Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CZhLBAhc-eD0hK7xJXvFZQ7PQ7A.roa
File: CZhLBAhc-eD0hK7xJXvFZQ7PQ7A.roa (raw, json)
Hash identifier: 62WZBcjtwpZXS29/lGYo5Cj6SnZM4QYIVL/gP0Bub9w=
Subject key identifier: 09:98:4B:04:08:5C:F9:E0:F4:84:AE:F1:25:7B:C5:65:0E:CF:43:B0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A4C90FC2603D450625ADA0355988D84AC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CZhLBAhc-eD0hK7xJXvFZQ7PQ7A.roa
Signing time: Thu 31 Aug 2023 17:08:04 +0000
ROA not before: Thu 31 Aug 2023 17:08:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.0.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.221.23.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.221.22.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 08:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:90:fc:26:03:d4:50:62:5a:da:03:55:98:8d:84:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 31 17:08:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09984b04085cf9e0f484aef1257bc5650ecf43b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ce:3a:fc:3f:fe:58:e1:38:2b:cb:ce:a8:10:
30:23:fa:ce:7d:2a:e0:b1:a6:39:b9:a3:df:89:eb:
42:d1:2e:0f:b4:ab:bc:dd:9f:52:6e:79:6b:f4:18:
7a:a2:99:1d:1a:81:25:98:0c:7a:af:6d:0c:2f:12:
62:4e:4f:90:72:4a:8a:67:3a:05:7a:66:fe:48:22:
fd:d5:93:f6:73:44:58:2d:0e:e2:f6:08:aa:aa:36:
ec:33:61:da:70:7a:b7:02:85:c0:3d:d7:4b:14:c7:
8f:13:2d:a3:90:1e:43:ae:28:88:f5:0d:bd:95:da:
7c:ef:15:d6:f1:1d:a8:32:8f:6f:29:63:15:e8:08:
13:6a:99:e8:73:89:00:79:f7:0f:35:23:ce:1e:3e:
40:81:e8:0c:fb:b3:ea:b0:22:d4:bb:ba:54:c0:ff:
c3:27:ee:18:ea:f9:7d:6c:a8:e1:e0:61:3c:d1:32:
bb:bd:80:0f:de:79:53:2a:35:e8:c2:95:68:83:da:
bd:55:c8:80:79:5b:77:43:0a:a1:07:b1:9e:6f:ee:
1f:6a:ce:b5:6d:9c:5f:53:43:df:20:cc:d5:05:3e:
85:1e:db:b1:fa:eb:4a:37:c4:a8:b3:8f:3c:7c:2f:
62:95:48:fa:99:59:ad:7d:44:22:e8:7e:f5:56:ac:
21:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:98:4B:04:08:5C:F9:E0:F4:84:AE:F1:25:7B:C5:65:0E:CF:43:B0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CZhLBAhc-eD0hK7xJXvFZQ7PQ7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.210.232.0/24
185.220.249.0/24
185.221.20.0/24
185.221.22.0/23
185.222.29.0/24
185.223.80.0/24
185.223.83.0/24
185.225.0.0/23
185.225.20.0/24
185.225.22.0/24
185.226.106.0/24
185.227.145.0/24
185.228.75.0/24
185.246.115.0/24
185.251.229.0/24
185.251.231.0/24
193.58.144.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:e2:8c:33:94:f7:c6:58:26:10:ce:d1:c3:9e:fd:e6:dd:d6:
b8:b7:08:bd:73:ae:bf:82:ef:b6:f7:c1:d5:bd:c5:ab:b2:96:
1b:c4:58:d7:b8:e4:6c:93:cc:e4:1e:e9:fb:12:28:70:d4:13:
c9:17:ed:23:35:4c:9d:25:dd:2f:56:1c:53:51:05:9e:cb:dc:
8d:9d:ba:44:97:2b:0d:c4:9e:28:c2:e3:2e:f2:02:38:cd:c0:
e4:2d:96:27:03:6c:9b:d6:8b:88:7c:35:8a:8e:07:f7:47:5a:
a6:63:ad:4e:c2:c6:dd:7c:ed:e5:a1:08:b1:35:bc:bb:cd:d5:
af:8e:27:11:43:d5:ec:cf:d1:64:ff:11:ee:3d:0f:e4:78:5f:
bd:0d:56:56:4f:f6:8a:38:bd:bf:e8:be:06:50:a9:c2:22:97:
b0:ae:e8:25:c0:a6:b8:57:fb:65:54:c4:17:fa:bf:d3:ec:5c:
c0:23:5b:19:28:93:b2:c6:c2:fe:c9:35:af:b1:d5:ed:00:9d:
74:b1:e1:6e:4e:a4:ea:f2:6b:57:a2:8e:1f:de:f7:4e:eb:d7:
1c:23:4a:ac:21:3a:a9:71:c4:22:a4:e3:bc:08:c7:31:77:b3:
66:8b:cf:64:2c:1c:c8:42:c4:09:10:42:b0:3c:50:e9:14:a9:
d2:9a:14:15
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYpMkPwmA9RQYlraA1WYjYSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODMxMTcwODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk4NGIwNDA4NWNmOWUwZjQ4NGFlZjEyNTdiYzU2NTBlY2Y0M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc46/D/+WOE4K8vOqBAwI/rOfSrg
saY5uaPfietC0S4PtKu83Z9Sbnlr9Bh6opkdGoElmAx6r20MLxJiTk+QckqKZzoF
emb+SCL91ZP2c0RYLQ7i9giqqjbsM2HacHq3AoXAPddLFMePEy2jkB5DriiI9Q29
ldp87xXW8R2oMo9vKWMV6AgTapnoc4kAefcPNSPOHj5AgegM+7PqsCLUu7pUwP/D
J+4Y6vl9bKjh4GE80TK7vYAP3nlTKjXowpVog9q9VciAeVt3QwqhB7Geb+4fas61
bZxfU0PfIMzVBT6FHtux+utKN8Sos488fC9ilUj6mVmtfUQi6H71VqwhUQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFAmYSwQIXPng9ISu8SV7xWUOz0OwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ1poTEJBaGMtZUQwaEs3eEpYdkZaUTdQUTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALQgV
AwQALZPgAwQAudLoAwQAudz5AwQAud0UAwQBud0WAwQAud4dAwQAud9QAwQAud9T
AwQBueEAAwQAueEUAwQAueEWAwQAueJqAwQAueORAwQAueRLAwQAufZzAwQAufvl
AwQAufvnAwQAwTqQAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQA84owzlPfGWCYQ
ztHDnv3m3da4twi9c66/gu+298HVvcWrspYbxFjXuORsk8zkHun7Eihw1BPJF+0j
NUydJd0vVhxTUQWey9yNnbpElysNxJ4owuMu8gI4zcDkLZYnA2yb1ouIfDWKjgf3
R1qmY61OwsbdfO3loQixNby7zdWvjicRQ9Xsz9Fk/xHuPQ/keF+9DVZWT/aKOL2/
6L4GUKnCIpewruglwKa4V/tlVMQX+r/T7FzAI1sZKJOyxsL+yTWvsdXtAJ10seFu
TqTq8mtXoo4f3vdO69ccI0qsITqpccQipOO8CMcxd7Nmi89kLBzIQsQJEEKwPFDp
FKnSmhQV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org