Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QenUcHLGlpqpLxc8DScB1nL5GHI.roa
File: QenUcHLGlpqpLxc8DScB1nL5GHI.roa (raw, json)
Hash identifier: eNDMVNxYddWjZS0hGWf1m/sJrUNFcIPiTGrllYw+YD8=
Subject key identifier: 41:E9:D4:70:72:C6:96:9A:A9:2F:17:3C:0D:27:01:D6:72:F9:18:72
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BD29EB20CA961861DFA9CA3822B57F5C8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QenUcHLGlpqpLxc8DScB1nL5GHI.roa
Signing time: Wed 15 Nov 2023 10:54:57 +0000
ROA not before: Wed 15 Nov 2023 10:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.222.30.0/23 maxlen: 24
185.206.250.0/24 maxlen: 24
45.90.16.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 20:14:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:9e:b2:0c:a9:61:86:1d:fa:9c:a3:82:2b:57:f5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 15 10:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e9d47072c6969aa92f173c0d2701d672f91872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:58:29:0e:2d:81:2e:0f:8d:28:d4:5b:f9:
e4:da:7e:9d:20:0a:87:6b:5d:12:5c:dd:a2:69:fd:
f6:35:e0:03:70:75:59:5c:bd:24:ae:95:aa:5a:28:
5e:d7:51:ad:27:cc:a0:cc:0c:f6:32:52:40:a4:9d:
2f:9f:6a:29:3a:af:ee:c9:59:00:aa:7a:4e:30:f7:
31:fb:24:17:88:96:81:98:33:00:a2:2e:33:d9:94:
12:dd:82:26:7d:4b:af:c7:9a:ff:19:42:61:90:54:
98:23:99:59:97:44:e6:c7:03:aa:29:86:bb:be:6e:
2e:30:00:4c:12:00:25:c2:eb:2e:29:89:80:10:37:
e2:a3:c3:dc:12:a2:cd:c9:12:a5:96:05:11:34:79:
3b:fc:ec:f9:cd:72:2f:3e:88:90:96:bb:a9:55:fd:
b6:65:5f:fc:de:b3:75:ef:64:23:e9:7d:0c:ba:97:
a6:a9:78:88:b2:ee:fc:a2:ce:be:de:ab:7b:c6:97:
44:a8:8e:f9:7c:cd:68:89:f6:00:a3:66:7b:28:d9:
aa:28:3e:06:1a:df:56:0d:99:f7:ba:01:85:c7:0d:
2b:20:47:c3:9f:a0:66:93:83:f7:de:e1:c0:17:d0:
38:47:4f:09:1f:b7:4b:6e:0a:0d:38:1d:14:21:1d:
6d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E9:D4:70:72:C6:96:9A:A9:2F:17:3C:0D:27:01:D6:72:F9:18:72
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QenUcHLGlpqpLxc8DScB1nL5GHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.90.16.0/24
45.147.224.0/24
185.206.250.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
43:55:17:43:51:76:7e:b3:85:65:b8:da:3e:3e:95:4d:43:fe:
b9:29:f6:2f:30:4e:54:e9:d2:79:21:8e:01:11:93:4f:13:88:
aa:53:3a:44:15:6d:a4:79:15:87:07:0e:4e:e4:1a:0f:b9:c2:
21:2a:1b:69:55:6b:b6:e5:6d:30:c9:f4:39:14:95:4f:56:dc:
ac:e9:21:47:26:69:55:e3:1f:1f:62:48:bc:b5:57:0b:77:d3:
de:7b:72:ee:ca:da:24:d2:52:82:6d:d9:dc:d0:aa:71:20:ce:
6c:58:b2:41:2c:e2:35:89:08:8d:9e:ae:a1:af:e6:9a:af:d1:
b1:62:9d:de:fb:e7:70:f8:ed:51:ce:fb:24:09:96:36:66:00:
6c:5c:e9:67:7d:d7:25:ae:5c:b8:a3:e2:3d:a9:6e:db:13:11:
b9:71:cb:2b:8c:c8:07:42:c9:de:ff:ec:cb:f5:72:7d:bf:1d:
e5:1f:ee:4b:76:b1:c6:71:1c:8e:a5:ac:11:e7:68:5b:ff:00:
d6:9b:0a:b6:01:15:d5:b8:86:50:16:57:02:f3:09:da:0f:06:
8d:89:da:99:3d:13:74:70:10:15:02:50:56:ed:30:92:8c:bf:
91:8e:22:94:4d:fa:f9:60:66:60:53:be:c6:30:f0:22:84:b7:
a9:ed:79:f8
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYvSnrIMqWGGHfqco4IrV/XIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE1MTA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU5ZDQ3MDcyYzY5NjlhYTkyZjE3M2MwZDI3MDFkNjcyZjkxODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtddYKQ4tgS4PjSjUW/nk2n6dIAqH
a10SXN2iaf32NeADcHVZXL0krpWqWihe11GtJ8ygzAz2MlJApJ0vn2opOq/uyVkA
qnpOMPcx+yQXiJaBmDMAoi4z2ZQS3YImfUuvx5r/GUJhkFSYI5lZl0TmxwOqKYa7
vm4uMABMEgAlwusuKYmAEDfio8PcEqLNyRKllgURNHk7/Oz5zXIvPoiQlrupVf22
ZV/83rN172Qj6X0MupemqXiIsu78os6+3qt7xpdEqI75fM1oifYAo2Z7KNmqKD4G
Gt9WDZn3ugGFxw0rIEfDn6Bmk4P33uHAF9A4R08JH7dLbgoNOB0UIR1tNwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEHp1HByxpaaqS8XPA0nAdZy+RhyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUWVuVWNITEdscHFwTHhjOERTY0Ixbkw1R0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQgVAwQA
LVoQAwQALZPgAwQAuc76AwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQAud9SAwQB
ueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBDVRdDUXZ+
s4VluNo+PpVNQ/65KfYvME5U6dJ5IY4BEZNPE4iqUzpEFW2keRWHBw5O5BoPucIh
KhtpVWu25W0wyfQ5FJVPVtys6SFHJmlV4x8fYki8tVcLd9Pee3Luytok0lKCbdnc
0KpxIM5sWLJBLOI1iQiNnq6hr+aar9GxYp3e++dw+O1RzvskCZY2ZgBsXOlnfdcl
rly4o+I9qW7bExG5ccsrjMgHQsne/+zL9XJ9vx3lH+5LdrHGcRyOpawR52hb/wDW
mwq2ARXVuIZQFlcC8wnaDwaNidqZPRN0cBAVAlBW7TCSjL+RjiKUTfr5YGZgU77G
MPAihLep7Xn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org