Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FeY9izFh9yN0xVG6hKR36sAy8PI.roa
File: FeY9izFh9yN0xVG6hKR36sAy8PI.roa (raw, json)
Hash identifier: xESqZoGDcie6GYyNm5ZpXaTd/1qIZwiPhQ4z559fyHA=
Subject key identifier: 15:E6:3D:8B:31:61:F7:23:74:C5:51:BA:84:A4:77:EA:C0:32:F0:F2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CD0596446671B21964579893913E10063
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FeY9izFh9yN0xVG6hKR36sAy8PI.roa
Signing time: Wed 03 Jan 2024 17:22:48 +0000
ROA not before: Wed 03 Jan 2024 17:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.210.234.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 11:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:59:64:46:67:1b:21:96:45:79:89:39:13:e1:00:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 3 17:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15e63d8b3161f72374c551ba84a477eac032f0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:2b:c6:0e:a5:19:2d:45:f5:eb:d3:33:93:
bd:fc:4c:a6:dd:b8:80:52:6a:eb:53:df:d5:bc:0f:
34:6a:ea:31:8b:21:50:14:90:df:81:be:f7:92:82:
48:a9:bb:a9:09:4d:24:49:ca:f6:87:58:2f:ba:71:
12:6a:b2:05:c1:98:f1:9a:c9:8a:19:5d:8d:38:bc:
b5:d6:75:85:56:97:0d:c1:d9:32:0d:64:ef:bb:86:
74:1b:b4:d6:63:06:1d:ca:79:26:76:f8:bd:56:b5:
de:d7:55:96:83:11:b4:7a:23:52:0c:7b:bf:27:19:
f1:10:d2:69:61:aa:ad:61:9c:b1:6c:94:92:9e:9d:
f9:97:b8:18:bc:31:32:4d:17:46:36:bb:f0:6d:90:
34:a9:48:9f:32:13:c6:e5:de:d7:00:79:22:a8:a4:
7f:6b:a0:16:14:39:47:1d:d6:f3:2f:5e:52:82:d7:
87:07:52:6c:0c:de:db:ec:9e:6f:66:21:4d:f5:75:
5f:91:97:f7:5a:0a:de:88:f6:a7:23:49:b3:5b:70:
d3:85:8d:45:d7:de:52:c0:17:3e:71:8e:fb:82:03:
2a:cc:e6:dd:bb:f6:84:2b:b1:81:ad:45:09:1c:b0:
2b:9d:a8:91:a9:e9:b8:b5:bf:0d:2c:73:4d:52:04:
7f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:E6:3D:8B:31:61:F7:23:74:C5:51:BA:84:A4:77:EA:C0:32:F0:F2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FeY9izFh9yN0xVG6hKR36sAy8PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.210.234.0/24
185.220.249.0-185.220.251.255
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
41:6f:55:fa:a8:85:69:bf:70:9c:6c:3b:2f:9e:4e:c7:8c:1b:
a4:8d:5f:ff:51:e2:c4:e1:00:1f:01:c0:2e:f1:8d:f7:51:0a:
bf:a2:29:e4:d4:c8:7e:39:f3:c1:4c:fa:4b:57:ce:bd:34:c8:
7e:a6:d1:81:29:ea:d9:7f:b3:22:a7:7c:c7:5a:04:9b:f6:70:
75:60:35:fa:a9:dd:20:71:3a:17:66:40:b6:de:42:49:8d:30:
a6:11:60:8e:a4:48:90:c2:04:36:40:2a:bf:ee:a4:d2:f7:48:
f1:91:64:4b:8d:c0:17:91:a1:16:d7:53:76:de:43:4d:e9:02:
54:c3:ca:38:39:84:82:69:bc:3e:b6:74:02:ff:81:1c:e3:83:
70:f6:c3:09:72:d2:12:d5:e3:7b:0d:c4:64:2d:67:2e:3e:f3:
36:e1:55:b1:2a:77:88:2a:e1:ab:64:5c:ac:a3:67:7c:89:f3:
3c:36:b1:57:2c:3b:c0:47:38:04:7f:77:b1:2f:eb:82:6a:87:
1c:6c:42:48:0f:ef:22:40:60:92:06:f8:ad:e0:51:8c:e6:f3:
38:59:38:09:2a:d1:33:89:3d:ab:05:ff:23:0b:fb:38:79:c5:
ca:40:8b:d0:d9:60:87:d3:ec:c8:04:1f:ee:45:92:5c:22:7b:
cd:02:23:f1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzQWWRGZxshlkV5iTkT4QBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAzMTcyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWU2M2Q4YjMxNjFmNzIzNzRjNTUxYmE4NGE0NzdlYWMwMzJmMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCYrxg6lGS1F9evTM5O9/Eym3biA
UmrrU9/VvA80auoxiyFQFJDfgb73koJIqbupCU0kScr2h1gvunESarIFwZjxmsmK
GV2NOLy11nWFVpcNwdkyDWTvu4Z0G7TWYwYdynkmdvi9VrXe11WWgxG0eiNSDHu/
JxnxENJpYaqtYZyxbJSSnp35l7gYvDEyTRdGNrvwbZA0qUifMhPG5d7XAHkiqKR/
a6AWFDlHHdbzL15SgteHB1JsDN7b7J5vZiFN9XVfkZf3WgreiPanI0mzW3DThY1F
195SwBc+cY77ggMqzObdu/aEK7GBrUUJHLArnaiRqem4tb8NLHNNUgR/NwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBXmPYsxYfcjdMVRuoSkd+rAMvDyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRmVZOWl6Rmg5eU4weFZHNmhLUjM2c0F5OFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVAwQA
udLqMAwDBAC53PkDBAK53PgDBAC531IDBAG54QADBAG545IDBAC5++UDBAHBOpIw
DQYJKoZIhvcNAQELBQADggEBAEFvVfqohWm/cJxsOy+eTseMG6SNX/9R4sThAB8B
wC7xjfdRCr+iKeTUyH4588FM+ktXzr00yH6m0YEp6tl/syKnfMdaBJv2cHVgNfqp
3SBxOhdmQLbeQkmNMKYRYI6kSJDCBDZAKr/upNL3SPGRZEuNwBeRoRbXU3beQ03p
AlTDyjg5hIJpvD62dAL/gRzjg3D2wwly0hLV43sNxGQtZy4+8zbhVbEqd4gq4atk
XKyjZ3yJ8zw2sVcsO8BHOAR/d7Ev64JqhxxsQkgP7yJAYJIG+K3gUYzm8zhZOAkq
0TOJPasF/yML+zh5xcpAi9DZYIfT7MgEH+5Fklwie80CI/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org