Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IE936RaCH-bVAH34ABn7jKFsxtA.roa
File: IE936RaCH-bVAH34ABn7jKFsxtA.roa (raw, json)
Hash identifier: 3MG7VNEWJKRTeJwif1Om9DwAxk9nhUH6JsC8lLr+ctU=
Subject key identifier: 20:4F:77:E9:16:82:1F:E6:D5:00:7D:F8:00:19:FB:8C:A1:6C:C6:D0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188AF3028896059BA16FB11C2B38EC716BB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IE936RaCH-bVAH34ABn7jKFsxtA.roa
Signing time: Mon 12 Jun 2023 10:39:08 +0000
ROA not before: Mon 12 Jun 2023 10:39:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.230.52.0/23 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.228.74.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.228.0/22 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jul 2023 18:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:30:28:89:60:59:ba:16:fb:11:c2:b3:8e:c7:16:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 12 10:39:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=204f77e916821fe6d5007df80019fb8ca16cc6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a2:2b:3e:fb:58:92:b9:71:dc:04:4c:7c:06:
a8:42:1c:f4:ac:42:0e:11:ec:1d:cf:3a:be:f4:2b:
00:65:df:49:93:2c:82:df:20:b4:58:52:5b:31:36:
85:d6:7f:77:d4:7c:d1:a7:a0:95:ce:c1:2c:2a:c8:
24:09:95:0d:35:ef:2c:67:20:28:5b:90:52:09:24:
6d:d2:09:7f:b1:92:1d:4f:23:bb:8d:2e:ac:d2:19:
72:53:da:9b:8d:9e:07:ac:3c:2f:bb:97:48:1b:9f:
67:3b:c2:b5:fd:c7:17:45:b1:e0:a3:50:37:8f:7f:
aa:fc:58:56:eb:b6:fb:a9:ea:2e:26:d0:19:b6:1b:
ed:b8:dc:f2:cf:c5:64:b9:51:43:c0:71:d2:5d:90:
e1:95:3b:c2:cb:fc:f5:8d:3e:42:b6:b2:fc:b9:a7:
0e:08:3c:e5:02:ef:1a:a3:00:01:92:a3:5f:7c:6e:
50:e5:11:5d:34:f7:e5:81:a9:e9:35:60:42:0f:38:
97:7e:0d:2a:d3:34:b6:9e:8a:01:d9:67:46:4c:87:
93:55:2b:5e:04:62:d7:0c:18:77:af:56:86:6c:96:
86:8d:e5:37:65:25:71:75:39:56:43:e5:9e:d7:57:
9e:8a:af:a9:b1:a6:bc:6d:01:66:7b:bd:fd:00:51:
5c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4F:77:E9:16:82:1F:E6:D5:00:7D:F8:00:19:FB:8C:A1:6C:C6:D0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IE936RaCH-bVAH34ABn7jKFsxtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/24
185.121.12.0/22
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.223.76.0/24
185.225.0.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.228.74.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:0e:d4:38:d9:76:fb:ff:b7:5e:7b:0c:f6:9c:69:44:3e:92:
c7:bf:d0:e6:33:4a:cd:30:ef:88:ef:4b:04:05:b2:98:c5:53:
16:2d:7b:b8:d7:2b:2a:77:33:08:df:e8:49:53:4b:83:6e:03:
93:07:1c:9d:94:f9:19:4a:95:0c:71:6e:39:44:92:f9:1b:83:
91:26:1e:f8:56:aa:1f:84:13:01:9f:a1:ca:ee:85:2b:ca:dc:
79:2f:a6:1c:de:4a:6c:53:a7:d0:fd:16:51:a5:e3:b4:44:eb:
db:3d:fa:fa:12:7c:86:8c:6c:3c:c1:ed:a5:78:e9:b3:60:71:
81:c4:93:3b:91:2c:33:32:99:83:7c:45:ed:a5:8a:f0:c6:2d:
32:85:61:a2:02:7b:dd:06:a0:a0:bb:4d:b7:da:13:9e:5e:4f:
24:9b:d2:1a:fc:b6:c8:7f:b6:cf:a4:97:b4:08:84:38:1c:07:
43:31:0c:4b:37:d0:44:b6:e8:98:9b:0e:4b:35:0d:01:a5:48:
48:b9:5d:1e:b3:b3:a0:2a:33:32:18:11:25:61:e5:ca:f5:39:
c7:fb:dc:bd:9e:bf:9e:33:24:00:ec:78:44:33:c7:ed:ee:d4:
41:3f:d3:29:3c:d4:93:57:67:2f:b0:0b:1c:eb:fa:60:e1:f7:
61:93:e6:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYivMCiJYFm6FvsRwrOOxxa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjEyMTAzOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRmNzdlOTE2ODIxZmU2ZDUwMDdkZjgwMDE5ZmI4Y2ExNmNjNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6IrPvtYkrlx3ARMfAaoQhz0rEIO
Eewdzzq+9CsAZd9JkyyC3yC0WFJbMTaF1n931HzRp6CVzsEsKsgkCZUNNe8sZyAo
W5BSCSRt0gl/sZIdTyO7jS6s0hlyU9qbjZ4HrDwvu5dIG59nO8K1/ccXRbHgo1A3
j3+q/FhW67b7qeouJtAZthvtuNzyz8VkuVFDwHHSXZDhlTvCy/z1jT5CtrL8uacO
CDzlAu8aowABkqNffG5Q5RFdNPflganpNWBCDziXfg0q0zS2nooB2WdGTIeTVSte
BGLXDBh3r1aGbJaGjeU3ZSVxdTlWQ+We11eeiq+psaa8bQFme739AFFcZQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCBPd+kWgh/m1QB9+AAZ+4yhbMbQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSUU5MzZSYUNILWJWQUgzNEFCbjdqS0ZzeHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAuSTMAwQC
uXkMAwQAucefAwQAuc74AwQAuc77AwQBudEkAwQCudKYAwQAud9MAwQAueEAAwQA
ueECAwQAueJpAwQAueJrAwQAueRKAwQBueY0AwQCueoUAwQCue7kAwQBufB4MA0G
CSqGSIb3DQEBCwUAA4IBAQDADtQ42Xb7/7deewz2nGlEPpLHv9DmM0rNMO+I70sE
BbKYxVMWLXu41ysqdzMI3+hJU0uDbgOTBxydlPkZSpUMcW45RJL5G4ORJh74Vqof
hBMBn6HK7oUrytx5L6Yc3kpsU6fQ/RZRpeO0ROvbPfr6EnyGjGw8we2leOmzYHGB
xJM7kSwzMpmDfEXtpYrwxi0yhWGiAnvdBqCgu0232hOeXk8km9Ia/LbIf7bPpJe0
CIQ4HAdDMQxLN9BEtuiYmw5LNQ0BpUhIuV0es7OgKjMyGBElYeXK9TnH+9y9nr+e
MyQA7HhEM8ft7tRBP9MpPNSTV2cvsAsc6/pg4fdhk+b4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org