Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I11mMxWKmzZH-Ukl0DsCQC07H3o.roa
File: I11mMxWKmzZH-Ukl0DsCQC07H3o.roa (raw, json)
Hash identifier: in4Xg78QpiUzoF6ICvfEiE746awCjYWvWk3RArB76J4=
Subject key identifier: 23:5D:66:33:15:8A:9B:36:47:F9:49:25:D0:3B:02:40:2D:3B:1F:7A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01900BC7FEBDA841D3D8AB05A42833226749
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I11mMxWKmzZH-Ukl0DsCQC07H3o.roa
Signing time: Wed 12 Jun 2024 09:29:34 +0000
ROA not before: Wed 12 Jun 2024 09:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:c7:fe:bd:a8:41:d3:d8:ab:05:a4:28:33:22:67:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 12 09:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=235d6633158a9b3647f94925d03b02402d3b1f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:76:50:d7:d1:bb:dd:53:04:91:42:75:61:
9a:96:59:a0:26:54:35:31:c4:ef:e0:dc:0b:28:81:
9c:91:22:05:0a:63:51:1f:3c:42:8d:e9:9e:10:8f:
63:5c:50:f9:71:79:ca:c5:ad:00:91:3a:90:e9:13:
2b:00:b4:b1:e4:ba:65:9a:c6:47:64:f7:8c:bb:c4:
3f:20:06:ae:53:6b:a0:9f:e9:24:41:2a:2d:58:22:
f2:6e:74:f5:c2:7b:46:ca:a8:ed:73:d6:7c:49:f6:
73:cd:fa:72:b2:7d:fd:c6:79:d7:bc:66:9d:70:e2:
d5:e4:3d:3a:01:d1:fd:69:bc:c7:7e:d9:fd:5a:73:
c3:3a:ce:fe:b3:ea:7b:7b:39:d3:98:02:e1:23:0f:
04:ee:6c:ba:6b:33:e5:66:4e:7a:09:52:af:ec:6b:
31:c1:f7:61:2c:72:75:cd:8c:36:4d:35:16:a0:59:
df:a6:8e:67:39:ae:de:b3:a5:0d:63:2c:58:4d:8b:
a9:eb:45:11:99:c9:8e:db:30:11:ce:0c:24:fa:db:
93:60:ad:1f:44:b0:19:98:8d:f5:b9:02:f7:b4:b2:
d0:0c:3a:5a:ee:a3:72:1c:8e:c2:6c:10:32:a6:15:
6b:e4:64:3b:61:41:31:bf:61:50:35:e6:70:bf:61:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5D:66:33:15:8A:9B:36:47:F9:49:25:D0:3B:02:40:2D:3B:1F:7A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/I11mMxWKmzZH-Ukl0DsCQC07H3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.101.0-185.218.102.255
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
91:f1:e6:55:bf:0f:5e:03:34:52:76:bb:11:36:d6:e1:75:fc:
d2:bd:ae:f0:e2:44:eb:49:27:11:88:db:91:6f:56:c0:22:79:
69:12:73:73:46:70:ee:6b:e2:36:75:3d:01:8c:8b:49:52:0e:
63:ab:34:68:2a:6e:34:08:87:2a:b3:c2:19:c0:3a:5f:96:36:
1f:19:3b:33:65:9c:0b:2a:eb:8a:cc:8c:f6:d6:c8:a4:d7:3c:
aa:da:29:f4:f0:a0:86:28:f3:c7:65:57:f9:2c:53:1c:84:81:
68:65:08:c7:9e:ac:f3:f7:4a:c7:a4:af:8a:52:66:65:cd:b6:
4a:d5:85:5b:eb:37:60:02:47:99:d4:fc:32:2b:93:d4:39:54:
c3:b1:fb:f3:aa:f4:0b:fe:49:7f:ce:28:4e:ea:bc:e3:9c:02:
f3:73:01:b7:fc:05:cc:fb:16:fe:41:4d:3d:c8:9f:53:77:b6:
08:3b:02:65:05:1e:4d:09:9e:89:24:3a:ac:01:29:17:06:78:
35:5c:ef:42:37:b5:20:b1:57:cd:86:aa:4f:6e:b4:7e:11:a6:
44:5f:49:96:86:03:43:bb:21:a3:c3:d7:72:8d:8a:11:ca:c4:
57:c7:83:d8:fb:45:d5:75:4a:13:0d:be:a7:7c:70:96:66:66:
93:99:c3:c9
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZALx/69qEHT2KsFpCgzImdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjEyMDkyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVkNjYzMzE1OGE5YjM2NDdmOTQ5MjVkMDNiMDI0MDJkM2IxZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0F2UNfRu91TBJFCdWGallmgJlQ1
McTv4NwLKIGckSIFCmNRHzxCjemeEI9jXFD5cXnKxa0AkTqQ6RMrALSx5LplmsZH
ZPeMu8Q/IAauU2ugn+kkQSotWCLybnT1wntGyqjtc9Z8SfZzzfpysn39xnnXvGad
cOLV5D06AdH9abzHftn9WnPDOs7+s+p7eznTmALhIw8E7my6azPlZk56CVKv7Gsx
wfdhLHJ1zYw2TTUWoFnfpo5nOa7es6UNYyxYTYup60URmcmO2zARzgwk+tuTYK0f
RLAZmI31uQL3tLLQDDpa7qNyHI7CbBAyphVr5GQ7YUExv2FQNeZwv2GjeQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFCNdZjMVips2R/lJJdA7AkAtOx96MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSTExbU14V0ttelpILVVrbDBEc0NRQzA3SDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEArl5DAME
ALnHnwMEALnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmDAMAwQAudplAwQAudpm
AwQAud9MAwQAud9QAwQAueECAwQAueJrAwQAueORAwQCueoUAwQCue7kAwQBufB4
AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCR8eZVvw9eAzRSdrsRNtbhdfzSva7w
4kTrSScRiNuRb1bAInlpEnNzRnDua+I2dT0BjItJUg5jqzRoKm40CIcqs8IZwDpf
ljYfGTszZZwLKuuKzIz21sik1zyq2in08KCGKPPHZVf5LFMchIFoZQjHnqzz90rH
pK+KUmZlzbZK1YVb6zdgAkeZ1PwyK5PUOVTDsfvzqvQL/kl/zihO6rzjnALzcwG3
/AXM+xb+QU09yJ9Td7YIOwJlBR5NCZ6JJDqsASkXBng1XO9CN7UgsVfNhqpPbrR+
EaZEX0mWhgNDuyGjw9dyjYoRysRXx4PY+0XVdUoTDb6nfHCWZmaTmcPJ
-----END CERTIFICATE-----
Generated at Mon Sep 9 12:50:09 2024 by rpki-client on console-fra.rpki-client.org