Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H5iiSDY_UkeGhS_C4dVeWEjiYGM.roa
File: H5iiSDY_UkeGhS_C4dVeWEjiYGM.roa (raw, json)
Hash identifier: UhA4HD43LdraL+x428ip45pXUJ+tPSGEdieWeGlV/yI=
Subject key identifier: 1F:98:A2:48:36:3F:52:47:86:85:2F:C2:E1:D5:5E:58:48:E2:60:63
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B239A99B76CD9BD2C0B5F066A6B53C687
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H5iiSDY_UkeGhS_C4dVeWEjiYGM.roa
Signing time: Thu 12 Oct 2023 11:16:56 +0000
ROA not before: Thu 12 Oct 2023 11:16:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.82.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 12:23:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:9a:99:b7:6c:d9:bd:2c:0b:5f:06:6a:6b:53:c6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 12 11:16:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f98a248363f524786852fc2e1d55e5848e26063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b4:2f:38:fb:ec:17:83:db:30:cc:eb:32:4d:
bb:fc:f4:0c:9e:a0:b7:aa:39:09:e1:a6:23:3f:26:
ef:cd:1f:1a:3c:66:53:af:bd:bf:89:d2:19:0e:97:
dd:8c:77:d2:3a:27:f6:45:f7:51:b9:da:f5:89:bc:
99:6e:5b:8a:34:4b:6a:bb:ee:1f:a2:9c:63:49:dc:
78:5c:de:ee:71:c5:6b:9e:68:b7:ac:35:e6:ee:70:
9d:68:2e:3d:a4:66:dd:39:8d:ee:15:d5:2d:1b:c5:
96:91:28:f1:91:7a:ae:3f:9b:70:a1:18:db:1a:74:
82:3a:fc:51:53:26:7d:ec:16:0c:67:70:4e:69:48:
b0:8e:e7:d6:b4:e8:47:4e:9d:78:84:76:8f:e9:c5:
49:57:32:fe:63:3d:09:50:e6:f1:9e:ed:c4:e0:1e:
2b:ba:91:a5:81:fe:16:f5:34:e0:2a:3c:7e:24:a9:
66:5d:bb:16:d2:37:57:8f:46:5c:16:07:8f:e1:58:
08:00:d9:40:e9:35:d1:c7:36:cf:95:42:33:16:af:
17:88:52:40:22:c1:bf:b4:a4:77:8a:a3:45:4d:25:
ba:06:b7:d3:9a:21:f0:be:7d:87:cf:50:d2:d0:33:
65:b9:4c:ad:1f:97:ff:52:8c:57:41:c9:86:e8:96:
95:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:98:A2:48:36:3F:52:47:86:85:2F:C2:E1:D5:5E:58:48:E2:60:63
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/H5iiSDY_UkeGhS_C4dVeWEjiYGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.223.82.0/24
185.225.0.0/23
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
48:bb:93:03:74:b2:c7:28:9e:22:7e:4d:6d:75:e5:ef:9e:69:
aa:96:b0:2a:1f:01:da:7f:2b:04:30:5e:90:29:ab:21:74:0e:
7b:09:a5:18:b0:61:db:f5:fe:dc:60:a9:42:dc:aa:29:7e:7d:
8e:87:08:84:18:5a:05:08:04:af:4e:fb:f6:32:0b:b2:75:4c:
b1:63:31:d4:7d:6e:fe:8c:f5:65:69:82:ad:53:1e:10:7f:01:
e7:39:fe:35:96:48:62:27:bc:a3:a0:8e:75:3b:5e:7b:fd:30:
74:ff:42:b3:03:e8:4a:95:32:ee:1f:8e:dc:13:82:47:0a:34:
cd:e4:5d:c5:13:e8:bf:ff:41:43:f8:09:bf:eb:55:c0:47:a0:
6f:51:19:7c:0e:56:c3:79:89:a9:5a:86:12:c9:cc:84:fe:73:
17:1f:57:6d:0e:5e:f7:2a:0b:aa:15:7c:f2:ec:d1:12:cc:f8:
ce:eb:e4:97:6e:fb:28:db:63:9d:be:83:16:a9:fc:1c:ca:74:
f9:ee:cf:70:2d:25:d4:dc:7f:22:a5:56:66:a4:53:43:a6:ec:
c7:20:54:96:69:c4:e3:ee:d7:76:8a:7d:be:6d:46:a1:93:60:
df:df:20:c0:c6:f9:e4:05:ea:23:a3:9d:56:13:ef:9b:bc:85:
e5:36:b1:2a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYsjmpm3bNm9LAtfBmprU8aHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDEyMTExNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjk4YTI0ODM2M2Y1MjQ3ODY4NTJmYzJlMWQ1NWU1ODQ4ZTI2MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbQvOPvsF4PbMMzrMk27/PQMnqC3
qjkJ4aYjPybvzR8aPGZTr72/idIZDpfdjHfSOif2RfdRudr1ibyZbluKNEtqu+4f
opxjSdx4XN7uccVrnmi3rDXm7nCdaC49pGbdOY3uFdUtG8WWkSjxkXquP5twoRjb
GnSCOvxRUyZ97BYMZ3BOaUiwjufWtOhHTp14hHaP6cVJVzL+Yz0JUObxnu3E4B4r
upGlgf4W9TTgKjx+JKlmXbsW0jdXj0ZcFgeP4VgIANlA6TXRxzbPlUIzFq8XiFJA
IsG/tKR3iqNFTSW6BrfTmiHwvn2Hz1DS0DNluUytH5f/UoxXQcmG6JaVlQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFB+Yokg2P1JHhoUvwuHVXlhI4mBjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSDVpaVNEWV9Va2VHaFNfQzRkVmVXRWppWUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LZPgAwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQAud9SAwQBueEAAwQAufZyAwQA
ufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBIu5MDdLLHKJ4ifk1tdeXvnmmq
lrAqHwHafysEMF6QKashdA57CaUYsGHb9f7cYKlC3Kopfn2OhwiEGFoFCASvTvv2
MguydUyxYzHUfW7+jPVlaYKtUx4QfwHnOf41lkhiJ7yjoI51O157/TB0/0KzA+hK
lTLuH47cE4JHCjTN5F3FE+i//0FD+Am/61XAR6BvURl8DlbDeYmpWoYSycyE/nMX
H1dtDl73KguqFXzy7NESzPjO6+SXbvso22OdvoMWqfwcynT57s9wLSXU3H8ipVZm
pFNDpuzHIFSWacTj7td2in2+bUahk2Df3yDAxvnkBeojo51WE++bvIXlNrEq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org