Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ApNKK5t8E6hc4gYi1OnskcaEKyM.roa
File: ApNKK5t8E6hc4gYi1OnskcaEKyM.roa (raw, json)
Hash identifier: RSI0xwvZ4/+rthK1DHqtFuL3dxu1nIPFroYyAKe6DjU=
Subject key identifier: 02:93:4A:2B:9B:7C:13:A8:5C:E2:06:22:D4:E9:EC:91:C6:84:2B:23
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01914FDD77346F63A74DB7A4CFF0345520EF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ApNKK5t8E6hc4gYi1OnskcaEKyM.roa
Signing time: Wed 14 Aug 2024 07:49:59 +0000
ROA not before: Wed 14 Aug 2024 07:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 09:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:dd:77:34:6f:63:a7:4d:b7:a4:cf:f0:34:55:20:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 14 07:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02934a2b9b7c13a85ce20622d4e9ec91c6842b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:69:26:9c:25:2a:b5:53:5f:39:95:91:1e:d6:
57:bd:bb:b0:af:3d:14:85:ef:0a:c9:1e:cb:c5:26:
91:9a:db:5c:a4:94:43:3a:9c:41:b8:25:31:2d:c1:
10:ac:26:cb:c1:a9:a4:23:56:09:87:42:73:a8:93:
10:35:2e:b2:e4:25:d7:a9:ce:1f:aa:26:57:11:41:
0d:7e:f4:65:f8:be:2e:9c:0f:d3:23:79:34:f2:99:
69:c2:2d:04:d5:10:1d:82:ba:98:5b:1c:52:bd:1d:
45:11:6c:1f:33:b3:c7:cf:20:ab:24:ec:89:4f:33:
c7:b6:f6:28:82:10:5f:06:2b:87:53:3a:a4:a3:a8:
f4:e6:8b:44:b2:8e:bd:f7:01:68:63:be:95:3c:3a:
5a:d6:76:7a:d2:ef:49:8b:0a:75:73:ed:95:2e:65:
78:01:60:45:39:5f:ed:44:d0:25:07:fd:f9:9e:ba:
77:e7:46:f9:72:6f:f4:92:23:43:37:0b:2d:6d:6f:
85:01:44:c8:47:f9:ff:ef:9b:f6:6a:c2:61:48:f5:
32:38:93:2a:bc:5d:49:4b:77:56:9d:b5:17:43:34:
04:29:55:0c:4d:0c:6f:d9:dd:7d:7f:85:de:84:66:
00:75:a3:d4:75:49:56:b3:ce:bd:da:60:3f:95:25:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:93:4A:2B:9B:7C:13:A8:5C:E2:06:22:D4:E9:EC:91:C6:84:2B:23
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ApNKK5t8E6hc4gYi1OnskcaEKyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:74:e5:cb:e1:6a:f6:7b:ff:70:4b:e0:8f:9a:5c:a0:f4:89:
97:6b:ee:f4:bb:65:92:57:5d:05:82:a4:10:2e:f2:a2:d7:c2:
e9:51:44:f6:7a:3c:fb:8e:84:f6:33:29:a4:c0:01:e9:1a:08:
95:7d:45:38:dc:39:5b:7b:24:19:31:72:d8:67:4f:8a:1e:50:
d4:31:97:5b:8c:53:4c:88:75:f0:b2:72:67:b2:1b:4e:83:4d:
03:24:3c:4b:3e:dd:fa:15:f5:1c:80:a2:d0:4d:46:ba:27:ce:
11:e5:ed:fc:d8:50:f8:89:81:54:81:31:05:78:0c:8f:40:40:
c3:35:19:81:fc:a3:32:87:64:fa:86:97:83:b7:b7:1d:ed:62:
0b:98:56:3a:ed:5b:9e:7e:48:bd:0f:51:e6:9a:56:c3:ff:5a:
14:f2:03:f5:3f:9e:ef:8d:52:42:2e:57:9a:d0:90:18:bb:3f:
39:9c:f4:9f:38:23:66:15:81:54:d3:86:33:f8:32:2e:c2:30:
e7:1e:0f:ca:48:8d:00:8c:ff:9c:9f:55:4d:36:5d:6c:c8:05:
8d:4c:e6:2f:02:de:96:3b:bb:9a:3f:7a:49:df:2c:10:c2:d9:
ca:9d:39:76:9a:be:22:e6:f0:86:21:dc:22:5a:ec:d4:92:c7:
8c:81:46:2a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFP3Xc0b2OnTbekz/A0VSDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODE0MDc0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjkzNGEyYjliN2MxM2E4NWNlMjA2MjJkNGU5ZWM5MWM2ODQyYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02kmnCUqtVNfOZWRHtZXvbuwrz0U
he8KyR7LxSaRmttcpJRDOpxBuCUxLcEQrCbLwamkI1YJh0JzqJMQNS6y5CXXqc4f
qiZXEUENfvRl+L4unA/TI3k08plpwi0E1RAdgrqYWxxSvR1FEWwfM7PHzyCrJOyJ
TzPHtvYoghBfBiuHUzqko6j05otEso699wFoY76VPDpa1nZ60u9Jiwp1c+2VLmV4
AWBFOV/tRNAlB/35nrp350b5cm/0kiNDNwstbW+FAUTIR/n/75v2asJhSPUyOJMq
vF1JS3dWnbUXQzQEKVUMTQxv2d19f4XehGYAdaPUdUlWs8692mA/lSXtHQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAKTSiubfBOoXOIGItTp7JHGhCsjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQXBOS0s1dDhFNmhjNGdZaTFPbnNrY2FFS3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBqdOXL4Wr2e/9wS+CPmlyg9ImXa+70u2WSV10FgqQQLvKi18Lp
UUT2ejz7joT2MymkwAHpGgiVfUU43DlbeyQZMXLYZ0+KHlDUMZdbjFNMiHXwsnJn
shtOg00DJDxLPt36FfUcgKLQTUa6J84R5e382FD4iYFUgTEFeAyPQEDDNRmB/KMy
h2T6hpeDt7cd7WILmFY67Vuefki9D1HmmlbD/1oU8gP1P57vjVJCLlea0JAYuz85
nPSfOCNmFYFU04Yz+DIuwjDnHg/KSI0AjP+cn1VNNl1syAWNTOYvAt6WO7uaP3pJ
3ywQwtnKnTl2mr4i5vCGIdwiWuzUkseMgUYq
-----END CERTIFICATE-----
Generated at Tue Aug 20 13:32:11 2024 by rpki-client on console-ams.rpki-client.org