Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Im86LVkZb1wv77oIcYj3pkkdOC8.roa
File: Im86LVkZb1wv77oIcYj3pkkdOC8.roa (raw, json)
Hash identifier: bUDjfT3hzmsEob5GPFrslAke7LpC+MkrIbYENvPF8Ns=
Subject key identifier: 22:6F:3A:2D:59:19:6F:5C:2F:EF:BA:08:71:88:F7:A6:49:1D:38:2F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192FC00C494749AD2E41067A3C58D628749
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Im86LVkZb1wv77oIcYj3pkkdOC8.roa
Signing time: Tue 05 Nov 2024 11:06:01 +0000
ROA not before: Tue 05 Nov 2024 11:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 10:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:00:c4:94:74:9a:d2:e4:10:67:a3:c5:8d:62:87:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 5 11:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=226f3a2d59196f5c2fefba087188f7a6491d382f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b0:1b:50:7d:c6:06:31:ec:6d:0c:1f:9d:1a:
77:1f:44:09:c3:85:66:73:37:7a:e1:61:86:7f:4f:
c2:89:e0:00:6a:0d:ce:44:02:f5:15:b2:64:94:3c:
34:3f:cf:17:3d:cc:32:63:61:2d:ed:04:e8:08:d2:
5c:18:19:c0:1b:a2:34:98:cf:4e:ae:09:3d:da:ae:
cf:f6:43:7c:a5:d1:49:c4:3c:aa:7f:78:32:75:f3:
bc:49:ca:ab:7b:60:61:34:5b:84:d5:0c:9e:53:58:
43:7c:4a:cf:2d:80:92:37:ce:c7:f3:f8:ad:bd:b6:
c3:fa:3e:1b:7f:dd:1b:f1:92:a7:35:50:72:e6:f9:
8b:80:b2:3d:72:20:4c:49:0b:e6:1e:bd:48:b8:22:
d9:18:3b:bb:ea:23:b0:ec:ad:30:88:93:a3:fc:33:
ac:65:23:f5:38:0e:f5:09:07:fa:29:e5:f1:2d:85:
be:e8:1c:ee:b3:46:22:67:0c:8f:43:f2:92:3d:fb:
4c:0c:f2:de:8a:66:e9:1f:ec:53:5b:c3:24:df:04:
f8:c2:ab:e0:2c:a9:e8:fb:1b:70:7e:3e:cd:5e:ba:
c0:0b:ba:fa:56:ff:a1:d4:8d:e0:a7:d5:ef:95:e9:
76:32:fc:b3:b8:d4:1c:43:ea:1c:79:35:b4:b4:8b:
84:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6F:3A:2D:59:19:6F:5C:2F:EF:BA:08:71:88:F7:A6:49:1D:38:2F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Im86LVkZb1wv77oIcYj3pkkdOC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:75:de:8f:76:08:34:61:0b:af:db:6b:03:b8:86:99:10:1c:
e1:c7:ce:54:25:b6:6e:af:1f:8c:81:4f:84:89:a0:77:fc:2e:
e5:62:58:56:42:01:50:43:04:e0:dc:6d:d5:e7:ae:26:2f:57:
bf:13:aa:05:80:0e:e8:0f:a8:f7:68:2f:62:c7:9a:ed:a1:d0:
54:74:20:33:94:eb:ea:0e:5e:17:51:16:a0:fc:af:c1:24:78:
2c:8c:f1:e7:e3:56:5d:7d:63:00:06:9d:0b:d5:4c:f0:a0:53:
f4:fa:23:bf:62:4a:bc:41:54:64:f0:64:62:fe:5f:8e:bf:96:
1b:3a:cd:ea:f0:f5:7c:8e:22:c5:c9:46:ce:0a:bc:26:fa:f2:
cc:f8:6c:da:c6:19:76:fc:58:5c:d9:2f:83:5f:32:94:76:3a:
66:33:ba:96:d8:83:1c:95:24:7a:f0:45:e7:0f:a3:5b:05:3e:
6f:5a:f1:29:76:bb:0c:fc:ca:60:ac:48:c9:4c:dc:87:f6:23:
ab:11:31:64:f9:46:e2:92:b2:b4:03:79:53:2d:61:e6:1b:d1:
99:2e:de:f4:c5:2d:41:8c:36:7e:cb:ec:26:ae:06:ab:37:93:
63:c5:79:6e:a3:53:fd:9d:ba:c0:c7:1b:fe:60:48:af:cb:a2:
90:a6:6a:00
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZL8AMSUdJrS5BBno8WNYodJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTA1MTEwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZmM2EyZDU5MTk2ZjVjMmZlZmJhMDg3MTg4ZjdhNjQ5MWQzODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LAbUH3GBjHsbQwfnRp3H0QJw4Vm
czd64WGGf0/CieAAag3ORAL1FbJklDw0P88XPcwyY2Et7QToCNJcGBnAG6I0mM9O
rgk92q7P9kN8pdFJxDyqf3gydfO8Scqre2BhNFuE1QyeU1hDfErPLYCSN87H8/it
vbbD+j4bf90b8ZKnNVBy5vmLgLI9ciBMSQvmHr1IuCLZGDu76iOw7K0wiJOj/DOs
ZSP1OA71CQf6KeXxLYW+6Bzus0YiZwyPQ/KSPftMDPLeimbpH+xTW8Mk3wT4wqvg
LKno+xtwfj7NXrrAC7r6Vv+h1I3gp9Xvlel2MvyzuNQcQ+oceTW0tIuE0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCJvOi1ZGW9cL++6CHGI96ZJHTgvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSW04NkxWa1piMXd2NzdvSWNZajNwa2tkT0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQAudplAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQC/dd6Pdgg0YQuv22sDuIaZEBzhx85UJbZurx+MgU+EiaB3/C7l
YlhWQgFQQwTg3G3V564mL1e/E6oFgA7oD6j3aC9ix5rtodBUdCAzlOvqDl4XURag
/K/BJHgsjPHn41ZdfWMABp0L1UzwoFP0+iO/Ykq8QVRk8GRi/l+Ov5YbOs3q8PV8
jiLFyUbOCrwm+vLM+Gzaxhl2/Fhc2S+DXzKUdjpmM7qW2IMclSR68EXnD6NbBT5v
WvEpdrsM/MpgrEjJTNyH9iOrETFk+UbikrK0A3lTLWHmG9GZLt70xS1BjDZ+y+wm
rgarN5NjxXluo1P9nbrAxxv+YEivy6KQpmoA
-----END CERTIFICATE-----
Generated at Thu Nov 7 13:09:04 2024 by rpki-client on console-fra.rpki-client.org