Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PAWRYbXiVIRMCJsQkBxrEV6SMpU.roa
File: PAWRYbXiVIRMCJsQkBxrEV6SMpU.roa (raw, json)
Hash identifier: TDTdk5jJg5KFjJ0rxPXNs+5UOdmQLUX1ESLhTRCFB/4=
Subject key identifier: 3C:05:91:61:B5:E2:54:84:4C:08:9B:10:90:1C:6B:11:5E:92:32:95
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ABE1AAB11A95C67845E1CEA91ACBF0865
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PAWRYbXiVIRMCJsQkBxrEV6SMpU.roa
Signing time: Fri 22 Sep 2023 18:15:33 +0000
ROA not before: Fri 22 Sep 2023 18:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 10:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:be:1a:ab:11:a9:5c:67:84:5e:1c:ea:91:ac:bf:08:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 22 18:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c059161b5e254844c089b10901c6b115e923295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:32:d8:e4:35:81:19:a6:7c:75:9a:78:83:a7:
89:11:c7:a9:0f:6c:cf:d9:f6:28:cf:ad:9a:c0:f0:
37:a8:53:ac:9e:8a:48:e6:b3:92:97:fc:fa:19:97:
1c:f2:7e:78:8a:1d:10:3a:97:b7:be:f6:ca:d7:61:
71:c6:45:2e:af:6b:99:9e:0c:20:aa:04:5d:b1:72:
64:e2:bc:13:f3:f9:e4:c3:ca:42:08:b8:1c:3d:59:
ec:64:d1:3d:6d:63:2e:4f:2d:de:53:e9:31:a5:6d:
6a:a7:2a:d9:ff:51:14:37:d0:e2:ec:67:22:00:f8:
33:0d:4a:fe:57:d7:00:89:e3:be:3e:06:33:d6:4c:
9e:c6:29:fe:6d:b7:c8:94:26:70:da:b9:04:e3:3a:
37:85:bb:ec:a9:81:4b:28:06:60:59:65:f0:5c:56:
4d:52:e7:84:84:f1:d1:50:b2:c3:ac:47:dd:86:83:
08:8d:3d:92:8c:8d:a1:c9:ef:bb:1e:5f:03:19:6d:
f1:8f:82:9c:b7:0e:4a:6a:6c:fc:ba:44:b1:33:2d:
1e:d9:2f:5b:7d:84:82:8a:88:41:4b:33:f1:b9:48:
4c:f4:d1:b5:5a:2f:13:2a:e7:50:eb:7d:c9:5c:df:
08:a1:db:de:96:5e:ee:99:82:21:32:3a:dd:3c:82:
a2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:05:91:61:B5:E2:54:84:4C:08:9B:10:90:1C:6B:11:5E:92:32:95
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PAWRYbXiVIRMCJsQkBxrEV6SMpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
176.125.248.0/24
185.126.82.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
44:22:42:80:3d:c6:b0:76:7b:21:8d:11:d7:d3:86:a2:6d:cf:
7f:58:80:9a:fa:f0:63:52:c7:60:47:69:06:2b:89:45:bc:5f:
61:e4:85:ca:3c:ca:cc:0b:9a:e5:39:eb:71:db:ff:76:57:87:
c2:4c:17:5b:15:be:1e:4c:ae:44:07:e4:7a:80:3b:8c:bf:66:
2d:f6:5f:c7:fd:7d:b7:54:f9:c9:1c:38:ce:b2:00:ba:55:09:
40:6b:a9:a0:67:01:61:51:9a:95:4b:3e:44:18:33:64:f9:eb:
6e:6a:89:75:35:83:60:a4:b3:69:ce:fe:61:bc:ae:b5:8a:52:
4c:ed:f1:bf:38:07:17:2b:fb:67:93:25:3e:39:98:c3:27:4d:
f8:11:32:a4:ab:01:bb:fe:6d:8c:9a:42:0b:67:57:ad:c8:11:
25:0c:8b:dc:cd:50:f1:db:30:c3:74:0d:dd:b2:1a:c8:cb:bd:
18:85:66:5d:7d:98:e0:f0:20:9f:ad:4b:af:ed:02:8e:bd:a2:
76:a1:29:b8:b4:e6:6a:e9:a4:a1:b7:dd:4d:9a:b6:fd:e6:00:
6e:6f:e5:5a:95:c2:02:6e:03:6e:f3:69:ba:c3:ec:c1:5e:40:
99:8d:40:5a:a9:9b:11:bf:7c:f7:d8:c2:81:05:04:d3:50:57:
89:28:cb:9c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYq+GqsRqVxnhF4c6pGsvwhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTIyMTgxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA1OTE2MWI1ZTI1NDg0NGMwODliMTA5MDFjNmIxMTVlOTIzMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzLY5DWBGaZ8dZp4g6eJEcepD2zP
2fYoz62awPA3qFOsnopI5rOSl/z6GZcc8n54ih0QOpe3vvbK12FxxkUur2uZngwg
qgRdsXJk4rwT8/nkw8pCCLgcPVnsZNE9bWMuTy3eU+kxpW1qpyrZ/1EUN9Di7Gci
APgzDUr+V9cAieO+PgYz1kyexin+bbfIlCZw2rkE4zo3hbvsqYFLKAZgWWXwXFZN
UueEhPHRULLDrEfdhoMIjT2SjI2hye+7Hl8DGW3xj4Kctw5Kamz8ukSxMy0e2S9b
fYSCiohBSzPxuUhM9NG1Wi8TKudQ633JXN8Iodvell7umYIhMjrdPIKiMQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDwFkWG14lSETAibEJAcaxFekjKVMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUEFXUlliWGlWSVJNQ0pzUWtCeHJFVjZTTXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQAsH34AwQAuX5SAwQAud9QAwQBueEAAwQAueEWAwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQBEIkKAPcawdnshjRHX04aibc9/WICa+vBjUsdgR2kG
K4lFvF9h5IXKPMrMC5rlOetx2/92V4fCTBdbFb4eTK5EB+R6gDuMv2Yt9l/H/X23
VPnJHDjOsgC6VQlAa6mgZwFhUZqVSz5EGDNk+etuaol1NYNgpLNpzv5hvK61ilJM
7fG/OAcXK/tnkyU+OZjDJ034ETKkqwG7/m2MmkILZ1etyBElDIvczVDx2zDDdA3d
shrIy70YhWZdfZjg8CCfrUuv7QKOvaJ2oSm4tOZq6aSht91Nmrb95gBub+ValcIC
bgNu82m6w+zBXkCZjUBaqZsRv3z32MKBBQTTUFeJKMuc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org