Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OnOzSYOg6gDx9R1_pCULUT8D-Sk.roa
File: OnOzSYOg6gDx9R1_pCULUT8D-Sk.roa (raw, json)
Hash identifier: +6Ln7+UbE92LGxonUpwwVYUhX3Cj85MNQex2Nji6Nc4=
Subject key identifier: 3A:73:B3:49:83:A0:EA:00:F1:F5:1D:7F:A4:25:0B:51:3F:03:F9:29
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DF46B98F61A7543AD10FCE3A00FB1C5F5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OnOzSYOg6gDx9R1_pCULUT8D-Sk.roa
Signing time: Thu 29 Feb 2024 10:31:48 +0000
ROA not before: Thu 29 Feb 2024 10:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:6b:98:f6:1a:75:43:ad:10:fc:e3:a0:0f:b1:c5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 29 10:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a73b34983a0ea00f1f51d7fa4250b513f03f929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:11:46:da:1f:54:11:d0:6e:e0:d5:aa:b7:dc:
eb:80:00:a5:09:31:af:98:34:0f:00:c4:d5:18:db:
80:5a:1b:1d:2e:ac:ad:14:d8:7f:56:a4:2a:ac:57:
12:ba:6f:3f:49:6e:2f:fd:d9:23:ec:41:6d:08:d2:
e3:49:3a:ef:10:af:d3:f1:9c:15:e5:e1:0f:22:1a:
b0:06:53:d2:54:e1:75:ca:6c:e1:d1:c9:04:c6:0f:
8f:f1:da:ab:d8:2b:ba:a0:ed:82:ff:30:f2:c6:f4:
66:a8:e8:0c:b6:57:32:54:be:59:3d:1f:72:eb:7b:
24:c5:57:cd:d3:5e:d0:9f:fc:19:39:4a:61:5e:a6:
2a:ee:d8:30:ef:fb:b9:2f:da:e0:2c:32:ac:7b:c6:
63:41:21:60:cd:0d:0b:02:95:8a:22:aa:22:46:95:
c5:0f:08:35:c4:d8:ce:3d:f6:c1:03:31:2a:16:24:
02:bf:03:2f:38:25:66:3a:c2:22:ea:15:f0:86:70:
4e:37:21:78:f1:54:d5:bd:4b:1b:ce:ba:41:6b:06:
82:22:69:4a:68:d1:3b:90:9d:0f:ae:5d:59:0c:7d:
c7:a7:cf:f0:f8:84:26:6e:3d:79:7f:56:0e:d4:17:
51:01:45:64:25:dd:cb:74:36:76:da:19:ab:aa:d8:
9e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:73:B3:49:83:A0:EA:00:F1:F5:1D:7F:A4:25:0B:51:3F:03:F9:29
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OnOzSYOg6gDx9R1_pCULUT8D-Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.101.0-185.218.102.255
185.223.76.0/24
185.225.2.0/24
185.225.22.0/24
185.226.105.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f1:a3:70:57:4f:e8:f2:8c:32:6e:68:ab:6a:6d:64:ff:02:
01:fb:55:1a:e9:44:bc:8d:0a:19:8b:01:90:a1:e0:b5:a6:06:
6b:0b:97:9d:b9:cf:12:37:96:5c:ae:9b:96:d3:66:ef:d9:b1:
88:d1:92:cd:69:ef:10:b4:33:fa:d9:39:ec:94:e9:02:c0:f8:
f7:e3:fb:ef:22:e6:f0:b0:f0:93:87:95:4c:e4:91:eb:55:78:
c8:28:6c:1f:5f:58:c0:f1:f4:ad:ce:b2:3c:43:37:f7:86:a3:
06:bd:54:ea:a9:94:e0:63:69:88:27:ba:6c:96:0e:54:af:e8:
ce:8f:2a:07:c0:92:3d:b4:3c:b7:da:fa:79:5c:d2:a6:10:39:
1e:44:90:52:5f:2e:4a:ba:28:58:d3:7c:81:d7:a7:b2:4f:cd:
41:7f:9c:4d:27:42:e4:b2:ec:52:d9:27:91:5f:29:6a:1f:44:
e3:81:a9:37:1c:4c:aa:dd:a4:f7:d2:cc:87:b9:1f:67:80:5f:
ee:28:de:c6:e0:d1:49:41:1f:92:38:5d:fc:56:6c:6d:23:4d:
3c:13:0e:8f:36:cf:20:5c:dc:01:f6:f1:a2:5a:ee:08:96:02:
c0:6e:66:e5:32:8b:05:32:bd:a4:ca:a4:94:79:93:9f:1e:b0:
27:2e:4d:f0
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY30a5j2GnVDrRD846APscX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjI5MTAzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTczYjM0OTgzYTBlYTAwZjFmNTFkN2ZhNDI1MGI1MTNmMDNmOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhFG2h9UEdBu4NWqt9zrgAClCTGv
mDQPAMTVGNuAWhsdLqytFNh/VqQqrFcSum8/SW4v/dkj7EFtCNLjSTrvEK/T8ZwV
5eEPIhqwBlPSVOF1ymzh0ckExg+P8dqr2Cu6oO2C/zDyxvRmqOgMtlcyVL5ZPR9y
63skxVfN017Qn/wZOUphXqYq7tgw7/u5L9rgLDKse8ZjQSFgzQ0LApWKIqoiRpXF
Dwg1xNjOPfbBAzEqFiQCvwMvOCVmOsIi6hXwhnBONyF48VTVvUsbzrpBawaCImlK
aNE7kJ0Prl1ZDH3Hp8/w+IQmbj15f1YO1BdRAUVkJd3LdDZ22hmrqtieRQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFDpzs0mDoOoA8fUdf6QlC1E/A/kpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT25PelNZT2c2Z0R4OVIxX3BDVUxVVDhELVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEArl5DAME
ALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmDAMAwQAudplAwQAudpm
AwQAud9MAwQAueECAwQAueEWAwQAueJpAwQAueJrAwQAueORAwQCueoUAwQCue7k
AwQBufB4AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQB18aNwV0/o8owybmiram1k
/wIB+1Ua6US8jQoZiwGQoeC1pgZrC5educ8SN5ZcrpuW02bv2bGI0ZLNae8QtDP6
2TnslOkCwPj34/vvIubwsPCTh5VM5JHrVXjIKGwfX1jA8fStzrI8Qzf3hqMGvVTq
qZTgY2mIJ7pslg5Ur+jOjyoHwJI9tDy32vp5XNKmEDkeRJBSXy5KuihY03yB16ey
T81Bf5xNJ0LksuxS2SeRXylqH0Tjgak3HEyq3aT30syHuR9ngF/uKN7G4NFJQR+S
OF38VmxtI008Ew6PNs8gXNwB9vGiWu4IlgLAbmblMosFMr2kyqSUeZOfHrAnLk3w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org