Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CMSH6Ir4eE7O3RNBicGYFNv_82U.roa
File: CMSH6Ir4eE7O3RNBicGYFNv_82U.roa (raw, json)
Hash identifier: tgxBvbnxOuhdkQhgmIh9v7IJGdckri8L9+/AqCwd4LU=
Subject key identifier: 08:C4:87:E8:8A:F8:78:4E:CE:DD:13:41:89:C1:98:14:DB:FF:F3:65
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188E501BD3381A885308D70D3939CBCD7F0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CMSH6Ir4eE7O3RNBicGYFNv_82U.roa
Signing time: Thu 22 Jun 2023 21:27:56 +0000
ROA not before: Thu 22 Jun 2023 21:27:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 185.222.29.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
45.8.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jul 2023 08:59:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e5:01:bd:33:81:a8:85:30:8d:70:d3:93:9c:bc:d7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 22 21:27:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08c487e88af8784ecedd134189c19814dbfff365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:38:da:71:13:1f:41:b2:7a:d9:ee:15:e9:94:
ae:a6:62:14:32:bb:3e:d5:99:69:6d:2f:ee:7b:f3:
3a:ee:c5:23:ac:34:49:82:b4:cc:2a:5f:e3:85:a1:
81:ab:c0:33:4e:43:db:95:67:e0:4a:f0:6e:01:d1:
10:6d:02:34:5f:c7:77:3f:b3:86:99:38:d3:b9:22:
a1:12:12:cb:ce:7f:fd:b2:06:40:d2:da:f5:69:7a:
08:7e:53:b0:8c:10:7f:6b:c2:1d:b7:43:86:c5:bb:
bd:aa:e6:1a:8c:04:de:c7:cd:d5:be:80:2d:11:a8:
2f:ee:49:ca:43:0f:82:43:5a:1c:4a:ff:80:82:03:
f6:ab:65:bc:f3:9f:85:2d:c3:81:df:74:59:91:92:
a5:3a:a0:5b:a5:b1:b4:a7:10:84:05:b0:c6:79:5b:
0e:fa:44:c1:1e:78:ec:ac:fe:cc:c3:9d:c6:e4:02:
56:4c:45:b3:3a:a1:bd:5a:4f:f4:a7:5e:91:9c:bb:
dc:40:0d:7b:d7:b9:4a:5b:10:69:5c:e2:d1:e9:fe:
e7:b1:28:4f:2d:f4:8b:a6:87:ee:29:9b:8a:5c:2e:
37:cf:e4:0f:e0:62:a4:6a:3d:49:58:52:48:7c:d1:
43:30:9c:b6:94:f6:5a:81:c6:fe:43:50:58:fd:c9:
e7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C4:87:E8:8A:F8:78:4E:CE:DD:13:41:89:C1:98:14:DB:FF:F3:65
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CMSH6Ir4eE7O3RNBicGYFNv_82U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.22.0/24
185.220.249.0/24
185.222.29.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b1:af:ee:ae:74:5a:93:23:04:f8:83:3c:16:f6:73:8a:c7:
bd:2a:bb:ae:85:f2:0d:46:1e:03:dd:4b:be:4b:8c:96:d4:c0:
34:c3:d1:8b:5a:56:57:f6:82:35:4c:08:a8:c4:54:d5:32:e4:
6c:40:ce:70:3f:7b:c5:7e:5d:2e:a3:34:81:c8:64:cf:de:14:
64:3d:44:3a:aa:22:6a:69:8e:86:6f:0b:0a:df:43:0d:72:f3:
45:b0:4e:79:01:bb:9c:57:67:8e:a2:f4:2c:59:dd:18:69:18:
ec:e8:08:c7:b2:a0:b8:2c:34:6f:6f:f0:5c:f4:76:35:20:19:
11:29:f0:a2:d8:77:3a:61:65:30:a8:77:b3:e7:c3:da:7b:a9:
36:30:79:74:fd:79:2f:a8:53:c7:c6:ca:85:e1:2a:57:32:1c:
e0:66:52:62:09:26:3d:b4:54:06:ba:62:da:da:55:cb:a4:0b:
ae:6a:57:b8:a1:0b:32:bf:f0:a3:81:a2:4f:da:6c:6e:45:b6:
67:a2:64:12:9c:fd:ec:0d:3b:d9:0c:53:19:fe:c0:30:6b:37:
e9:16:e3:92:2c:84:bc:68:c2:2b:a3:ed:ec:d0:da:cf:f9:08:
8f:80:19:85:7b:56:eb:0c:cd:e5:8e:93:df:ef:de:37:3b:62:
7c:da:38:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjlAb0zgaiFMI1w05OcvNfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjIyMjEyNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM0ODdlODhhZjg3ODRlY2VkZDEzNDE4OWMxOTgxNGRiZmZmMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjjacRMfQbJ62e4V6ZSupmIUMrs+
1ZlpbS/ue/M67sUjrDRJgrTMKl/jhaGBq8AzTkPblWfgSvBuAdEQbQI0X8d3P7OG
mTjTuSKhEhLLzn/9sgZA0tr1aXoIflOwjBB/a8Idt0OGxbu9quYajATex83VvoAt
Eagv7knKQw+CQ1ocSv+AggP2q2W885+FLcOB33RZkZKlOqBbpbG0pxCEBbDGeVsO
+kTBHnjsrP7Mw53G5AJWTEWzOqG9Wk/0p16RnLvcQA1717lKWxBpXOLR6f7nsShP
LfSLpofuKZuKXC43z+QP4GKkaj1JWFJIfNFDMJy2lPZagcb+Q1BY/cnnJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjEh+iK+HhOzt0TQYnBmBTb//NlMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ01TSDZJcjRlRTdPM1JOQmljR1lGTnZfODJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQgWAwQA
udz5AwQAud4dMA0GCSqGSIb3DQEBCwUAA4IBAQB1sa/urnRakyME+IM8FvZzise9
KruuhfINRh4D3Uu+S4yW1MA0w9GLWlZX9oI1TAioxFTVMuRsQM5wP3vFfl0uozSB
yGTP3hRkPUQ6qiJqaY6GbwsK30MNcvNFsE55AbucV2eOovQsWd0YaRjs6AjHsqC4
LDRvb/Bc9HY1IBkRKfCi2Hc6YWUwqHez58Pae6k2MHl0/XkvqFPHxsqF4SpXMhzg
ZlJiCSY9tFQGumLa2lXLpAuuale4oQsyv/CjgaJP2mxuRbZnomQSnP3sDTvZDFMZ
/sAwazfpFuOSLIS8aMIro+3s0NrP+QiPgBmFe1brDM3ljpPf7943O2J82jiB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org