Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OXGHKtf4hfPDrHuzOouGu3D4afE.roa
File: OXGHKtf4hfPDrHuzOouGu3D4afE.roa (raw, json)
Hash identifier: PaUXvPNZHqtqCVdLZr+5G53eWUJksdwDNFdWkkhLXJc=
Subject key identifier: 39:71:87:2A:D7:F8:85:F3:C3:AC:7B:B3:3A:8B:86:BB:70:F8:69:F1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01904EAFAE569DF2A28FDAA9C74A1784F180
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OXGHKtf4hfPDrHuzOouGu3D4afE.roa
Signing time: Tue 25 Jun 2024 09:17:34 +0000
ROA not before: Tue 25 Jun 2024 09:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jul 2024 09:18:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:af:ae:56:9d:f2:a2:8f:da:a9:c7:4a:17:84:f1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 25 09:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3971872ad7f885f3c3ac7bb33a8b86bb70f869f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:c5:71:b9:fb:94:bf:6f:7b:10:5c:1b:05:
f0:54:0a:4e:52:78:bf:06:dc:71:de:1e:0f:b2:fe:
35:0b:37:6a:18:78:0d:c5:f5:9f:54:b9:e3:b4:81:
b6:d5:60:e3:6a:fc:dd:9a:30:d1:e7:bf:da:aa:9f:
0d:40:14:d8:03:9d:51:51:dd:d7:32:3f:1f:fc:2c:
1b:be:6f:89:91:81:78:cb:47:58:b7:6e:27:ca:95:
5e:7c:d6:2b:f1:f5:d1:e7:29:b2:d7:ea:70:27:22:
7e:b7:7a:f5:0c:b2:cd:73:a6:d9:8a:16:6f:1f:07:
cd:90:41:23:9c:54:89:19:ea:43:d7:31:59:c5:e5:
2b:b7:e9:f9:8f:c1:4f:1b:cf:18:a7:a4:8a:df:2c:
1a:63:63:8e:2b:7f:89:aa:92:a2:ad:ce:c5:36:0d:
89:16:7d:b1:c6:6a:26:38:9f:8c:aa:d9:c6:dd:f7:
8b:b5:04:96:70:fe:4f:c1:d6:51:76:a9:8a:ee:4f:
55:1a:48:11:88:80:de:56:c3:6f:57:f6:8e:f7:89:
f9:3c:51:74:6e:60:dc:2d:04:47:0b:89:9b:ce:31:
80:b1:a3:aa:83:2e:66:d7:4f:ae:0f:65:cd:d7:4a:
1f:a5:7e:fb:d9:da:04:9d:41:46:89:e3:7d:96:c6:
b3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:71:87:2A:D7:F8:85:F3:C3:AC:7B:B3:3A:8B:86:BB:70:F8:69:F1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OXGHKtf4hfPDrHuzOouGu3D4afE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:34:ae:6b:e2:85:7e:6a:a3:8f:3b:25:36:9f:60:a8:62:41:
cd:9d:99:64:72:4d:1c:4f:02:41:94:f5:1e:85:e5:69:20:8b:
a4:34:cc:a0:11:c5:54:1e:0b:d7:75:3f:f5:38:d6:4e:3f:8b:
d9:8c:cf:ae:75:e7:5d:74:84:ad:64:74:eb:13:b0:eb:49:42:
71:5e:2b:c6:0f:ec:3d:30:33:b6:be:ea:af:5c:86:b0:5f:f7:
c6:f0:bd:2c:ed:b6:c5:99:92:7c:8f:c3:da:ae:7e:d4:73:8a:
d2:ef:95:25:5c:90:1c:9c:a1:96:5a:49:0e:95:dd:4d:2f:c2:
ec:b7:fd:c3:4f:1d:22:2a:1f:e2:d0:dc:9e:4b:a5:6d:5b:4e:
ce:49:5a:b3:11:eb:2b:3e:7e:99:78:31:08:57:1f:48:e0:2c:
3e:b5:83:cd:10:3f:7e:18:40:c6:9c:6e:60:5e:22:a0:a4:85:
22:3d:c1:45:47:00:1c:af:e1:36:73:ee:0f:1c:6b:74:d3:9e:
07:56:cc:47:e9:b6:e3:e5:2b:0c:14:6d:64:d1:20:5f:51:e6:
32:4a:52:84:49:cc:26:ba:b3:6c:28:2b:35:55:c1:13:fc:65:
84:9e:1a:8f:31:05:e1:f1:7d:2e:b6:42:ef:ce:cd:bc:25:a8:
fe:73:e2:6b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZBOr65WnfKij9qpx0oXhPGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjI1MDkxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTcxODcyYWQ3Zjg4NWYzYzNhYzdiYjMzYThiODZiYjcwZjg2OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs27Fcbn7lL9vexBcGwXwVApOUni/
Btxx3h4Psv41CzdqGHgNxfWfVLnjtIG21WDjavzdmjDR57/aqp8NQBTYA51RUd3X
Mj8f/Cwbvm+JkYF4y0dYt24nypVefNYr8fXR5ymy1+pwJyJ+t3r1DLLNc6bZihZv
HwfNkEEjnFSJGepD1zFZxeUrt+n5j8FPG88Yp6SK3ywaY2OOK3+JqpKirc7FNg2J
Fn2xxmomOJ+MqtnG3feLtQSWcP5PwdZRdqmK7k9VGkgRiIDeVsNvV/aO94n5PFF0
bmDcLQRHC4mbzjGAsaOqgy5m10+uD2XN10ofpX772doEnUFGieN9lsazdQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDlxhyrX+IXzw6x7szqLhrtw+GnxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT1hHSEt0ZjRoZlBEckh1ek9vdUd1M0Q0YWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQAvNK5r4oV+aqOPOyU2n2CoYkHNnZlkck0cTwJBlPUeheVpIIuk
NMygEcVUHgvXdT/1ONZOP4vZjM+udedddIStZHTrE7DrSUJxXivGD+w9MDO2vuqv
XIawX/fG8L0s7bbFmZJ8j8Parn7Uc4rS75UlXJAcnKGWWkkOld1NL8Lst/3DTx0i
Kh/i0NyeS6VtW07OSVqzEesrPn6ZeDEIVx9I4Cw+tYPNED9+GEDGnG5gXiKgpIUi
PcFFRwAcr+E2c+4PHGt0054HVsxH6bbj5SsMFG1k0SBfUeYySlKEScwmurNsKCs1
VcET/GWEnhqPMQXh8X0utkLvzs28Jaj+c+Jr
-----END CERTIFICATE-----
Generated at Thu Jul 11 12:24:02 2024 by rpki-client on console-ams.rpki-client.org