Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KfdPC3Gn6IA9tGMZJRjC9nwa0h0.roa
File: KfdPC3Gn6IA9tGMZJRjC9nwa0h0.roa (raw, json)
Hash identifier: MU3leODySzki3dz4ZepxYQrjFO0z3bWMuEwkumcLaJE=
Subject key identifier: 29:F7:4F:0B:71:A7:E8:80:3D:B4:63:19:25:18:C2:F6:7C:1A:D2:1D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187E8A184BAC0865E142ECC7F67996EA031
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KfdPC3Gn6IA9tGMZJRjC9nwa0h0.roa
Signing time: Thu 04 May 2023 21:18:32 +0000
ROA not before: Thu 04 May 2023 21:18:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 05 May 2023 11:57:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e8:a1:84:ba:c0:86:5e:14:2e:cc:7f:67:99:6e:a0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 4 21:18:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29f74f0b71a7e8803db463192518c2f67c1ad21d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:02:d3:fb:e3:16:84:2d:94:a7:be:88:5f:
35:be:a7:a6:e1:58:a0:d5:25:8d:e6:89:e9:a0:aa:
48:7e:c7:b7:6b:c0:8d:1c:ba:3b:b1:66:f8:17:bd:
d5:70:1a:29:fc:8e:1a:14:86:b9:0f:77:b3:8d:dc:
a2:02:ce:be:49:c0:f5:19:87:d8:be:e9:82:f9:b4:
3c:d7:ab:0d:c1:95:43:85:4d:d4:a2:82:37:cb:1d:
dd:33:94:d1:5d:3e:fa:82:3f:6c:c4:ae:53:9f:12:
d4:ad:fc:de:1b:ee:48:cb:9e:51:26:20:42:63:85:
13:f7:ff:31:d8:4a:e1:48:70:a6:e4:a7:80:0f:0e:
2b:b4:d9:72:78:0f:9a:b5:72:5c:e1:73:b9:2f:96:
63:c3:60:38:3c:ad:b2:9c:e3:f0:4d:73:95:42:8d:
85:cb:b6:1d:d0:49:58:a1:57:12:24:33:9d:72:7a:
e6:b1:db:b3:dd:cd:c9:7c:2e:4e:dc:13:8c:73:b8:
be:bc:1a:80:e4:2b:ef:ef:6c:7b:1d:ea:f7:ba:c8:
94:1b:33:e6:09:29:73:14:b7:44:7b:63:9f:84:3a:
04:08:af:69:9a:8e:6c:84:77:dd:48:d1:17:11:4b:
7e:41:67:32:39:76:04:08:21:9f:7e:e5:57:7a:ca:
34:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F7:4F:0B:71:A7:E8:80:3D:B4:63:19:25:18:C2:F6:7C:1A:D2:1D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KfdPC3Gn6IA9tGMZJRjC9nwa0h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.199.159.0/24
185.225.0.0/23
185.225.22.0/24
185.246.112.0/24
185.251.229.0/24
Signature Algorithm: sha256WithRSAEncryption
85:55:3c:78:99:62:98:52:bd:23:75:c2:05:66:ba:4f:ea:d9:
49:04:25:f7:5a:29:24:0a:30:ff:f0:9c:92:5a:ac:93:ff:df:
67:fc:b8:ed:cd:1e:33:dd:37:c1:2e:51:e9:57:9e:65:77:c5:
e3:5c:76:30:44:48:f5:f8:64:19:88:fa:ff:ce:38:02:c6:d0:
2a:2e:df:f5:7f:cc:9b:20:18:b0:08:ee:83:f1:da:8e:e5:30:
98:63:9a:11:bf:67:23:7a:0f:15:d0:18:fd:b4:6d:36:75:1e:
4f:30:f0:b3:58:36:db:90:10:d8:7d:83:07:97:1c:b5:c0:ba:
f7:d1:17:84:9f:35:18:36:cf:40:38:73:1e:09:b6:da:52:17:
ce:53:ca:90:3c:f5:50:32:6a:71:56:cc:71:e8:ae:64:d6:01:
46:34:78:88:67:f2:ee:d8:ef:8f:96:32:6a:e7:22:ce:3c:88:
27:07:f5:17:a1:ff:e1:89:25:d3:2c:2e:e0:ea:50:e8:d0:2a:
a1:0e:b9:c0:d4:67:9a:d4:e5:54:44:57:93:14:24:b4:b3:cd:
50:28:04:69:96:9e:08:71:15:d9:a0:f4:b1:06:ac:00:57:46:
0d:8b:b6:e2:27:8d:96:a8:c3:f3:9f:0b:09:d0:e5:a0:ff:13:
c3:db:2e:72
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYfooYS6wIZeFC7Mf2eZbqAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTA0MjExODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY3NGYwYjcxYTdlODgwM2RiNDYzMTkyNTE4YzJmNjdjMWFkMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4wC0/vjFoQtlKe+iF81vqem4Vig
1SWN5onpoKpIfse3a8CNHLo7sWb4F73VcBop/I4aFIa5D3ezjdyiAs6+ScD1GYfY
vumC+bQ816sNwZVDhU3UooI3yx3dM5TRXT76gj9sxK5TnxLUrfzeG+5Iy55RJiBC
Y4UT9/8x2ErhSHCm5KeADw4rtNlyeA+atXJc4XO5L5Zjw2A4PK2ynOPwTXOVQo2F
y7Yd0ElYoVcSJDOdcnrmsduz3c3JfC5O3BOMc7i+vBqA5Cvv72x7Her3usiUGzPm
CSlzFLdEe2OfhDoECK9pmo5shHfdSNEXEUt+QWcyOXYECCGffuVXeso0ZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCn3Twtxp+iAPbRjGSUYwvZ8GtIdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2ZkUEMzR242SUE5dEdNWkpSakM5bndhMGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
LZPgAwQAucefAwQBueEAAwQAueEWAwQAufZwAwQAufvlMA0GCSqGSIb3DQEBCwUA
A4IBAQCFVTx4mWKYUr0jdcIFZrpP6tlJBCX3WikkCjD/8JySWqyT/99n/LjtzR4z
3TfBLlHpV55ld8XjXHYwREj1+GQZiPr/zjgCxtAqLt/1f8ybIBiwCO6D8dqO5TCY
Y5oRv2cjeg8V0Bj9tG02dR5PMPCzWDbbkBDYfYMHlxy1wLr30ReEnzUYNs9AOHMe
CbbaUhfOU8qQPPVQMmpxVsxx6K5k1gFGNHiIZ/Lu2O+PljJq5yLOPIgnB/UXof/h
iSXTLC7g6lDo0CqhDrnA1Gea1OVURFeTFCS0s81QKARplp4IcRXZoPSxBqwAV0YN
i7biJ42WqMPznwsJ0OWg/xPD2y5y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org