Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GXx63VDnmr75DiK3I3aBoB9ExsM.roa
File: GXx63VDnmr75DiK3I3aBoB9ExsM.roa (raw, json)
Hash identifier: +ZxI9H2r/7BUkhPl54s3Jtmn/lSOmqvBubp7/f1WUBo=
Subject key identifier: 19:7C:7A:DD:50:E7:9A:BE:F9:0E:22:B7:23:76:81:A0:1F:44:C6:C3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018EA5E496D2751F1F52A42DCA2B1089A6C1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GXx63VDnmr75DiK3I3aBoB9ExsM.roa
Signing time: Wed 03 Apr 2024 21:36:45 +0000
ROA not before: Wed 03 Apr 2024 21:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.234.20.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 10:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:e4:96:d2:75:1f:1f:52:a4:2d:ca:2b:10:89:a6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 3 21:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=197c7add50e79abef90e22b7237681a01f44c6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:c1:68:d1:ad:df:f5:c5:33:bc:0e:e4:a4:
89:3d:c9:a6:58:35:e2:5a:66:b4:1d:f9:fe:72:b5:
2d:96:4b:16:ac:d0:c2:1b:34:08:44:13:fb:67:f9:
69:17:a2:a6:23:e2:08:75:49:59:84:dc:ec:a8:93:
6f:10:3f:bd:dc:16:50:6f:96:f0:2f:d5:79:ab:bb:
8b:92:b4:3f:f6:6f:fb:2c:1c:ed:22:0b:91:5e:4a:
2e:ab:17:20:dd:7f:b3:16:9a:c8:44:1d:c6:df:19:
4a:bf:3d:0e:f3:8c:db:43:10:7a:4a:d5:9c:f4:9d:
59:d7:a5:8e:34:b7:5e:2b:44:7b:58:56:8f:b6:2b:
1c:db:c6:5f:24:ae:2b:82:c1:26:ef:3b:ac:ab:1d:
43:78:b9:86:8e:84:d2:40:3a:36:8b:70:8d:e1:25:
b2:23:43:50:db:78:5a:e3:7e:6d:5f:60:35:9c:7b:
0b:07:da:07:57:42:d6:93:63:67:63:3b:a0:4a:e4:
fb:e5:9c:fe:4d:b6:2d:6d:62:35:1b:e8:f6:c2:e2:
1e:d8:af:69:f2:ae:17:0c:f7:fc:58:ae:97:71:f2:
3f:48:d2:bd:d0:b3:2f:dc:da:22:18:69:48:86:2d:
31:e8:0c:d1:7a:42:31:1c:ed:3d:09:2b:31:08:11:
8f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:7C:7A:DD:50:E7:9A:BE:F9:0E:22:B7:23:76:81:A0:1F:44:C6:C3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GXx63VDnmr75DiK3I3aBoB9ExsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.81.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.234.20.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
70:d3:fe:03:7e:e2:3a:76:8e:42:05:87:62:de:eb:67:3d:94:
14:96:51:1d:29:44:d2:7d:4d:98:1a:98:03:c7:62:2c:7b:86:
61:9d:d7:8c:b8:3c:79:ba:17:88:94:bd:2c:ba:bd:24:9f:4d:
fd:06:75:cb:96:7d:a7:c7:a3:7f:69:5b:e4:6b:8f:f4:3e:52:
d3:b7:02:84:58:89:37:9a:55:96:ed:4b:58:43:95:a4:e3:39:
17:f7:03:71:25:7a:8e:9a:61:b3:7b:7c:28:02:f7:be:32:05:
de:8a:93:0c:de:08:08:80:48:f4:71:cb:8c:ab:c7:b0:18:8a:
68:0d:51:0c:b0:e1:8c:61:1c:22:3c:e9:a0:0a:ef:a2:6d:70:
54:ed:77:53:4e:aa:60:17:a2:4c:cb:74:39:10:f9:17:b3:0b:
2f:1c:9a:e7:3a:82:a6:5e:1c:6a:55:11:e7:25:77:ae:fa:39:
4e:3c:fd:ed:dc:cd:81:92:56:37:38:75:e0:ae:05:e2:29:2b:
ef:26:09:5d:70:71:d3:5b:06:74:79:c8:1c:07:7a:27:c6:3d:
85:c1:1e:10:b4:b4:28:ba:21:1c:87:e4:c0:7f:c6:e3:f9:be:
e4:02:2f:0b:77:3f:2a:ce:28:0e:cc:9c:d7:da:26:26:76:b0:
4c:cb:b5:8c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY6l5JbSdR8fUqQtyisQiabBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAzMjEzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTdjN2FkZDUwZTc5YWJlZjkwZTIyYjcyMzc2ODFhMDFmNDRjNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPnBaNGt3/XFM7wO5KSJPcmmWDXi
Wma0Hfn+crUtlksWrNDCGzQIRBP7Z/lpF6KmI+IIdUlZhNzsqJNvED+93BZQb5bw
L9V5q7uLkrQ/9m/7LBztIguRXkouqxcg3X+zFprIRB3G3xlKvz0O84zbQxB6StWc
9J1Z16WONLdeK0R7WFaPtisc28ZfJK4rgsEm7zusqx1DeLmGjoTSQDo2i3CN4SWy
I0NQ23ha435tX2A1nHsLB9oHV0LWk2NnYzugSuT75Zz+TbYtbWI1G+j2wuIe2K9p
8q4XDPf8WK6XcfI/SNK90LMv3NoiGGlIhi0x6AzRekIxHO09CSsxCBGPlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBl8et1Q55q++Q4ityN2gaAfRMbDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR1h4NjNWRG5tcjc1RGlLM0kzYUJvQjlFeHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5RAwQBudz6AwQAud9SAwQBueEAAwQAueJoAwQBueOSAwQAueoUAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQBw0/4DfuI6do5CBYdi3utnPZQUllEdKUTSfU2YGpgD
x2Ise4ZhndeMuDx5uheIlL0sur0kn039BnXLln2nx6N/aVvka4/0PlLTtwKEWIk3
mlWW7UtYQ5Wk4zkX9wNxJXqOmmGze3woAve+MgXeipMM3ggIgEj0ccuMq8ewGIpo
DVEMsOGMYRwiPOmgCu+ibXBU7XdTTqpgF6JMy3Q5EPkXswsvHJrnOoKmXhxqVRHn
JXeu+jlOPP3t3M2BklY3OHXgrgXiKSvvJgldcHHTWwZ0ecgcB3onxj2FwR4QtLQo
uiEch+TAf8bj+b7kAi8Ldz8qzigOzJzX2iYmdrBMy7WM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org