Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M6sGTDy11lAoFp2u03_53W4nxp8.roa
File: M6sGTDy11lAoFp2u03_53W4nxp8.roa (raw, json)
Hash identifier: sEY8tAxvUKFC07yJuTMY2Og9xoNaLmv7bU8QRaQDH+c=
Subject key identifier: 33:AB:06:4C:3C:B5:D6:50:28:16:9D:AE:D3:7F:F9:DD:6E:27:C6:9F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E2D347989EC2ACB7753682CEACA439D7E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M6sGTDy11lAoFp2u03_53W4nxp8.roa
Signing time: Mon 11 Mar 2024 11:09:57 +0000
ROA not before: Mon 11 Mar 2024 11:09:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.194.29.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:34:79:89:ec:2a:cb:77:53:68:2c:ea:ca:43:9d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 11 11:09:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33ab064c3cb5d65028169daed37ff9dd6e27c69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:1f:52:6a:11:e6:c1:4c:a6:74:c4:4e:9d:
ee:92:0a:7a:2b:2b:7a:6a:64:9e:78:b1:bc:9d:4e:
8a:2f:74:eb:d9:e4:ac:c1:5d:3a:cc:2f:01:4d:e7:
48:0b:dc:82:60:b0:ed:9c:e6:a3:36:65:64:b6:65:
13:c4:27:98:0e:5e:b0:78:49:ee:a7:f3:52:14:0c:
7a:fb:f0:ed:14:c8:f3:ae:b6:0a:e7:f7:ff:d4:93:
4a:47:42:62:73:95:b9:40:e3:e7:a5:4b:d4:53:77:
8f:4f:85:bd:c9:2a:65:b3:2a:4c:36:ac:d9:8d:46:
a7:af:7f:a4:13:38:8e:82:f0:0d:f5:bf:b5:6c:9e:
8e:13:b8:c6:32:9c:68:37:d1:18:23:ac:08:af:8e:
1d:e1:38:d8:ee:2d:62:ed:0e:ba:fc:76:36:bd:f7:
e9:07:06:b4:5a:21:2b:80:aa:e2:c3:a1:76:92:be:
d3:7a:1e:4e:45:19:64:7b:e2:7f:ef:bb:44:f4:5c:
d7:32:95:49:c1:fa:75:84:8a:0c:4d:d6:66:69:17:
87:35:71:96:11:0b:54:76:7d:65:9c:dd:0b:94:e7:
14:3b:e3:d1:78:33:28:b6:11:47:ba:92:af:de:14:
44:17:6c:26:4a:3a:b3:77:55:b7:cb:e9:88:4a:c3:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AB:06:4C:3C:B5:D6:50:28:16:9D:AE:D3:7F:F9:DD:6E:27:C6:9F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/M6sGTDy11lAoFp2u03_53W4nxp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.194.29.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
27:f9:d6:83:02:f4:8f:80:f8:b1:d3:bc:f1:41:11:7a:b0:92:
76:85:d8:34:bc:b9:fe:a0:d0:67:81:c0:ac:5d:9e:84:67:2c:
16:69:63:55:75:1c:c2:8c:91:97:8c:11:e7:6b:fe:a1:d4:59:
88:89:40:3b:67:d4:ee:35:f3:a2:ab:4f:d9:4a:d9:bb:d8:ed:
4f:7b:36:fd:88:d4:02:7a:74:3a:a4:61:f6:13:fa:2d:a0:39:
41:9e:b3:0d:aa:70:63:ae:6c:c7:84:69:e9:95:ed:92:ef:39:
53:79:ca:c7:98:01:55:76:57:0b:fc:eb:6f:ec:c0:db:30:f3:
f5:c9:95:48:97:58:b8:06:60:60:c0:04:1a:96:78:37:67:0f:
c7:d0:d2:ef:0c:5b:4b:b1:0f:96:58:e8:27:05:08:f2:89:e0:
77:2a:60:bf:7d:d9:e4:63:d1:5c:69:13:ae:40:66:dc:95:1f:
d8:de:75:e5:ed:3e:ab:0c:78:7a:1c:e4:06:1d:7f:01:2a:62:
22:d3:4e:6d:c1:b6:86:e4:70:2e:92:96:c7:88:ed:7e:96:e4:
54:04:5f:fb:1f:0f:a5:ad:e1:94:e4:ef:6d:78:c9:4a:c6:07:
99:c6:01:09:f7:3b:32:d2:d8:fe:32:ee:46:d5:61:29:58:f1:
74:51:54:54
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY4tNHmJ7CrLd1NoLOrKQ51+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzExMTEwOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FiMDY0YzNjYjVkNjUwMjgxNjlkYWVkMzdmZjlkZDZlMjdjNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG0fUmoR5sFMpnTETp3ukgp6Kyt6
amSeeLG8nU6KL3Tr2eSswV06zC8BTedIC9yCYLDtnOajNmVktmUTxCeYDl6weEnu
p/NSFAx6+/DtFMjzrrYK5/f/1JNKR0Jic5W5QOPnpUvUU3ePT4W9ySplsypMNqzZ
jUanr3+kEziOgvAN9b+1bJ6OE7jGMpxoN9EYI6wIr44d4TjY7i1i7Q66/HY2vffp
Bwa0WiErgKriw6F2kr7Teh5ORRlke+J/77tE9FzXMpVJwfp1hIoMTdZmaReHNXGW
EQtUdn1lnN0LlOcUO+PReDMothFHupKv3hREF2wmSjqzd1W3y+mISsNbiwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDOrBkw8tdZQKBadrtN/+d1uJ8afMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTTZzR1REeTExbEFvRnAydTAzXzUzVzRueHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
ucIdAwQBudz6AwQAud9SAwQBueEAAwQAueJoAwQBueOSAwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAn+daDAvSPgPix07zxQRF6sJJ2hdg0vLn+oNBngcCs
XZ6EZywWaWNVdRzCjJGXjBHna/6h1FmIiUA7Z9TuNfOiq0/ZStm72O1Pezb9iNQC
enQ6pGH2E/otoDlBnrMNqnBjrmzHhGnple2S7zlTecrHmAFVdlcL/Otv7MDbMPP1
yZVIl1i4BmBgwAQalng3Zw/H0NLvDFtLsQ+WWOgnBQjyieB3KmC/fdnkY9FcaROu
QGbclR/Y3nXl7T6rDHh6HOQGHX8BKmIi005twbaG5HAukpbHiO1+luRUBF/7Hw+l
reGU5O9teMlKxgeZxgEJ9zsy0tj+Mu5G1WEpWPF0UVRU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org