Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DdRKaZthiJZ-Rb19EMHGsUbJZPM.roa
File: DdRKaZthiJZ-Rb19EMHGsUbJZPM.roa (raw, json)
Hash identifier: 4u7fpVSiO8BuAuWMM0Uz53y1MdKvCAJF+WPYLAnmV7Y=
Subject key identifier: 0D:D4:4A:69:9B:61:88:96:7E:45:BD:7D:10:C1:C6:B1:46:C9:64:F3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DC8FBC7E6CB5780E05F416671E77BB6F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DdRKaZthiJZ-Rb19EMHGsUbJZPM.roa
Signing time: Wed 21 Feb 2024 00:06:00 +0000
ROA not before: Wed 21 Feb 2024 00:06:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.230.65.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 08:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c8:fb:c7:e6:cb:57:80:e0:5f:41:66:71:e7:7b:b6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 21 00:06:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dd44a699b6188967e45bd7d10c1c6b146c964f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:30:13:d0:dc:81:b2:b5:2d:23:5f:40:e8:86:
cd:9a:1d:83:89:41:2a:1a:11:27:46:ff:4d:4a:59:
fa:e7:df:f3:a2:66:4b:3d:23:f5:c0:63:43:4d:8f:
c1:9f:a7:af:c5:9b:85:83:66:f6:78:76:b7:bd:32:
c4:51:11:e1:b3:0a:fd:ce:dc:9c:c1:e7:72:69:66:
f4:72:42:f7:eb:e6:51:3f:cb:12:84:4d:de:b4:bb:
17:38:3e:8a:b7:85:53:2b:14:fd:0a:d8:bb:0a:bd:
a6:f4:f3:34:ca:f4:e3:92:89:4c:cf:78:a3:2f:6c:
a5:82:c9:91:c3:4b:83:ff:e0:43:06:f0:80:c1:4f:
5c:f7:e9:1c:b8:1e:a8:84:86:b0:d5:77:7b:bb:01:
99:34:20:1b:2e:f2:a7:19:4e:75:df:54:3d:7d:b3:
df:cf:1c:27:90:f4:de:df:0c:ff:97:59:8f:0b:c9:
a4:b6:40:bb:0e:48:3a:07:81:2f:47:14:e4:f5:c4:
f7:fc:49:8d:4d:93:f7:c4:19:52:f2:87:b0:de:40:
9e:46:ab:1c:dc:7c:c7:4f:25:b7:8e:db:9e:fd:d5:
9f:f4:6d:63:bc:a7:ea:28:91:28:90:4f:0b:cc:0d:
85:77:c6:2f:69:8f:69:c9:f5:7c:ce:11:6c:53:ae:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D4:4A:69:9B:61:88:96:7E:45:BD:7D:10:C1:C6:B1:46:C9:64:F3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DdRKaZthiJZ-Rb19EMHGsUbJZPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.230.65.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:1f:e0:36:f8:f1:ef:ed:7d:66:c1:ad:c1:2c:5c:e4:0a:68:
39:18:46:ad:13:d1:8e:1e:a0:4f:86:0c:fd:85:fc:82:7f:4e:
86:17:c3:e5:89:9b:be:6d:40:ae:c3:49:59:e4:5c:f9:95:c6:
51:56:c9:35:fa:d2:a7:87:a0:7c:3d:00:0a:69:bd:70:40:21:
47:17:aa:f0:4b:d6:51:63:f5:ac:51:66:74:f8:d7:c4:4b:f2:
c4:c0:e5:ae:00:de:f1:64:96:18:13:b1:5d:b6:1a:d1:04:50:
fd:ea:1f:63:cd:c6:ef:4c:79:d7:65:aa:ca:cf:c0:0f:48:96:
d5:c5:af:17:eb:5c:a6:27:23:4b:ad:e0:5a:6a:4b:27:48:bb:
fe:62:78:4a:aa:e4:b9:0c:0f:93:49:1d:20:07:bc:5f:4d:cf:
a0:8d:0d:45:1a:db:ad:8b:23:93:2f:7b:5d:c1:d2:de:0a:22:
1f:ad:46:d5:a8:af:86:ad:ea:fc:c4:d5:0e:3d:f9:15:d1:05:
ca:d2:d3:fb:f7:2e:b9:19:1f:67:a3:10:da:36:6d:e0:34:27:
e2:16:d6:08:e2:ff:bc:f1:be:30:27:32:5e:8b:f0:45:9b:36:
ce:b3:49:64:3b:a2:15:a7:89:7f:de:a4:87:26:c9:73:97:d4:
e4:d9:6f:16
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3I+8fmy1eA4F9BZnHne7byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjIxMDAwNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ0NGE2OTliNjE4ODk2N2U0NWJkN2QxMGMxYzZiMTQ2Yzk2NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTAT0NyBsrUtI19A6IbNmh2DiUEq
GhEnRv9NSln659/zomZLPSP1wGNDTY/Bn6evxZuFg2b2eHa3vTLEURHhswr9ztyc
wedyaWb0ckL36+ZRP8sShE3etLsXOD6Kt4VTKxT9Cti7Cr2m9PM0yvTjkolMz3ij
L2ylgsmRw0uD/+BDBvCAwU9c9+kcuB6ohIaw1Xd7uwGZNCAbLvKnGU5131Q9fbPf
zxwnkPTe3wz/l1mPC8mktkC7Dkg6B4EvRxTk9cT3/EmNTZP3xBlS8oew3kCeRqsc
3HzHTyW3jtue/dWf9G1jvKfqKJEokE8LzA2Fd8YvaY9pyfV8zhFsU64vBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA3USmmbYYiWfkW9fRDBxrFGyWTzMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRGRSS2FadGhpSlotUmIxOUVNSEdzVWJKWlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAueZBAwQAufvlAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBvH+A2+PHv7X1mwa3BLFzkCmg5GEatE9GOHqBPhgz9hfyCf06G
F8PliZu+bUCuw0lZ5Fz5lcZRVsk1+tKnh6B8PQAKab1wQCFHF6rwS9ZRY/WsUWZ0
+NfES/LEwOWuAN7xZJYYE7FdthrRBFD96h9jzcbvTHnXZarKz8APSJbVxa8X61ym
JyNLreBaaksnSLv+YnhKquS5DA+TSR0gB7xfTc+gjQ1FGtutiyOTL3tdwdLeCiIf
rUbVqK+Grer8xNUOPfkV0QXK0tP79y65GR9noxDaNm3gNCfiFtYI4v+88b4wJzJe
i/BFmzbOs0lkO6IVp4l/3qSHJslzl9Tk2W8W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org