Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/B7K3K7C7FKFe8zFJGiWvY4GcO9c.roa
File: B7K3K7C7FKFe8zFJGiWvY4GcO9c.roa (raw, json)
Hash identifier: +LPZndMXYNZbbdsR+UU4sVoFtiD8nE45WePKTIUyuYQ=
Subject key identifier: 07:B2:B7:2B:B0:BB:14:A1:5E:F3:31:49:1A:25:AF:63:81:9C:3B:D7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AF0F411244B2EACB1EBC591E9C5CE3C55
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/B7K3K7C7FKFe8zFJGiWvY4GcO9c.roa
Signing time: Mon 02 Oct 2023 15:14:01 +0000
ROA not before: Mon 02 Oct 2023 15:14:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.222.30.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
185.238.229.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 11:23:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:f4:11:24:4b:2e:ac:b1:eb:c5:91:e9:c5:ce:3c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 2 15:14:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07b2b72bb0bb14a15ef331491a25af63819c3bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3f:56:54:bb:0b:30:be:af:a0:83:58:40:02:
29:b0:2f:e0:87:bf:f2:36:fc:cd:fe:55:4f:5b:a6:
36:10:c4:12:a3:59:9e:18:f4:42:8f:7b:5b:3f:0c:
b0:7f:0b:c0:a1:77:89:82:6a:58:c5:45:1c:f6:f8:
84:d6:0f:36:04:e1:91:c3:72:ed:87:60:97:cf:8d:
83:77:93:3f:2b:00:d5:ed:24:82:ba:eb:f1:73:df:
ce:0b:18:eb:08:76:02:43:39:87:ea:da:73:d0:0f:
d4:3f:fc:07:75:79:88:c8:5e:3f:37:b7:09:1a:d9:
e4:b6:f2:c8:cf:a9:e5:4f:a9:ea:cd:8d:e9:6b:3f:
8e:31:bb:5c:10:7e:d0:e7:1d:65:dc:35:42:73:a5:
24:ba:a8:c3:74:31:a0:b6:67:71:00:ad:d1:40:58:
08:02:7a:31:d9:f0:d2:e6:07:3b:a7:cf:9a:52:ed:
ca:64:f2:db:65:9f:d2:10:98:15:67:3a:c7:15:e3:
df:5e:3f:db:6c:fb:73:fd:64:be:dc:29:53:94:8f:
04:aa:dc:86:89:9f:76:9f:b0:a5:c1:25:16:4a:ab:
ae:18:ed:b5:c6:fa:73:f7:61:0b:28:e6:a2:ad:68:
0b:58:d7:71:11:af:d9:f2:ca:3c:54:46:78:43:77:
64:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B2:B7:2B:B0:BB:14:A1:5E:F3:31:49:1A:25:AF:63:81:9C:3B:D7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/B7K3K7C7FKFe8zFJGiWvY4GcO9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/23
185.222.30.0/24
185.226.107.0/24
185.238.229.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
95:91:01:69:21:e2:ba:bc:82:a2:5e:b1:ce:51:60:db:0b:85:
ab:3d:da:80:8f:28:98:0e:e0:ee:55:85:66:ea:c5:94:8c:f9:
5f:e6:bb:76:f1:0b:0a:96:d4:42:cc:cc:b9:86:93:fe:f3:1e:
fa:07:40:3c:54:d1:09:25:9d:f4:0b:3e:68:b2:6c:7a:32:f2:
93:37:b1:d0:99:86:fd:92:85:fc:53:6f:e4:7d:37:80:74:07:
41:e8:0a:73:e7:9c:ff:53:2e:a1:84:b1:23:8a:35:cc:f6:98:
c7:17:7a:c8:1a:3f:5a:69:a2:d2:60:e4:3d:01:fd:e9:ce:9f:
68:14:20:f5:95:28:b3:3d:1b:1a:22:7f:d5:1e:21:db:82:b4:
c0:a3:3f:19:89:de:69:c5:69:67:29:ae:7e:50:89:69:b7:4b:
ed:78:96:f3:aa:50:e8:de:38:5d:95:be:0b:ce:34:be:34:5f:
ed:15:39:16:d7:e6:07:0c:af:0d:32:b1:77:43:3c:ca:11:99:
cb:25:4c:db:81:22:ed:ba:6f:69:42:e9:dc:7c:b3:e4:12:46:
37:0a:6d:e5:2a:d7:6b:9b:17:39:80:9b:78:1e:17:11:52:f9:
5f:b2:5b:8c:52:f9:70:42:79:3a:86:39:30:40:d3:74:44:d6:
f0:22:c0:fb
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYrw9BEkSy6ssevFkenFzjxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDAyMTUxNDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2IyYjcyYmIwYmIxNGExNWVmMzMxNDkxYTI1YWY2MzgxOWMzYmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj9WVLsLML6voINYQAIpsC/gh7/y
NvzN/lVPW6Y2EMQSo1meGPRCj3tbPwywfwvAoXeJgmpYxUUc9viE1g82BOGRw3Lt
h2CXz42Dd5M/KwDV7SSCuuvxc9/OCxjrCHYCQzmH6tpz0A/UP/wHdXmIyF4/N7cJ
GtnktvLIz6nlT6nqzY3paz+OMbtcEH7Q5x1l3DVCc6UkuqjDdDGgtmdxAK3RQFgI
Anox2fDS5gc7p8+aUu3KZPLbZZ/SEJgVZzrHFePfXj/bbPtz/WS+3ClTlI8EqtyG
iZ92n7ClwSUWSquuGO21xvpz92ELKOairWgLWNdxEa/Z8so8VEZ4Q3dkIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAeytyuwuxShXvMxSRolr2OBnDvXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQjdLM0s3QzdGS0ZlOHpGSkdpV3ZZNEdjTzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVoTAwQA
uSTMAwQBuc74AwQAud4eAwQAueJrAwQAue7lAwQBufB4AwQAufZzMA0GCSqGSIb3
DQEBCwUAA4IBAQCVkQFpIeK6vIKiXrHOUWDbC4WrPdqAjyiYDuDuVYVm6sWUjPlf
5rt28QsKltRCzMy5hpP+8x76B0A8VNEJJZ30Cz5osmx6MvKTN7HQmYb9koX8U2/k
fTeAdAdB6Apz55z/Uy6hhLEjijXM9pjHF3rIGj9aaaLSYOQ9Af3pzp9oFCD1lSiz
PRsaIn/VHiHbgrTAoz8Zid5pxWlnKa5+UIlpt0vteJbzqlDo3jhdlb4LzjS+NF/t
FTkW1+YHDK8NMrF3QzzKEZnLJUzbgSLtum9pQuncfLPkEkY3Cm3lKtdrmxc5gJt4
HhcRUvlfsluMUvlwQnk6hjkwQNN0RNbwIsD7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org