Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KIp2zL0WJLJ5mGCFTZiixAdoloc.roa
File: KIp2zL0WJLJ5mGCFTZiixAdoloc.roa (raw, json)
Hash identifier: Y+suMc+Xvb3/hevN1Ppm/4yivMf6kAmJrAnSvBc9HAY=
Subject key identifier: 28:8A:76:CC:BD:16:24:B2:79:98:60:85:4D:98:A2:C4:07:68:96:87
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BD2807C52CDDB7038E80C94F21426AAD6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KIp2zL0WJLJ5mGCFTZiixAdoloc.roa
Signing time: Wed 15 Nov 2023 10:21:57 +0000
ROA not before: Wed 15 Nov 2023 10:21:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.222.30.0/23 maxlen: 24
185.206.250.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 10:54:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:80:7c:52:cd:db:70:38:e8:0c:94:f2:14:26:aa:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 15 10:21:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288a76ccbd1624b2799860854d98a2c407689687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4f:b4:7e:be:c8:e0:9d:b0:26:8e:09:62:b3:
b6:b9:73:75:c7:59:77:99:96:45:b2:03:f9:7e:8d:
62:d8:3b:e2:15:0e:59:70:6a:c8:b5:d3:9f:c1:21:
98:3c:d6:bf:58:f0:4e:ef:7e:87:8b:21:0c:d0:cd:
2c:6e:15:2a:6e:eb:a0:84:25:9d:1f:98:99:4c:df:
52:be:54:ab:fc:f2:f5:31:11:f3:12:2e:97:ec:2c:
12:1c:f2:af:28:22:25:f2:94:d3:bd:2f:cc:a5:12:
4f:e2:db:be:a5:d2:1d:73:79:51:12:83:95:09:11:
72:6a:ef:71:e2:fb:6d:b5:09:06:d5:e0:ec:c8:c6:
55:4d:35:ec:37:f2:78:e0:7e:aa:88:84:81:75:8c:
bd:6e:13:5e:72:e5:79:c8:c1:aa:f0:f3:e7:68:b6:
b7:ad:48:b1:a8:8f:16:f3:f5:08:70:d2:88:00:85:
c6:d2:e1:d2:8a:01:51:4e:5e:48:b4:b2:cd:4a:fb:
ec:70:fc:59:58:76:48:3e:cd:46:8a:64:40:cc:06:
2a:2b:1a:53:23:01:6e:88:65:bf:0d:38:11:24:a1:
6e:46:dd:c3:57:22:f4:e7:ce:6e:a7:f9:bc:92:96:
f9:01:b9:aa:0e:60:fc:61:28:ab:54:01:ce:00:68:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8A:76:CC:BD:16:24:B2:79:98:60:85:4D:98:A2:C4:07:68:96:87
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KIp2zL0WJLJ5mGCFTZiixAdoloc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.206.250.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:73:ad:6a:17:68:a9:b8:f9:65:a6:45:32:0c:e9:6a:44:c2:
56:e3:c2:a0:d6:d2:24:be:54:91:fd:8d:2a:f4:84:b3:e9:05:
be:9f:a0:91:9b:42:3e:bb:e0:80:c8:8e:89:c4:1f:21:cc:c8:
98:52:44:22:6a:8d:12:b3:1e:4a:cd:0c:00:96:4b:24:85:2d:
ef:a4:0f:29:73:b4:f1:47:7e:34:a8:48:3c:e2:d3:f0:87:4a:
10:b6:4b:66:9c:3a:a5:61:58:42:be:bd:ea:dc:0e:fc:e4:b3:
e8:26:81:eb:64:ef:b0:2f:8e:a1:ba:c4:90:88:b1:24:68:00:
31:a7:a2:55:1e:79:9a:00:a6:76:e3:6c:46:d8:66:72:8a:50:
92:c4:2f:d8:89:da:9f:95:b0:75:da:85:d7:91:be:28:a0:89:
22:d0:53:27:bc:c1:c5:56:0e:32:cc:9e:a4:e2:da:e8:1b:f0:
4c:cc:88:fa:e8:2f:77:be:43:29:91:3f:93:c1:b7:6a:58:bf:
c9:3b:6c:5c:e9:5f:ca:8b:e2:e0:a1:0e:d5:7e:cb:f8:8b:59:
0a:91:bf:75:12:e9:d6:92:b7:2f:9a:61:b1:b5:9b:c6:7d:b5:
b4:03:5f:f5:65:9c:21:16:30:d9:6c:9f:58:9b:b7:cc:d1:8b:
b4:a9:ce:6b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYvSgHxSzdtwOOgMlPIUJqrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE1MTAyMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhhNzZjY2JkMTYyNGIyNzk5ODYwODU0ZDk4YTJjNDA3Njg5Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvE+0fr7I4J2wJo4JYrO2uXN1x1l3
mZZFsgP5fo1i2DviFQ5ZcGrItdOfwSGYPNa/WPBO736HiyEM0M0sbhUqbuughCWd
H5iZTN9SvlSr/PL1MRHzEi6X7CwSHPKvKCIl8pTTvS/MpRJP4tu+pdIdc3lREoOV
CRFyau9x4vtttQkG1eDsyMZVTTXsN/J44H6qiISBdYy9bhNecuV5yMGq8PPnaLa3
rUixqI8W8/UIcNKIAIXG0uHSigFRTl5ItLLNSvvscPxZWHZIPs1GimRAzAYqKxpT
IwFuiGW/DTgRJKFuRt3DVyL0585up/m8kpb5AbmqDmD8YSirVAHOAGgboQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCiKdsy9FiSyeZhghU2YosQHaJaHMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS0lwMnpMMFdKTEo1bUdDRlRaaWl4QWRvbG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQgVAwQA
LZPgAwQAuc76AwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQAud9SAwQBueEAAwQB
ueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQDEc61qF2ipuPllpkUy
DOlqRMJW48Kg1tIkvlSR/Y0q9ISz6QW+n6CRm0I+u+CAyI6JxB8hzMiYUkQiao0S
sx5KzQwAlkskhS3vpA8pc7TxR340qEg84tPwh0oQtktmnDqlYVhCvr3q3A785LPo
JoHrZO+wL46husSQiLEkaAAxp6JVHnmaAKZ242xG2GZyilCSxC/YidqflbB12oXX
kb4ooIki0FMnvMHFVg4yzJ6k4troG/BMzIj66C93vkMpkT+TwbdqWL/JO2xc6V/K
i+LgoQ7Vfsv4i1kKkb91EunWkrcvmmGxtZvGfbW0A1/1ZZwhFjDZbJ9Ym7fM0Yu0
qc5r
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org