Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IirmEZoTCETVlJ2ZaX5g2OSun8o.roa
File: IirmEZoTCETVlJ2ZaX5g2OSun8o.roa (raw, json)
Hash identifier: olLF3VOuL4shH9EE9EtBhnlToWTwUjTGy8O7CIoPpws=
Subject key identifier: 22:2A:E6:11:9A:13:08:44:D5:94:9D:99:69:7E:60:D8:E4:AE:9F:CA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CD44C223E473DFAC7C4BAA27F09D84DB4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IirmEZoTCETVlJ2ZaX5g2OSun8o.roa
Signing time: Thu 04 Jan 2024 11:46:48 +0000
ROA not before: Thu 04 Jan 2024 11:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.210.234.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 18:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:4c:22:3e:47:3d:fa:c7:c4:ba:a2:7f:09:d8:4d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 4 11:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=222ae6119a130844d5949d99697e60d8e4ae9fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ba:43:bb:e2:9a:90:1b:4d:f1:73:d5:4f:55:
d8:8f:99:a2:4b:02:d0:f7:d4:91:29:f7:88:26:c5:
db:83:09:0d:c3:0a:d4:98:b3:11:1e:6c:e4:a0:0b:
7e:f1:fb:42:77:9b:8f:40:6d:ae:a8:53:bc:56:f3:
dd:f8:ca:14:70:50:5c:dc:59:7c:07:aa:d7:89:5c:
ed:d4:31:af:32:93:28:d5:e6:70:a9:c5:d9:33:6a:
18:78:ab:65:d3:73:a6:86:eb:fd:78:5b:8d:56:f3:
fb:ef:7d:b9:0b:4c:d0:a7:6b:76:19:02:2c:96:d1:
47:f7:cd:2f:58:8d:9d:c4:8f:4e:94:f7:14:a5:58:
fc:73:cf:3c:dd:ee:da:c5:2f:2a:98:a8:08:e2:52:
a4:18:cc:ca:77:c3:bb:fd:47:94:bb:1e:9b:f6:84:
2c:9f:2d:3e:49:4c:b7:b1:73:79:19:f8:d0:13:97:
c4:82:c3:8d:49:e9:b8:28:7a:e8:3c:aa:d9:ca:a3:
3c:9a:50:1e:32:8d:48:2d:8a:bf:a0:b7:6b:f6:84:
93:05:ff:c1:19:17:36:08:8d:6c:ea:67:46:ac:f7:
a6:95:23:ad:08:bb:19:40:83:69:41:25:28:0f:46:
23:d9:42:f1:b3:0a:93:e0:ca:82:a8:3c:dc:e7:71:
ab:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2A:E6:11:9A:13:08:44:D5:94:9D:99:69:7E:60:D8:E4:AE:9F:CA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IirmEZoTCETVlJ2ZaX5g2OSun8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.210.234.0/24
185.220.249.0-185.220.251.255
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:33:47:cb:b2:7d:1d:20:25:44:0f:99:d3:b5:f9:3b:1b:2a:
6d:f2:cc:a8:fc:13:b9:fa:5c:9d:59:9a:88:99:c3:9b:cf:08:
19:da:12:0f:3c:85:e0:29:d5:44:22:37:a5:df:4e:27:80:aa:
08:8d:9e:0d:01:db:14:d5:9c:b5:98:97:c3:f6:81:5d:1b:8e:
88:ce:13:7b:c1:8b:78:1b:a1:12:e0:21:fc:16:5b:b5:f7:08:
ce:fc:c9:57:1f:9e:51:c4:e8:20:d7:9c:e5:e0:53:ab:81:9a:
58:c2:eb:9f:58:ae:97:6f:bd:36:38:a7:65:66:c0:17:6c:65:
ab:1b:08:64:7a:90:42:93:46:80:ba:91:39:12:90:d5:c1:51:
41:f8:de:29:cb:c1:78:a4:14:1f:fa:d7:82:9d:c5:df:2b:58:
9b:0a:cc:9d:93:5b:5c:5c:9d:76:61:38:c4:d3:e1:f0:c2:25:
5d:98:ef:4b:cf:c4:97:9c:cf:8e:a4:44:02:fb:a6:f5:4c:d8:
28:ab:1c:dc:ea:cb:1a:d0:41:eb:dd:bc:53:44:96:97:23:37:
e9:1c:ff:f8:fc:a5:e8:06:c4:ec:b1:76:86:ad:e4:50:7e:40:
9d:9c:40:4f:b0:54:08:07:87:43:f5:82:44:0b:59:39:43:75:
d4:a6:b6:00
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzUTCI+Rz36x8S6on8J2E20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA0MTE0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJhZTYxMTlhMTMwODQ0ZDU5NDlkOTk2OTdlNjBkOGU0YWU5ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLpDu+KakBtN8XPVT1XYj5miSwLQ
99SRKfeIJsXbgwkNwwrUmLMRHmzkoAt+8ftCd5uPQG2uqFO8VvPd+MoUcFBc3Fl8
B6rXiVzt1DGvMpMo1eZwqcXZM2oYeKtl03Omhuv9eFuNVvP77325C0zQp2t2GQIs
ltFH980vWI2dxI9OlPcUpVj8c8883e7axS8qmKgI4lKkGMzKd8O7/UeUux6b9oQs
ny0+SUy3sXN5GfjQE5fEgsONSem4KHroPKrZyqM8mlAeMo1ILYq/oLdr9oSTBf/B
GRc2CI1s6mdGrPemlSOtCLsZQINpQSUoD0Yj2ULxswqT4MqCqDzc53Gr0wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCIq5hGaEwhE1ZSdmWl+YNjkrp/KMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSWlybUVab1RDRVRWbEoyWmFYNWcyT1N1bjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVAwQA
udLqMAwDBAC53PkDBAK53PgDBAC531IDBAG54QADBAG545IDBAC5++UDBAHBOpIw
DQYJKoZIhvcNAQELBQADggEBAB4zR8uyfR0gJUQPmdO1+TsbKm3yzKj8E7n6XJ1Z
moiZw5vPCBnaEg88heAp1UQiN6XfTieAqgiNng0B2xTVnLWYl8P2gV0bjojOE3vB
i3gboRLgIfwWW7X3CM78yVcfnlHE6CDXnOXgU6uBmljC659YrpdvvTY4p2VmwBds
ZasbCGR6kEKTRoC6kTkSkNXBUUH43inLwXikFB/614Kdxd8rWJsKzJ2TW1xcnXZh
OMTT4fDCJV2Y70vPxJecz46kRAL7pvVM2CirHNzqyxrQQevdvFNElpcjN+kc//j8
pegGxOyxdoat5FB+QJ2cQE+wVAgHh0P1gkQLWTlDddSmtgA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org