Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7juY6GypSjYPonpNkfwMBwaO8cY.roa
File: 7juY6GypSjYPonpNkfwMBwaO8cY.roa (raw, json)
Hash identifier: oTaH8REGqHMKhuFG1JwodTR55NvX/fThZw8FV3IqLUE=
Subject key identifier: EE:3B:98:E8:6C:A9:4A:36:0F:A2:7A:4D:91:FC:0C:07:06:8E:F1:C6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01892A9D0F1EFBC753698712F8E2D2211A32
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7juY6GypSjYPonpNkfwMBwaO8cY.roa
Signing time: Thu 06 Jul 2023 09:51:23 +0000
ROA not before: Thu 06 Jul 2023 09:51:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.209.38.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jul 2023 21:23:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:9d:0f:1e:fb:c7:53:69:87:12:f8:e2:d2:21:1a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 6 09:51:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee3b98e86ca94a360fa27a4d91fc0c07068ef1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8b:3e:de:3f:2c:c7:12:4d:f4:ba:1c:c8:bd:
20:ff:4d:6f:d9:f5:a7:b7:70:1d:28:fe:99:fb:42:
fa:77:23:15:bc:07:dd:d1:a7:af:e9:63:e0:64:df:
25:be:06:86:e1:02:26:3b:fe:87:b3:3d:df:1e:63:
3e:17:44:32:45:86:cc:f6:71:79:c7:98:cc:8e:46:
da:09:5f:d5:89:61:47:5c:b5:6b:9a:b0:9b:2c:27:
5f:5f:c9:23:a7:81:11:38:eb:0a:8a:79:fa:91:3b:
98:b8:9f:f3:9e:05:4f:93:1d:3a:7c:91:61:62:e6:
5a:73:61:ec:79:61:18:41:c1:fc:29:13:01:85:73:
b5:4d:e3:d4:ef:ab:fa:df:d2:d2:a0:44:52:4a:52:
b0:64:07:b7:99:42:eb:98:4a:68:a3:3d:e6:b2:21:
8b:83:96:ac:36:de:cc:5e:9b:b1:c0:1c:28:79:0c:
99:19:59:74:41:44:84:ec:c6:93:1e:69:b4:87:54:
4b:65:3c:47:57:f0:d6:3e:2c:7e:1b:96:6d:32:6a:
6d:f2:c5:b8:8e:3b:42:84:3f:d9:fd:45:ec:99:17:
0e:a8:3d:31:d8:36:c8:ea:98:5e:4c:cf:7b:5f:b6:
d7:a5:99:fa:f3:e2:75:37:3e:21:14:d4:69:24:a2:
17:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3B:98:E8:6C:A9:4A:36:0F:A2:7A:4D:91:FC:0C:07:06:8E:F1:C6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7juY6GypSjYPonpNkfwMBwaO8cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.209.74.0/24
185.210.233.0/24
185.223.80.0/24
185.225.0.0/23
185.230.52.0/24
193.58.145.0-193.58.147.255
Signature Algorithm: sha256WithRSAEncryption
55:e4:2e:91:30:45:88:ae:f5:e8:51:06:8b:65:62:5a:55:18:
5e:b2:6c:fa:1c:93:9f:fe:52:85:95:28:f6:0a:9d:4a:7c:39:
68:11:a2:05:7b:da:e3:86:8b:4a:f1:3a:4f:ea:41:00:6a:06:
e6:c7:b3:0b:1f:0f:f6:d1:31:6e:18:60:a8:54:6c:45:0c:1e:
75:63:41:c9:3b:c6:38:d5:dd:13:03:9d:70:72:80:bc:bc:ac:
4f:13:8f:47:1a:4a:75:b3:83:a3:35:2c:8b:b4:47:6c:c2:45:
da:76:b3:7a:a4:7d:41:5c:e4:53:01:97:bd:d3:08:38:ac:74:
54:89:75:77:29:cf:b9:7b:f3:6f:8d:d9:03:ec:0b:35:f1:2a:
6b:72:0d:0d:d7:29:04:fb:90:4a:4c:72:c6:c1:4c:6b:59:9d:
3f:49:df:94:cf:aa:1d:4a:05:4a:e6:b2:6a:71:27:13:bd:e6:
4a:74:d0:5b:48:a0:87:e5:9f:e5:32:86:7b:d6:f6:1c:91:53:
41:be:91:6e:c6:a3:e1:af:27:55:f6:a3:55:9d:b6:66:95:35:
1a:38:10:bc:f8:9b:32:6b:3f:c4:68:7a:60:e4:09:e5:62:6b:
88:2c:c5:41:80:0f:df:aa:10:5d:f1:71:f9:be:35:8f:f5:e5:
32:e3:3e:ea
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYkqnQ8e+8dTaYcS+OLSIRoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA2MDk1MTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNiOThlODZjYTk0YTM2MGZhMjdhNGQ5MWZjMGMwNzA2OGVmMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIs+3j8sxxJN9LocyL0g/01v2fWn
t3AdKP6Z+0L6dyMVvAfd0aev6WPgZN8lvgaG4QImO/6Hsz3fHmM+F0QyRYbM9nF5
x5jMjkbaCV/ViWFHXLVrmrCbLCdfX8kjp4EROOsKinn6kTuYuJ/zngVPkx06fJFh
YuZac2HseWEYQcH8KRMBhXO1TePU76v639LSoERSSlKwZAe3mULrmEpooz3msiGL
g5asNt7MXpuxwBwoeQyZGVl0QUSE7MaTHmm0h1RLZTxHV/DWPix+G5ZtMmpt8sW4
jjtChD/Z/UXsmRcOqD0x2DbI6pheTM97X7bXpZn68+J1Nz4hFNRpJKIX1QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFO47mOhsqUo2D6J6TZH8DAcGjvHGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvN2p1WTZHeXBTallQb25wTmtmd01Cd2FPOGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALQgVAwQA
LZPgAwQAudEmAwQAudFKAwQAudLpAwQAud9QAwQBueEAAwQAueY0MAwDBADBOpED
BALBOpAwDQYJKoZIhvcNAQELBQADggEBAFXkLpEwRYiu9ehRBotlYlpVGF6ybPoc
k5/+UoWVKPYKnUp8OWgRogV72uOGi0rxOk/qQQBqBubHswsfD/bRMW4YYKhUbEUM
HnVjQck7xjjV3RMDnXBygLy8rE8Tj0caSnWzg6M1LIu0R2zCRdp2s3qkfUFc5FMB
l73TCDisdFSJdXcpz7l782+N2QPsCzXxKmtyDQ3XKQT7kEpMcsbBTGtZnT9J35TP
qh1KBUrmsmpxJxO95kp00FtIoIfln+UyhnvW9hyRU0G+kW7Go+GvJ1X2o1WdtmaV
NRo4ELz4mzJrP8RoemDkCeVia4gsxUGAD9+qEF3xcfm+NY/15TLjPuo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org