Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BIcfkUKPICMFtwLv0TH00wzszPo.roa
File: BIcfkUKPICMFtwLv0TH00wzszPo.roa (raw, json)
Hash identifier: CRVVcLLkhylcrgpPORoZFEJ40NC44zXa3hXNh4Jwkdw=
Subject key identifier: 04:87:1F:91:42:8F:20:23:05:B7:02:EF:D1:31:F4:D3:0C:EC:CC:FA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192422CDCB1CAE182076197E1678B0F8E97
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BIcfkUKPICMFtwLv0TH00wzszPo.roa
Signing time: Mon 30 Sep 2024 09:04:49 +0000
ROA not before: Mon 30 Sep 2024 09:04:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 11:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:2c:dc:b1:ca:e1:82:07:61:97:e1:67:8b:0f:8e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 30 09:04:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04871f91428f202305b702efd131f4d30cecccfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0b:89:66:c9:77:a3:95:59:bf:99:10:ab:b0:
1a:0c:fe:c6:e6:c7:79:e1:b2:ca:a2:45:0f:5a:93:
c5:d2:19:70:d7:29:b6:86:1f:b0:af:9c:f3:a3:b5:
fb:1e:cb:ff:8c:e4:8e:a9:62:45:b4:e0:b5:44:82:
83:97:10:c8:d2:de:f5:15:f2:b8:20:b6:0a:8a:cc:
b6:9e:3e:c4:39:0f:f6:13:6c:cd:d5:6f:e9:a8:18:
39:ad:6f:e8:8a:f3:a9:82:28:da:f3:65:47:58:30:
48:7d:ab:2d:33:10:c7:53:5c:37:90:d5:6a:ca:53:
94:bc:b9:a2:25:e3:79:34:78:ce:c1:02:0c:01:05:
b8:87:8c:89:71:70:f4:49:86:c1:12:e2:36:96:7a:
80:b5:22:66:db:d9:ab:c8:30:6b:d5:3a:25:40:39:
ff:10:42:fa:8a:0a:42:fa:8a:09:d5:52:06:59:c8:
c4:93:d5:8f:06:c2:4f:fa:e8:35:04:27:63:eb:52:
09:1d:c4:5d:73:d6:45:aa:1c:ce:e5:26:59:0b:4c:
f8:e0:1f:be:af:3e:91:04:81:7f:fd:e0:8f:fc:cc:
df:40:30:37:c1:3e:f0:e4:2d:8e:a7:14:a8:2f:61:
28:ad:d9:ae:1c:49:fc:1d:b9:45:da:e6:22:0b:06:
ed:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:87:1F:91:42:8F:20:23:05:B7:02:EF:D1:31:F4:D3:0C:EC:CC:FA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BIcfkUKPICMFtwLv0TH00wzszPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:df:c5:73:3a:85:23:de:8d:23:0c:f3:48:01:ce:c2:f8:41:
c4:6e:c0:b9:1c:e5:07:5a:dc:5d:f3:60:ab:de:3a:0a:74:69:
59:d4:0d:63:cb:6f:79:22:35:c5:8a:aa:c1:94:70:3d:26:29:
00:75:cf:2a:6f:01:4a:fb:90:8b:89:0a:2f:e7:8c:a1:3c:1f:
d8:57:55:76:ac:35:d0:89:18:d0:bb:82:66:3d:9b:e2:a7:cc:
b4:d3:11:f0:da:64:5b:9a:5a:75:cd:f0:24:0e:30:fa:28:65:
23:c1:00:4c:33:8b:a9:61:93:fa:e3:e9:d2:79:8b:b3:d3:48:
91:e1:1d:5d:6c:2d:c1:e3:07:ff:16:d9:03:5c:b4:77:8a:94:
1e:e8:77:58:fd:c9:42:e0:6c:9f:f9:cd:a9:66:74:17:53:3e:
54:34:eb:43:86:1f:47:d9:51:7d:2f:c4:5f:1d:1d:39:71:fc:
bd:d3:03:14:a5:54:b9:29:75:42:08:3a:03:2f:2c:07:96:b5:
64:e4:bb:d0:13:86:3a:5f:af:e7:41:76:42:02:ae:d7:15:b6:
29:88:50:a9:f7:04:b7:d6:51:06:e8:0d:30:74:10:ec:56:9f:
9c:dd:92:47:bf:fa:e9:81:d7:e0:d8:8b:9d:3e:97:fe:22:dd:
de:52:fc:de
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZJCLNyxyuGCB2GX4WeLD46XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwOTMwMDkwNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg3MWY5MTQyOGYyMDIzMDViNzAyZWZkMTMxZjRkMzBjZWNjY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwuJZsl3o5VZv5kQq7AaDP7G5sd5
4bLKokUPWpPF0hlw1ym2hh+wr5zzo7X7Hsv/jOSOqWJFtOC1RIKDlxDI0t71FfK4
ILYKisy2nj7EOQ/2E2zN1W/pqBg5rW/oivOpgija82VHWDBIfastMxDHU1w3kNVq
ylOUvLmiJeN5NHjOwQIMAQW4h4yJcXD0SYbBEuI2lnqAtSJm29mryDBr1TolQDn/
EEL6igpC+ooJ1VIGWcjEk9WPBsJP+ug1BCdj61IJHcRdc9ZFqhzO5SZZC0z44B++
rz6RBIF//eCP/MzfQDA3wT7w5C2OpxSoL2EordmuHEn8HblF2uYiCwbtbwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFASHH5FCjyAjBbcC79Ex9NMM7Mz6MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQkljZmtVS1BJQ01GdHdMdjBUSDAwd3pzelBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCuXkMAwQA
ucefAwQAuc74AwQAuc77AwQBudEkAwQAudFKAwQCudKYAwQAudpmAwQAud9MAwQA
ueECAwQAueJrAwQAueORAwQCueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3
DQEBCwUAA4IBAQBL38VzOoUj3o0jDPNIAc7C+EHEbsC5HOUHWtxd82Cr3joKdGlZ
1A1jy295IjXFiqrBlHA9JikAdc8qbwFK+5CLiQov54yhPB/YV1V2rDXQiRjQu4Jm
PZvip8y00xHw2mRbmlp1zfAkDjD6KGUjwQBMM4upYZP64+nSeYuz00iR4R1dbC3B
4wf/FtkDXLR3ipQe6HdY/clC4Gyf+c2pZnQXUz5UNOtDhh9H2VF9L8RfHR05cfy9
0wMUpVS5KXVCCDoDLywHlrVk5LvQE4Y6X6/nQXZCAq7XFbYpiFCp9wS31lEG6A0w
dBDsVp+c3ZJHv/rpgdfg2IudPpf+It3eUvze
-----END CERTIFICATE-----
Generated at Mon Oct 14 13:08:43 2024 by rpki-client on console-fra.rpki-client.org