Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IAigFns4jDnT6rD44E1CrLFeMUw.roa
File: IAigFns4jDnT6rD44E1CrLFeMUw.roa (raw, json)
Hash identifier: eftQq6Bx0nGKVkpWMjliOup+vwtjXBqXAlG9SQk8rF4=
Subject key identifier: 20:08:A0:16:7B:38:8C:39:D3:EA:B0:F8:E0:4D:42:AC:B1:5E:31:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DE22196F4B6DB4C9B43F9450F5B1B76D6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IAigFns4jDnT6rD44E1CrLFeMUw.roa
Signing time: Sun 25 Feb 2024 21:17:48 +0000
ROA not before: Sun 25 Feb 2024 21:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e2:21:96:f4:b6:db:4c:9b:43:f9:45:0f:5b:1b:76:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 25 21:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2008a0167b388c39d3eab0f8e04d42acb15e314c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cc:c0:3d:34:12:c7:4b:54:db:43:a0:ad:31:
93:fd:3f:00:04:73:a0:7a:1f:e4:fe:5e:78:42:06:
b1:a4:93:d4:a6:e0:38:9c:d9:31:9b:6d:31:2c:f3:
ea:3f:7c:e2:af:f9:f4:64:b3:bc:f2:28:1d:36:fd:
58:c0:be:9f:66:ca:93:bf:91:ec:b3:d9:45:db:df:
09:ce:df:4c:70:4d:eb:bd:06:b1:39:84:0c:57:fe:
e1:07:30:4a:15:9f:39:4d:2e:1b:3e:68:dd:77:d4:
f1:ad:d5:a2:1e:9c:99:5f:ce:c6:f3:2a:20:71:93:
7a:96:ae:29:23:4a:69:92:54:3d:3b:3c:d4:41:0c:
06:88:a6:53:3c:53:60:bf:d5:4d:f8:00:8e:dd:ec:
bb:7b:b1:e7:96:86:ae:79:92:07:97:cb:26:de:ef:
45:06:94:4d:de:a7:78:06:74:fe:48:6c:27:93:ee:
c7:8e:4d:da:09:b7:7c:d0:9f:76:c9:7e:8d:45:f9:
e6:3a:6f:09:dc:3a:83:1c:90:82:b7:cb:63:87:19:
44:b9:36:91:8e:7e:ad:5e:2b:54:81:38:ae:4c:9d:
8e:e3:f4:bd:db:f0:bb:d1:e6:01:5f:7a:aa:33:73:
c8:88:3e:10:3b:dd:55:f0:3f:b0:84:a1:22:40:fb:
29:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:08:A0:16:7B:38:8C:39:D3:EA:B0:F8:E0:4D:42:AC:B1:5E:31:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IAigFns4jDnT6rD44E1CrLFeMUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
91:f0:48:37:9e:71:23:7c:c6:9f:8e:f0:07:78:75:66:ba:fe:
64:09:d8:dd:80:26:95:1e:8a:c4:67:25:34:4a:f4:dc:57:68:
1c:c8:c3:75:10:e8:9e:8b:01:bd:79:1b:15:09:85:07:f5:c9:
ea:87:95:18:2b:ae:22:f7:21:bd:7d:05:b5:00:08:2b:12:86:
43:73:ac:4b:02:85:34:c6:e2:80:5b:43:31:dd:04:1e:20:ef:
62:b0:79:2f:f4:87:f2:00:41:36:a9:93:61:45:85:17:c2:03:
0d:fa:cd:d4:5a:bb:c1:85:1e:82:74:0f:a5:be:0e:3b:90:99:
04:88:da:ee:eb:9d:48:89:4c:88:8b:74:73:7e:75:2e:09:44:
12:5d:33:3f:79:e2:d8:5f:b6:3b:85:40:ec:9b:6e:78:96:aa:
c9:c9:a8:98:72:cf:bb:df:23:a5:a4:a6:c5:28:9a:e7:fc:52:
76:75:52:d1:5d:1e:89:a0:79:e8:c5:52:27:57:6c:50:d0:02:
dd:c0:8f:13:1d:a6:3b:73:a2:8f:9b:be:94:9f:3c:c3:ec:50:
88:37:ed:0b:ca:5d:b6:84:a5:a0:f7:9d:f0:49:54:41:ea:8c:
38:e0:2c:65:67:13:dc:ff:7a:58:52:a4:ce:06:43:77:c8:fe:
cc:dc:1c:97
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3iIZb0tttMm0P5RQ9bG3bWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjI1MjExNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA4YTAxNjdiMzg4YzM5ZDNlYWIwZjhlMDRkNDJhY2IxNWUzMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoczAPTQSx0tU20OgrTGT/T8ABHOg
eh/k/l54QgaxpJPUpuA4nNkxm20xLPPqP3zir/n0ZLO88igdNv1YwL6fZsqTv5Hs
s9lF298Jzt9McE3rvQaxOYQMV/7hBzBKFZ85TS4bPmjdd9TxrdWiHpyZX87G8yog
cZN6lq4pI0ppklQ9OzzUQQwGiKZTPFNgv9VN+ACO3ey7e7HnloaueZIHl8sm3u9F
BpRN3qd4BnT+SGwnk+7Hjk3aCbd80J92yX6NRfnmOm8J3DqDHJCCt8tjhxlEuTaR
jn6tXitUgTiuTJ2O4/S92/C70eYBX3qqM3PIiD4QO91V8D+whKEiQPspQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCAIoBZ7OIw50+qw+OBNQqyxXjFMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSUFpZ0ZuczRqRG5UNnJENDRFMUNyTEZlTVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCR8Eg3nnEjfMafjvAHeHVmuv5kCdjdgCaVHorEZyU0SvTcV2gcyMN1EOie
iwG9eRsVCYUH9cnqh5UYK64i9yG9fQW1AAgrEoZDc6xLAoU0xuKAW0Mx3QQeIO9i
sHkv9IfyAEE2qZNhRYUXwgMN+s3UWrvBhR6CdA+lvg47kJkEiNru651IiUyIi3Rz
fnUuCUQSXTM/eeLYX7Y7hUDsm254lqrJyaiYcs+73yOlpKbFKJrn/FJ2dVLRXR6J
oHnoxVInV2xQ0ALdwI8THaY7c6KPm76UnzzD7FCIN+0Lyl22hKWg953wSVRB6ow4
4CxlZxPc/3pYUqTOBkN3yP7M3ByX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org