Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BaBtXSP_vWd4vULyHUDLFR9Q6Fs.roa
File: BaBtXSP_vWd4vULyHUDLFR9Q6Fs.roa (raw, json)
Hash identifier: oLH/EIPAaixt4JQQx9KfSLCZSV1F7uRzMvlOrKa1Rq4=
Subject key identifier: 05:A0:6D:5D:23:FF:BD:67:78:BD:42:F2:1D:40:CB:15:1F:50:E8:5B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D8E5F6F51EC2CCDA5016FFFD917922542
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BaBtXSP_vWd4vULyHUDLFR9Q6Fs.roa
Signing time: Fri 09 Feb 2024 14:57:15 +0000
ROA not before: Fri 09 Feb 2024 14:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.230.67.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.115.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 12:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:5f:6f:51:ec:2c:cd:a5:01:6f:ff:d9:17:92:25:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 9 14:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a06d5d23ffbd6778bd42f21d40cb151f50e85b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:ac:66:2a:4c:89:69:6f:ef:10:c6:a8:dc:
dd:2e:72:cd:44:89:0c:09:42:69:bf:6c:c4:43:06:
7f:f5:2c:5e:e5:3a:10:0f:44:22:b9:f8:77:02:0a:
bb:60:f5:40:81:39:93:ea:d3:c7:93:e9:9c:06:f3:
84:f2:25:cc:b1:4c:0b:68:26:51:48:d6:e9:19:3f:
76:ea:33:96:5a:88:75:12:25:eb:d9:16:3d:85:b3:
80:61:13:89:b6:84:e1:01:8a:10:fd:74:bf:64:52:
ed:7d:60:5b:84:b6:54:79:46:67:1a:72:52:23:42:
5a:37:0e:9b:eb:dd:dc:ac:0b:c2:ab:a0:0d:47:76:
bc:d7:df:2b:a9:01:a7:db:83:09:a3:59:74:ab:4e:
89:e9:78:a6:56:25:9a:69:c6:90:b5:48:37:a6:56:
6b:d5:d0:a7:bf:2f:fe:11:12:a2:ce:3b:aa:ea:8a:
27:89:04:05:f4:ad:ff:89:c2:c6:61:84:69:53:80:
ba:f2:98:5e:10:24:5c:49:5c:91:5c:97:fc:6e:e5:
e7:db:27:0f:9c:d1:ec:6d:db:47:69:88:35:19:9e:
a4:b1:3d:93:36:58:fe:c4:1d:21:ac:87:ba:7a:f5:
82:14:da:b3:22:69:b7:75:0e:10:47:58:50:1c:33:
0e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A0:6D:5D:23:FF:BD:67:78:BD:42:F2:1D:40:CB:15:1F:50:E8:5B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BaBtXSP_vWd4vULyHUDLFR9Q6Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.199.54.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.230.67.0/24
185.251.229.0/24
193.8.112.0/23
193.8.115.0/24
193.58.146.0/23
194.76.169.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:02:e6:2f:3a:7b:7d:b2:98:47:ed:80:fe:88:f0:2b:e3:42:
30:45:77:1d:75:a2:d6:df:1f:fe:b7:04:cf:00:af:80:19:0a:
01:0c:90:98:1a:01:05:14:34:55:29:2d:96:99:12:14:24:68:
09:ce:34:47:c7:bb:ef:a8:b5:6e:5c:78:94:b7:84:1f:a0:b8:
ab:14:b7:70:d8:b1:9a:db:9e:5d:01:75:20:d0:ea:85:10:5b:
88:ca:87:d0:96:37:6c:6f:87:da:b8:c5:d9:a2:07:01:1b:97:
2b:b6:63:32:2b:31:39:d4:e5:10:76:26:ae:83:7b:04:7b:da:
0d:d1:b9:c4:57:a9:7e:64:bc:23:73:51:a2:3f:c7:63:0a:94:
de:2f:92:ad:f3:60:c1:b9:92:28:6e:4e:b5:0f:16:ff:22:6e:
ab:f9:fc:19:82:2d:3d:9d:b3:90:0c:40:90:18:69:84:ab:cf:
b0:46:86:34:3c:14:f9:28:70:6f:9c:8e:0d:72:4a:9d:e1:30:
a8:b7:6c:58:f8:49:72:53:13:c4:df:92:4b:7b:f4:ce:e7:c4:
14:6e:db:13:1f:fe:7b:3c:d4:a8:4b:bd:ee:88:56:6b:19:be:
96:47:30:77:3f:a3:f5:9d:58:f7:c5:85:ee:ce:02:27:61:4e:
0a:c6:e3:a9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY2OX29R7CzNpQFv/9kXkiVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA5MTQ1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWEwNmQ1ZDIzZmZiZDY3NzhiZDQyZjIxZDQwY2IxNTFmNTBlODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXasZipMiWlv7xDGqNzdLnLNRIkM
CUJpv2zEQwZ/9Sxe5ToQD0Qiufh3Agq7YPVAgTmT6tPHk+mcBvOE8iXMsUwLaCZR
SNbpGT926jOWWoh1EiXr2RY9hbOAYROJtoThAYoQ/XS/ZFLtfWBbhLZUeUZnGnJS
I0JaNw6b693crAvCq6ANR3a8198rqQGn24MJo1l0q06J6XimViWaacaQtUg3plZr
1dCnvy/+ERKizjuq6ooniQQF9K3/icLGYYRpU4C68pheECRcSVyRXJf8buXn2ycP
nNHsbdtHaYg1GZ6ksT2TNlj+xB0hrIe6evWCFNqzImm3dQ4QR1hQHDMO3QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAWgbV0j/71neL1C8h1AyxUfUOhbMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQmFCdFhTUF92V2Q0dlVMeUhVRExGUjlRNkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQgVAwQA
ucc2AwQBudz6AwQAud9SAwQBueEAAwQBueOSAwQAueZDAwQAufvlAwQBwQhwAwQA
wQhzAwQBwTqSAwQAwkypMA0GCSqGSIb3DQEBCwUAA4IBAQBrAuYvOnt9sphH7YD+
iPAr40IwRXcddaLW3x/+twTPAK+AGQoBDJCYGgEFFDRVKS2WmRIUJGgJzjRHx7vv
qLVuXHiUt4QfoLirFLdw2LGa255dAXUg0OqFEFuIyofQljdsb4fauMXZogcBG5cr
tmMyKzE51OUQdiaug3sEe9oN0bnEV6l+ZLwjc1GiP8djCpTeL5Kt82DBuZIobk61
Dxb/Im6r+fwZgi09nbOQDECQGGmEq8+wRoY0PBT5KHBvnI4Nckqd4TCot2xY+Ely
UxPE35JLe/TO58QUbtsTH/57PNSoS73uiFZrGb6WRzB3P6P1nVj3xYXuzgInYU4K
xuOp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org