Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EhV0lovlQlDTLvz8e0Sth_9tq1c.roa
File: EhV0lovlQlDTLvz8e0Sth_9tq1c.roa (raw, json)
Hash identifier: 8m0gDptgrRLCHOcLgqJPCxiFkQ3iAic+JnaISk1d/j0=
Subject key identifier: 12:15:74:96:8B:E5:42:50:D3:2E:FC:FC:7B:44:AD:87:FF:6D:AB:57
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0190A6CA9C03946908C3B15347D13975F7E0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EhV0lovlQlDTLvz8e0Sth_9tq1c.roa
Signing time: Fri 12 Jul 2024 11:53:34 +0000
ROA not before: Fri 12 Jul 2024 11:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 11:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:ca:9c:03:94:69:08:c3:b1:53:47:d1:39:75:f7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 12 11:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=121574968be54250d32efcfc7b44ad87ff6dab57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:83:dc:29:01:d4:9e:b2:19:d2:81:ad:ae:53:
f4:e5:fe:ca:0c:0b:6a:be:dc:d4:de:f5:99:27:b8:
c6:b4:2d:f7:3a:01:a1:75:fc:5d:2e:0b:c2:c7:53:
4e:4d:bf:a9:da:07:73:bc:f3:57:52:81:d4:de:f4:
e3:e4:ee:f3:4d:98:4e:49:0f:f2:18:04:b6:2c:70:
25:56:e4:53:09:71:5f:e8:6f:94:2b:26:06:e8:1b:
2d:57:da:a9:2d:29:e5:4e:1c:f9:6f:9b:30:6d:49:
7c:61:4e:1c:23:fb:05:47:ed:88:15:5b:17:98:12:
b7:7f:09:c5:9e:2d:53:46:68:e1:1f:26:0e:d0:75:
b6:e7:fa:47:47:0d:3b:df:0a:1b:15:d1:2c:49:0d:
a5:18:59:1f:8d:12:62:a1:c9:20:da:76:14:eb:c9:
73:1d:c0:83:fd:06:14:43:97:10:a4:08:c7:c4:97:
8e:28:8f:f3:b8:e3:13:8b:74:70:19:76:c0:8d:a6:
29:8a:32:ca:3c:e3:6e:4b:dc:07:4d:6e:8e:09:bc:
a2:c7:0b:47:5e:79:bb:c6:31:c2:1c:85:c0:9f:5f:
51:e9:a1:a1:a5:06:fb:74:8a:0a:14:79:91:30:df:
79:54:b3:2d:bc:79:95:35:cc:ec:e8:71:28:8d:54:
9d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:15:74:96:8B:E5:42:50:D3:2E:FC:FC:7B:44:AD:87:FF:6D:AB:57
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/EhV0lovlQlDTLvz8e0Sth_9tq1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:8a:96:2a:48:a8:c5:f6:ee:7b:90:bd:83:3c:f3:88:39:03:
a5:5a:e2:3f:5e:00:f1:ac:3e:e0:bb:f4:41:3c:68:02:a7:93:
a5:12:07:74:eb:37:04:d0:50:9a:0b:85:6d:3a:3b:bc:d8:c5:
83:e6:c0:92:e3:fd:eb:2e:80:78:94:09:58:11:a4:da:01:ff:
3b:f5:55:ed:05:4f:0d:ff:dd:91:1a:3d:82:a9:9e:82:c2:2b:
38:6d:60:73:3c:9c:74:ba:cd:61:6c:cb:0a:c7:1b:84:e5:49:
9e:aa:5c:a8:30:c9:64:25:f2:77:89:02:6d:5a:4a:48:45:a1:
83:ca:f5:8a:23:c2:40:ad:a0:95:6c:24:58:a7:35:3e:f3:c3:
47:cf:74:a9:9a:8d:fd:aa:24:7a:bb:78:cf:e6:99:e5:28:e9:
0d:bc:ff:38:92:0d:29:77:43:37:49:dd:22:2f:d0:22:f1:9d:
c8:26:af:41:df:c3:6a:65:cb:80:e7:68:a8:42:90:32:90:63:
13:dc:3a:d7:30:f2:9f:87:77:ca:a4:ae:75:8f:14:bc:60:db:
c0:7c:c1:bd:8f:3c:40:9c:54:e2:b0:63:93:5e:33:a4:62:63:
8d:a5:e2:41:ed:1a:d9:75:f3:ad:4a:95:33:ec:8d:c4:26:22:
97:43:5a:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZCmypwDlGkIw7FTR9E5dffgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNzEyMTE1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjE1NzQ5NjhiZTU0MjUwZDMyZWZjZmM3YjQ0YWQ4N2ZmNmRhYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoPcKQHUnrIZ0oGtrlP05f7KDAtq
vtzU3vWZJ7jGtC33OgGhdfxdLgvCx1NOTb+p2gdzvPNXUoHU3vTj5O7zTZhOSQ/y
GAS2LHAlVuRTCXFf6G+UKyYG6BstV9qpLSnlThz5b5swbUl8YU4cI/sFR+2IFVsX
mBK3fwnFni1TRmjhHyYO0HW25/pHRw073wobFdEsSQ2lGFkfjRJiockg2nYU68lz
HcCD/QYUQ5cQpAjHxJeOKI/zuOMTi3RwGXbAjaYpijLKPONuS9wHTW6OCbyixwtH
Xnm7xjHCHIXAn19R6aGhpQb7dIoKFHmRMN95VLMtvHmVNczs6HEojVSdAQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBIVdJaL5UJQ0y78/HtErYf/batXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRWhWMGxvdmxRbERUTHZ6OGUwU3RoXzl0cTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAuipYqSKjF9u57kL2DPPOIOQOlWuI/XgDxrD7gu/RB
PGgCp5OlEgd06zcE0FCaC4VtOju82MWD5sCS4/3rLoB4lAlYEaTaAf879VXtBU8N
/92RGj2CqZ6Cwis4bWBzPJx0us1hbMsKxxuE5UmeqlyoMMlkJfJ3iQJtWkpIRaGD
yvWKI8JAraCVbCRYpzU+88NHz3Spmo39qiR6u3jP5pnlKOkNvP84kg0pd0M3Sd0i
L9Ai8Z3IJq9B38NqZcuA52ioQpAykGMT3DrXMPKfh3fKpK51jxS8YNvAfMG9jzxA
nFTisGOTXjOkYmONpeJB7RrZdfOtSpUz7I3EJiKXQ1pv
-----END CERTIFICATE-----
Generated at Mon Jul 15 13:08:14 2024 by rpki-client on console-fra.rpki-client.org