Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R3adzreBd8Pahn5ytzPegVqXo0o.roa
File: R3adzreBd8Pahn5ytzPegVqXo0o.roa (raw, json)
Hash identifier: qk6goeK5bJ0wk+9yKOnyS/PSijCvb/SaKrO2hs3g2/k=
Subject key identifier: 47:76:9D:CE:B7:81:77:C3:DA:86:7E:72:B7:33:DE:81:5A:97:A3:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E9B7E3C4EF530F2E4DBECCC84CF1E2DBE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R3adzreBd8Pahn5ytzPegVqXo0o.roa
Signing time: Mon 01 Apr 2024 21:08:45 +0000
ROA not before: Mon 01 Apr 2024 21:08:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.81.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.234.20.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 10:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:7e:3c:4e:f5:30:f2:e4:db:ec:cc:84:cf:1e:2d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 1 21:08:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47769dceb78177c3da867e72b733de815a97a34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a6:91:18:dc:ef:56:82:cf:5d:1f:a3:cc:36:
d5:1f:53:f7:83:f7:a5:ae:bd:0d:cf:ae:a6:9c:01:
2a:ae:22:49:f3:74:f4:cf:fb:7d:14:5d:2b:d9:a1:
b1:ed:87:bd:2d:4e:5a:18:f3:1e:da:ef:52:d7:5a:
cd:9b:55:47:e2:d8:10:c5:84:77:5f:f3:83:2d:a9:
01:ce:63:c5:90:b9:ed:46:d2:9b:f0:88:65:fc:eb:
d0:87:5b:4f:d0:c9:34:8a:d1:24:62:59:98:08:3d:
6c:56:a6:d6:f5:ee:07:16:27:e5:d6:cc:f2:f6:78:
58:5f:e6:0a:e5:db:50:17:34:27:0d:b9:c6:f1:e9:
84:6f:d7:84:c0:34:92:7d:70:5b:ae:3a:f5:69:86:
51:35:c4:3e:6e:1c:bc:23:89:6e:a3:fb:ce:95:dd:
3b:ae:ee:e4:14:17:36:e3:9e:27:97:79:dd:5d:72:
21:d5:12:a0:a6:92:df:68:ec:3e:0e:e2:b9:17:6a:
bd:a2:02:95:17:ba:49:32:61:60:10:14:c7:7e:61:
13:00:9c:08:49:e1:9d:ee:04:a5:e8:8b:30:fc:e1:
3e:d2:60:c3:83:33:ec:fd:84:c8:e5:af:37:ba:5e:
90:ab:17:32:0d:6a:54:dd:be:c8:16:cf:b8:82:91:
f3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:76:9D:CE:B7:81:77:C3:DA:86:7E:72:B7:33:DE:81:5A:97:A3:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R3adzreBd8Pahn5ytzPegVqXo0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.81.0-185.126.82.255
185.214.100.0/24
185.220.250.0/23
185.223.81.0-185.223.82.255
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.234.20.0/24
185.246.113.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
58:a9:ad:5d:85:e6:b9:09:e3:4a:ee:e5:e6:e4:15:fe:d4:7f:
34:76:26:9e:96:3e:71:97:75:9f:f8:35:f8:a5:54:fc:bd:1e:
78:eb:bb:5b:4f:6d:b9:f2:30:82:f6:57:cc:4b:3d:9d:ee:15:
12:37:e8:29:a0:f0:71:e2:03:e1:ca:5b:58:ce:8c:a6:51:a2:
c8:95:b0:d1:c8:c5:e9:12:e5:17:a4:eb:a8:5d:5a:f6:23:7d:
37:02:be:4d:ef:5e:24:dc:5b:72:17:16:fa:96:cf:b8:11:e9:
a7:0e:4f:6a:8c:42:9c:99:47:01:f3:f7:2f:e0:cb:d6:e2:f2:
49:0c:9b:e5:84:a5:14:d7:e4:e7:6d:a2:ab:87:3a:02:83:a8:
a1:e8:1e:8b:a7:0f:d4:56:37:a1:8f:94:ef:0c:20:a7:8e:fc:
a2:d1:b1:1a:57:ba:5c:1f:b5:69:49:75:27:e2:93:3d:15:b6:
81:47:11:5f:7a:88:e2:93:0f:60:eb:58:4f:8c:dc:5a:5c:26:
45:a4:5a:6b:23:1b:56:c4:ba:80:ae:1c:c4:98:69:fc:e8:ed:
b6:08:ff:b5:bc:ad:2d:2b:d8:9e:e6:f2:78:b7:a5:96:63:43:
00:7c:23:1e:05:e9:1b:e7:f7:c7:49:cf:cb:30:0f:03:ad:2a:
83:1c:8e:8c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY6bfjxO9TDy5NvszITPHi2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAxMjEwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzc2OWRjZWI3ODE3N2MzZGE4NjdlNzJiNzMzZGU4MTVhOTdhMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaaRGNzvVoLPXR+jzDbVH1P3g/el
rr0Nz66mnAEqriJJ83T0z/t9FF0r2aGx7Ye9LU5aGPMe2u9S11rNm1VH4tgQxYR3
X/ODLakBzmPFkLntRtKb8Ihl/OvQh1tP0Mk0itEkYlmYCD1sVqbW9e4HFifl1szy
9nhYX+YK5dtQFzQnDbnG8emEb9eEwDSSfXBbrjr1aYZRNcQ+bhy8I4luo/vOld07
ru7kFBc2454nl3ndXXIh1RKgppLfaOw+DuK5F2q9ogKVF7pJMmFgEBTHfmETAJwI
SeGd7gSl6Isw/OE+0mDDgzPs/YTI5a83ul6QqxcyDWpU3b7IFs+4gpHzfQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFEd2nc63gXfD2oZ+crcz3oFal6NKMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUjNhZHpyZUJkOFBhaG41eXR6UGVnVnFYbzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQALQgVMAwD
BAC5flEDBAC5flIDBAC51mQDBAG53PowDAMEALnfUQMEALnfUgMEAbnhAAMEALni
aAMEAbnjkgMEALnqFAMEALn2cQMEAcE6kjANBgkqhkiG9w0BAQsFAAOCAQEAWKmt
XYXmuQnjSu7l5uQV/tR/NHYmnpY+cZd1n/g1+KVU/L0eeOu7W09tufIwgvZXzEs9
ne4VEjfoKaDwceID4cpbWM6MplGiyJWw0cjF6RLlF6TrqF1a9iN9NwK+Te9eJNxb
chcW+pbPuBHppw5PaoxCnJlHAfP3L+DL1uLySQyb5YSlFNfk522iq4c6AoOooege
i6cP1FY3oY+U7wwgp478otGxGle6XB+1aUl1J+KTPRW2gUcRX3qI4pMPYOtYT4zc
WlwmRaRaayMbVsS6gK4cxJhp/Ojttgj/tbytLSvYnubyeLellmNDAHwjHgXpG+f3
x0nPyzAPA60qgxyOjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org