IWh5SuK-RInDgvBvRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.249.0-185.220.251.255
185.223.82.0/24
185.225.0.0/23
185.225.22.0/24
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:fa:2a:57:87:0f:f3:85:02:1b:2c:1a:de:bc:5a:4c:40:57:
db:59:87:b8:41:1c:a4:08:c5:88:3b:f6:04:f9:6e:2d:6e:2c:
ec:e2:8e:f5:64:aa:a8:e2:6f:e2:aa:30:a7:5e:7b:22:57:86:
8f:63:52:32:0e:86:bc:ac:05:cb:35:b2:b7:86:76:e4:ed:9a:
2f:d3:28:0e:2c:26:7f:67:b0:d5:fc:94:35:31:9d:b0:5f:f2:
38:ad:63:03:92:af:41:be:fc:86:6c:34:7c:4a:5d:fe:00:1a:
43:4a:4b:95:23:29:d1:35:cd:54:6d:6c:65:69:d6:6d:5b:b4:
44:75:9f:41:74:d1:5e:6c:15:db:db:8c:b8:67:ea:72:db:11:
c2:07:9f:71:a0:f8:64:d8:44:a0:7e:4c:47:80:a5:1e:f1:fb:
92:30:91:fc:b3:ba:16:64:61:c7:2c:44:55:9d:90:cb:5b:10:
00:f6:a0:86:06:34:31:6e:de:ba:3f:1b:b0:66:81:3f:07:6a:
dd:df:e9:8e:e4:06:b4:1c:72:5a:a3:21:aa:a9:60:54:b6:22:
12:fc:8b:f9:9d:5b:5f:57:12:a7:39:40:8c:da:86:fb:f3:87:
57:d8:6e:d7:d9:47:07:15:14:f2:0a:53:9d:a4:e9:5a:ac:f7:
cc:80:b4:48
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYyG9dLpUk8M/TWaOawLhVW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjIwMTEyMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIzNzZiMmRjMjZlYzg1YTFlNTJiOGFmOTEyMjcwZTBiYzFiZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhffas93lHU0PuetggPz94CzAJ3XG
U5Lrp/zw622X6KTCfpb7pr5rN27YLheUOBNIXX6PRpXy+LqxW5yKIdENQ6BzTZvE
6/7LQyxrnoaCvhqkp+ih9Lt676+AzpbtO0hsAYzLQ6hi50qX3juEF+z6pN434Zea
4uA+S+IjisqwHPhUjzOacW6l2osY5wqGlj2il4dSFi/2MJRgUysX74Ub6T7e2UOK
K7CHzTWHPaoqSzM5m98uLEFoiQPn5vmwKlPYt9Q6UAueN9sZCnUX2jBF3WHBoUiS
kl0uomdV/huizAk+hUVaxraYhqwZg+hAIUTWI1OuKoCQmvGxGO0QQJXVBQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOwjdrLcJuyFoeUrivkSJw4Lwb0UMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN0NOMnN0d203SVdoNVN1Sy1SSW5EZ3ZCdlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVMAwD
BAC53PkDBAK53PgDBAC531IDBAG54QADBAC54RYDBAG545IDBAC5++UDBAHBOpIw
DQYJKoZIhvcNAQELBQADggEBALT6KleHD/OFAhssGt68WkxAV9tZh7hBHKQIxYg7
9gT5bi1uLOzijvVkqqjib+KqMKdeeyJXho9jUjIOhrysBcs1sreGduTtmi/TKA4s
Jn9nsNX8lDUxnbBf8jitYwOSr0G+/IZsNHxKXf4AGkNKS5UjKdE1zVRtbGVp1m1b
tER1n0F00V5sFdvbjLhn6nLbEcIHn3Gg+GTYRKB+TEeApR7x+5IwkfyzuhZkYccs
RFWdkMtbEAD2oIYGNDFu3ro/G7BmgT8Hat3f6Y7kBrQcclqjIaqpYFS2IhL8i/md
W19XEqc5QIzahvvzh1fYbtfZRwcVFPIKU52k6Vqs98yAtEg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org