Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CB9tGz1L8k-hVLZcqk9s-2568cE.roa
File: CB9tGz1L8k-hVLZcqk9s-2568cE.roa (raw, json)
Hash identifier: ohg3pfdM5H8D3kQLhtXHJFkHveE7hbXSvyeOsv2m6b4=
Subject key identifier: 08:1F:6D:1B:3D:4B:F2:4F:A1:54:B6:5C:AA:4F:6C:FB:6E:7A:F1:C1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D1BB7927914139D99AC3FECDF8F1A7CCF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CB9tGz1L8k-hVLZcqk9s-2568cE.roa
Signing time: Thu 18 Jan 2024 08:37:11 +0000
ROA not before: Thu 18 Jan 2024 08:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 185.223.83.0/24 maxlen: 24
185.230.66.0/24 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:b7:92:79:14:13:9d:99:ac:3f:ec:df:8f:1a:7c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 18 08:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=081f6d1b3d4bf24fa154b65caa4f6cfb6e7af1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ec:70:9d:a3:a5:85:60:dc:23:11:97:ab:26:
a1:9d:66:cb:95:14:51:4f:86:b7:45:d1:02:0d:c3:
1a:cb:d4:4b:82:56:ad:a5:71:46:77:a6:77:32:4c:
b7:93:f4:e6:88:ed:4e:bc:a5:7e:96:a9:6c:44:2b:
c2:7f:d6:15:09:36:5c:70:1b:85:0f:48:81:52:16:
00:68:f4:42:9c:71:4b:7e:6a:dc:20:e5:45:6a:a2:
38:b7:b5:a6:cf:e9:70:b5:49:78:25:90:4d:a8:c8:
35:e7:e1:63:eb:06:29:d1:97:a3:08:88:d9:4e:a0:
c8:9f:ad:5d:5a:c6:96:1d:96:7b:e1:5f:17:90:4e:
e1:44:a4:67:e0:37:5d:9c:45:60:82:54:8a:ee:a2:
f0:1d:a1:28:22:c5:62:b0:67:aa:03:c0:27:9a:61:
3e:5b:6b:86:d5:1d:19:f9:06:dd:97:65:63:33:77:
fe:34:f4:f0:76:6d:a0:17:c0:50:7d:0f:aa:dd:b0:
88:e8:bc:d5:9c:af:39:b2:5c:ec:00:df:68:dd:99:
bd:db:04:39:2a:72:72:12:b8:25:f4:62:2d:fc:df:
88:3d:2d:17:3e:1b:b8:9d:c1:67:9b:c8:da:9c:6f:
e2:e6:f2:83:99:65:07:26:fa:d9:f0:bc:e1:f5:0c:
72:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1F:6D:1B:3D:4B:F2:4F:A1:54:B6:5C:AA:4F:6C:FB:6E:7A:F1:C1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CB9tGz1L8k-hVLZcqk9s-2568cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.83.0/24
185.230.66.0/24
193.8.112.0/23
193.8.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:91:a4:67:fb:f1:ca:27:fb:8b:45:71:48:33:b1:0a:9c:07:
c1:b2:b7:d8:16:d4:47:2b:2f:32:92:f8:09:20:85:eb:45:3a:
16:19:41:0e:96:49:ad:12:32:46:dc:32:92:1f:6b:4c:ef:94:
1b:7d:9a:6d:40:4a:f0:b6:51:93:f5:09:85:90:77:3f:46:d7:
b8:1f:5c:02:05:09:27:11:17:74:5b:82:fa:b4:5a:b8:4d:51:
ef:e4:08:ce:5c:c1:94:47:21:f4:5e:d6:98:fa:87:e9:15:40:
27:5f:01:fc:fd:e3:92:b6:01:5f:d1:fd:df:14:73:a3:0b:10:
49:95:7f:55:7a:de:2b:80:5b:36:74:47:ea:c6:49:c5:c4:8f:
26:96:ff:1f:61:d5:cc:22:dd:0f:cc:09:4f:5e:a1:9f:e9:b2:
1e:63:df:b1:2a:57:13:a2:bf:8a:dc:e2:97:f9:15:e4:8d:fc:
1f:ff:5c:90:2b:2c:c7:e9:5a:01:f9:09:4f:4f:5c:fe:c2:11:
8e:ca:f9:7f:ed:07:91:09:c6:a7:59:02:13:65:46:be:2b:62:
f6:b2:98:a1:09:1c:1a:96:91:b9:fa:48:e8:4f:81:50:ec:27:
f1:95:66:2f:71:6e:7e:00:da:13:a1:6b:0b:aa:87:d1:53:95:
e7:88:62:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0bt5J5FBOdmaw/7N+PGnzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTE4MDgzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFmNmQxYjNkNGJmMjRmYTE1NGI2NWNhYTRmNmNmYjZlN2FmMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuxwnaOlhWDcIxGXqyahnWbLlRRR
T4a3RdECDcMay9RLglatpXFGd6Z3Mky3k/TmiO1OvKV+lqlsRCvCf9YVCTZccBuF
D0iBUhYAaPRCnHFLfmrcIOVFaqI4t7Wmz+lwtUl4JZBNqMg15+Fj6wYp0ZejCIjZ
TqDIn61dWsaWHZZ74V8XkE7hRKRn4DddnEVgglSK7qLwHaEoIsVisGeqA8AnmmE+
W2uG1R0Z+Qbdl2VjM3f+NPTwdm2gF8BQfQ+q3bCI6LzVnK85slzsAN9o3Zm92wQ5
KnJyErgl9GIt/N+IPS0XPhu4ncFnm8janG/i5vKDmWUHJvrZ8Lzh9QxyPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAgfbRs9S/JPoVS2XKpPbPtuevHBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ0I5dEd6MUw4ay1oVkxaY3FrOXMtMjU2OGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAud9TAwQA
ueZCAwQBwQhwAwQAwQhzMA0GCSqGSIb3DQEBCwUAA4IBAQB8kaRn+/HKJ/uLRXFI
M7EKnAfBsrfYFtRHKy8ykvgJIIXrRToWGUEOlkmtEjJG3DKSH2tM75QbfZptQErw
tlGT9QmFkHc/Rte4H1wCBQknERd0W4L6tFq4TVHv5AjOXMGURyH0XtaY+ofpFUAn
XwH8/eOStgFf0f3fFHOjCxBJlX9Vet4rgFs2dEfqxknFxI8mlv8fYdXMIt0PzAlP
XqGf6bIeY9+xKlcTor+K3OKX+RXkjfwf/1yQKyzH6VoB+QlPT1z+whGOyvl/7QeR
CcanWQITZUa+K2L2spihCRwalpG5+kjoT4FQ7CfxlWYvcW5+ANoToWsLqofRU5Xn
iGJ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org