Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AbbcHEbE6hNAfdqYCzdR-daBwTU.roa
File: AbbcHEbE6hNAfdqYCzdR-daBwTU.roa (raw, json)
Hash identifier: lJbnm2MflX0suMrkOAThVXbTnadTFR4VB5pltLNXZdE=
Subject key identifier: 01:B6:DC:1C:46:C4:EA:13:40:7D:DA:98:0B:37:51:F9:D6:81:C1:35
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192F6D40028A427F3BB7B063C2812D8A599
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AbbcHEbE6hNAfdqYCzdR-daBwTU.roa
Signing time: Mon 04 Nov 2024 10:59:01 +0000
ROA not before: Mon 04 Nov 2024 10:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.220.250.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 11:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:d4:00:28:a4:27:f3:bb:7b:06:3c:28:12:d8:a5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 4 10:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01b6dc1c46c4ea13407dda980b3751f9d681c135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:3d:b6:7c:9e:54:e2:9a:1c:a8:e6:d6:ac:
15:ee:b3:b3:2f:5a:6d:23:ab:76:d7:22:c9:98:bc:
b9:c7:ef:a7:b7:3b:96:52:50:ba:b0:85:e1:17:28:
6e:0e:c3:bf:7a:a4:ff:af:63:0c:ce:01:3e:aa:65:
87:a2:16:08:91:4e:7f:e1:8c:67:11:6e:79:c8:48:
e8:e2:59:1f:bb:c5:b4:01:f5:24:34:ba:52:72:27:
a5:32:13:43:21:c2:d9:50:3e:09:66:32:54:0d:19:
55:e6:c1:9c:43:3c:90:4f:2d:a8:98:7f:08:8a:66:
bd:3e:85:45:4a:3e:e9:b1:8d:dc:f9:83:47:e4:62:
cf:f6:51:31:71:6e:e1:44:39:92:db:91:d6:7c:ce:
03:26:f3:a8:d6:fd:06:a5:16:c8:7d:5e:b9:a9:d5:
fe:c9:69:94:db:3a:fb:a3:73:e4:3e:6e:e1:f8:af:
cf:f5:90:59:b7:da:8e:c1:f0:b3:a5:e4:a4:68:30:
fa:15:07:0d:f1:36:fb:43:0d:cf:1e:f2:aa:b8:0f:
7e:27:80:44:0c:a2:8a:ac:49:de:da:0c:31:9b:05:
ac:28:20:9b:39:9b:3e:76:6f:8c:5a:72:2a:64:67:
ed:57:05:3b:4f:6e:d0:b5:29:49:a7:cd:22:6a:59:
0a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B6:DC:1C:46:C4:EA:13:40:7D:DA:98:0B:37:51:F9:D6:81:C1:35
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AbbcHEbE6hNAfdqYCzdR-daBwTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
91:28:1b:c0:66:d9:19:d0:b6:c9:0e:22:07:35:4b:de:03:8c:
c4:7d:1a:19:d5:fb:43:cd:55:9f:7b:a2:d2:5d:94:43:8b:cb:
f9:2b:a3:dc:d5:89:14:c6:77:90:e4:be:20:1c:21:27:fe:b6:
b9:b2:06:94:41:be:9b:d0:ef:89:a8:51:76:93:dd:f9:18:0e:
26:55:f5:00:96:b8:8a:f1:ea:47:96:6d:eb:94:15:f6:ab:72:
c6:b5:33:2d:a5:20:7e:44:87:44:39:52:94:57:8d:83:a6:9d:
9b:53:c8:52:10:dd:88:fe:21:a2:da:5a:e0:2d:81:7c:e9:99:
fe:b2:f4:a7:45:94:e9:eb:49:aa:86:8e:50:de:16:60:e5:b8:
77:3f:90:d0:28:d8:87:d1:78:4b:c2:e3:e7:02:ed:6d:1e:fd:
57:db:ec:4d:c9:df:90:df:5a:41:9c:f0:46:7f:fc:37:cc:a3:
b7:36:9b:e1:7f:1a:77:74:99:ac:e5:32:c4:3e:f4:1a:03:6e:
39:5c:2c:1a:7d:c6:f4:8b:9b:b8:08:5b:a9:43:45:bd:40:86:
42:22:f6:8f:70:c6:df:a3:e2:1f:08:60:7f:08:38:31:64:44:
f1:33:63:7b:77:32:9e:ba:00:47:4d:c1:82:48:bf:c4:d4:31:
d1:9c:28:04
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZL21AAopCfzu3sGPCgS2KWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTA0MTA1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWI2ZGMxYzQ2YzRlYTEzNDA3ZGRhOTgwYjM3NTFmOWQ2ODFjMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE89tnyeVOKaHKjm1qwV7rOzL1pt
I6t21yLJmLy5x++ntzuWUlC6sIXhFyhuDsO/eqT/r2MMzgE+qmWHohYIkU5/4Yxn
EW55yEjo4lkfu8W0AfUkNLpScielMhNDIcLZUD4JZjJUDRlV5sGcQzyQTy2omH8I
ima9PoVFSj7psY3c+YNH5GLP9lExcW7hRDmS25HWfM4DJvOo1v0GpRbIfV65qdX+
yWmU2zr7o3PkPm7h+K/P9ZBZt9qOwfCzpeSkaDD6FQcN8Tb7Qw3PHvKquA9+J4BE
DKKKrEne2gwxmwWsKCCbOZs+dm+MWnIqZGftVwU7T27QtSlJp80ialkKfQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAG23BxGxOoTQH3amAs3UfnWgcE1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQWJiY0hFYkU2aE5BZmRxWUN6ZFItZGFCd1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQAudoUAwQAudplAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCRKBvAZtkZ0LbJDiIHNUveA4zEfRoZ1ftDzVWfe6LS
XZRDi8v5K6Pc1YkUxneQ5L4gHCEn/ra5sgaUQb6b0O+JqFF2k935GA4mVfUAlriK
8epHlm3rlBX2q3LGtTMtpSB+RIdEOVKUV42Dpp2bU8hSEN2I/iGi2lrgLYF86Zn+
svSnRZTp60mqho5Q3hZg5bh3P5DQKNiH0XhLwuPnAu1tHv1X2+xNyd+Q31pBnPBG
f/w3zKO3Npvhfxp3dJms5TLEPvQaA245XCwafcb0i5u4CFupQ0W9QIZCIvaPcMbf
o+IfCGB/CDgxZETxM2N7dzKeugBHTcGCSL/E1DHRnCgE
-----END CERTIFICATE-----
Generated at Tue Nov 5 16:38:35 2024 by rpki-client on console-fra.rpki-client.org