Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GEv4y5toFdSE9KaK9xTjHIO6Yp0.roa
File: GEv4y5toFdSE9KaK9xTjHIO6Yp0.roa (raw, json)
Hash identifier: s1nXd6aJSFD4canEcJ5UfDWhQrr3DVUFMdmf23/94UE=
Subject key identifier: 18:4B:F8:CB:9B:68:15:D4:84:F4:A6:8A:F7:14:E3:1C:83:BA:62:9D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01938713EF6BCF9349ACC8780FD4A7A60DD6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GEv4y5toFdSE9KaK9xTjHIO6Yp0.roa
Signing time: Mon 02 Dec 2024 11:14:10 +0000
ROA not before: Mon 02 Dec 2024 11:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 15:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:13:ef:6b:cf:93:49:ac:c8:78:0f:d4:a7:a6:0d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 2 11:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=184bf8cb9b6815d484f4a68af714e31c83ba629d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:eb:d2:55:de:0c:f0:50:f1:5a:f4:fc:2e:
62:cc:2b:0b:1e:db:34:12:f3:a2:47:45:b1:30:27:
35:3a:b8:fa:98:0c:19:79:a6:1e:19:e2:0a:e9:28:
7c:09:f0:7f:23:fa:70:b6:78:ac:89:91:f6:16:78:
63:e0:87:df:1f:15:18:ec:a8:91:29:33:1e:df:29:
6c:90:7c:96:0b:15:1c:17:af:cf:23:a5:f4:ea:f0:
d7:56:13:05:da:ca:09:dc:db:78:33:00:f6:e9:c0:
d8:50:2a:88:a2:7d:a8:43:26:34:96:15:1c:cd:ae:
cd:01:59:3f:22:d4:1a:f0:2b:f3:e0:c0:32:41:63:
43:1e:d4:2b:7a:0c:49:03:15:e6:70:56:79:13:43:
a5:1e:0e:d7:c5:55:b0:0c:fc:c5:ea:ef:5b:f7:85:
77:6e:fd:69:3b:70:48:78:81:67:62:51:8a:58:22:
af:ac:8b:f3:c7:f7:72:7d:28:d6:0a:c9:a9:3d:85:
0b:c9:ae:c0:89:d8:ef:5a:07:85:55:0c:4e:df:1e:
fe:f4:50:1b:f6:49:6e:21:4e:a4:1c:0b:1e:01:11:
83:9a:ba:6b:ba:b9:98:ea:e0:b4:0b:c2:64:49:6b:
23:fe:bb:e9:38:84:e5:80:e6:73:c2:14:a0:59:ff:
d9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4B:F8:CB:9B:68:15:D4:84:F4:A6:8A:F7:14:E3:1C:83:BA:62:9D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GEv4y5toFdSE9KaK9xTjHIO6Yp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.246.113.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
42:74:fb:46:18:5a:8e:52:d2:25:7f:1c:89:f6:43:9f:86:99:
87:60:13:63:c4:26:ce:67:8d:73:26:4e:77:01:d8:37:02:43:
cb:70:de:7a:c7:96:aa:42:97:2e:57:a9:57:83:47:48:f2:f0:
4b:b6:00:d1:a1:b5:de:44:c1:98:09:fc:dc:72:90:10:ee:0c:
e9:5f:6a:a2:76:b4:3d:e4:d4:cc:a1:7b:b3:27:a2:8a:63:73:
23:4c:67:91:4f:1a:f0:ff:85:1b:72:0e:43:81:72:80:17:9d:
f1:01:58:60:30:26:f7:64:98:11:32:ba:81:a0:9f:7a:14:b6:
89:77:77:c6:c2:34:3e:47:71:ef:58:ff:3e:fd:cf:89:42:7d:
69:8f:34:b2:ce:5d:ca:ee:82:1c:3f:52:d5:e0:a4:2c:04:e3:
c1:ee:bb:ff:fb:88:2d:2d:dd:25:f9:22:6b:47:82:2a:9c:89:
24:49:9d:24:b6:19:da:75:1e:12:69:71:64:ae:5a:0d:36:38:
11:9f:1a:45:ed:42:4d:32:22:9e:55:25:84:a9:d8:47:77:4c:
b3:87:a1:0b:8a:b4:cc:53:eb:5f:be:4d:bb:64:d2:f4:02:e3:
0f:5c:c7:c4:9f:96:f4:08:0a:00:b1:5b:65:ce:1b:50:9c:4b:
6d:7a:43:f6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZOHE+9rz5NJrMh4D9Snpg3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjAyMTExNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRiZjhjYjliNjgxNWQ0ODRmNGE2OGFmNzE0ZTMxYzgzYmE2MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMrr0lXeDPBQ8Vr0/C5izCsLHts0
EvOiR0WxMCc1Orj6mAwZeaYeGeIK6Sh8CfB/I/pwtnisiZH2Fnhj4IffHxUY7KiR
KTMe3ylskHyWCxUcF6/PI6X06vDXVhMF2soJ3Nt4MwD26cDYUCqIon2oQyY0lhUc
za7NAVk/ItQa8Cvz4MAyQWNDHtQregxJAxXmcFZ5E0OlHg7XxVWwDPzF6u9b94V3
bv1pO3BIeIFnYlGKWCKvrIvzx/dyfSjWCsmpPYULya7AidjvWgeFVQxO3x7+9FAb
9kluIU6kHAseARGDmrprurmY6uC0C8JkSWsj/rvpOITlgOZzwhSgWf/ZlQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBhL+MubaBXUhPSmivcU4xyDumKdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR0V2NHk1dG9GZFNFOUthSzl4VGpISU82WXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQAufZxAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBCdPtGGFqOUtIlfxyJ9kOfhpmHYBNjxCbOZ41zJk53Adg3AkPL
cN56x5aqQpcuV6lXg0dI8vBLtgDRobXeRMGYCfzccpAQ7gzpX2qidrQ95NTMoXuz
J6KKY3MjTGeRTxrw/4Ubcg5DgXKAF53xAVhgMCb3ZJgRMrqBoJ96FLaJd3fGwjQ+
R3HvWP8+/c+JQn1pjzSyzl3K7oIcP1LV4KQsBOPB7rv/+4gtLd0l+SJrR4IqnIkk
SZ0kthnadR4SaXFkrloNNjgRnxpF7UJNMiKeVSWEqdhHd0yzh6ELirTMU+tfvk27
ZNL0AuMPXMfEn5b0CAoAsVtlzhtQnEttekP2
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:18:12 2025 by rpki-client