Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Gvksqo3tXCOAMzzZDJySzgik1WM.roa
File: Gvksqo3tXCOAMzzZDJySzgik1WM.roa (raw, json)
Hash identifier: fCzT0F4vwDpuGWeONWdpK57R00ZxWQUsf9d3AdaM2gw=
Subject key identifier: 1A:F9:2C:AA:8D:ED:5C:23:80:33:3C:D9:0C:9C:92:CE:08:A4:D5:63
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AFF0DF2CF9A065DBF39759771FEA30DB6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Gvksqo3tXCOAMzzZDJySzgik1WM.roa
Signing time: Thu 05 Oct 2023 08:56:58 +0000
ROA not before: Thu 05 Oct 2023 08:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.230.52.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Oct 2023 11:28:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:0d:f2:cf:9a:06:5d:bf:39:75:97:71:fe:a3:0d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 5 08:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1af92caa8ded5c2380333cd90c9c92ce08a4d563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:aa:d5:28:2f:01:da:cb:3c:f0:e0:89:83:
7e:10:5b:1c:64:d8:5f:c2:85:b6:80:75:53:33:a9:
94:70:75:f6:a5:1f:d7:c8:73:32:7b:da:a0:61:dd:
8d:a3:0f:04:3d:1a:c3:4f:e6:df:a9:e1:7f:ba:c1:
f0:77:3c:cb:04:fe:96:ef:3a:98:f9:4f:76:f2:d0:
a9:34:e5:19:6d:ac:25:6f:0b:07:ac:45:41:3c:e3:
34:5c:3c:9b:b1:16:26:1f:b5:05:16:f3:dd:b8:09:
f1:0e:ac:47:e9:fb:de:cf:26:43:c2:a9:93:1c:ef:
68:2d:7e:55:41:26:b7:23:34:8e:32:e9:59:ce:c4:
ee:c1:20:c3:87:bd:73:21:03:5a:cf:a8:61:c6:16:
a0:93:d7:63:5f:9b:5f:02:87:62:d3:2c:05:55:fc:
95:72:d9:80:7a:6d:1c:29:85:45:5b:c8:21:cc:90:
80:31:d3:ec:25:45:d3:d8:30:82:16:28:67:3e:0a:
a1:7b:e6:1e:74:01:38:cb:75:02:0e:71:7d:a2:3e:
ae:26:23:95:19:9f:be:70:2a:b4:67:ae:63:12:0d:
be:67:bf:63:22:33:11:88:2a:12:11:a5:19:37:11:
6a:d5:c2:bc:06:4f:75:93:ed:d7:ac:5e:ad:87:26:
b9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F9:2C:AA:8D:ED:5C:23:80:33:3C:D9:0C:9C:92:CE:08:A4:D5:63
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Gvksqo3tXCOAMzzZDJySzgik1WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.230.52.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
86:2c:cf:ea:c0:eb:15:6c:0e:3b:a7:59:e9:c2:4c:7b:19:ed:
d6:97:ba:60:15:36:58:fd:25:47:44:54:af:ef:ad:14:9b:3e:
38:a9:a4:b8:1f:49:00:f8:e2:54:55:7e:f1:17:23:a4:2a:9b:
ce:7c:ee:ad:80:b8:83:ef:09:44:a0:bf:f2:b8:73:cd:d6:2b:
3c:0c:fd:25:a2:d5:89:0c:e4:34:63:00:01:67:81:28:d7:08:
f4:f6:a5:fa:12:4a:63:87:93:1c:bb:c4:a4:e1:90:00:09:f8:
e4:bc:5e:5c:1d:ee:06:18:fb:0b:45:ce:44:12:90:9d:9f:2a:
3e:20:55:2c:8c:d5:3a:6e:ab:eb:31:7e:7c:cb:7b:2b:89:65:
d7:04:b4:2a:3f:9e:56:49:bd:05:b5:c8:d5:76:e9:98:63:96:
31:01:79:05:45:e7:70:30:ce:80:0e:76:90:64:cf:74:da:cb:
5e:d0:6c:57:16:9b:b2:ec:bb:e8:c2:86:6f:2b:e7:d9:8b:2a:
49:5c:86:3a:8f:86:55:f0:01:e2:10:e4:03:bb:fc:12:d7:fc:
9a:7a:79:4e:1f:9c:0f:2d:97:b1:34:76:ca:d7:0d:cf:4a:f2:
fc:bb:91:ef:85:e7:bc:d8:b7:15:77:63:d1:3e:bb:5c:7d:b4:
2a:48:ff:55
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYr/DfLPmgZdvzl1l3H+ow22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDA1MDg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY5MmNhYThkZWQ1YzIzODAzMzNjZDkwYzljOTJjZTA4YTRkNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaGq1SgvAdrLPPDgiYN+EFscZNhf
woW2gHVTM6mUcHX2pR/XyHMye9qgYd2Now8EPRrDT+bfqeF/usHwdzzLBP6W7zqY
+U928tCpNOUZbawlbwsHrEVBPOM0XDybsRYmH7UFFvPduAnxDqxH6fvezyZDwqmT
HO9oLX5VQSa3IzSOMulZzsTuwSDDh71zIQNaz6hhxhagk9djX5tfAodi0ywFVfyV
ctmAem0cKYVFW8ghzJCAMdPsJUXT2DCCFihnPgqhe+YedAE4y3UCDnF9oj6uJiOV
GZ++cCq0Z65jEg2+Z79jIjMRiCoSEaUZNxFq1cK8Bk91k+3XrF6thya5CwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBr5LKqN7VwjgDM82Qycks4IpNVjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR3Zrc3FvM3RYQ09BTXp6WkRKeVN6Z2lrMVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQA
LZPgAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAueJrAwQAueY0AwQAufvlAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQCGLM/qwOsVbA47p1npwkx7Ge3Wl7pgFTZY
/SVHRFSv760Umz44qaS4H0kA+OJUVX7xFyOkKpvOfO6tgLiD7wlEoL/yuHPN1is8
DP0lotWJDOQ0YwABZ4Eo1wj09qX6Ekpjh5Mcu8Sk4ZAACfjkvF5cHe4GGPsLRc5E
EpCdnyo+IFUsjNU6bqvrMX58y3sriWXXBLQqP55WSb0FtcjVdumYY5YxAXkFRedw
MM6ADnaQZM902ste0GxXFpuy7LvowoZvK+fZiypJXIY6j4ZV8AHiEOQDu/wS1/ya
enlOH5wPLZexNHbK1w3PSvL8u5Hvhee82LcVd2PRPrtcfbQqSP9V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org