Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SZcHMOwNFgo1FYrIDX7MIv-3XO8.roa
File: SZcHMOwNFgo1FYrIDX7MIv-3XO8.roa (raw, json)
Hash identifier: U5wsuQ2E9d9iKBd+BSLCCmm+w7aGlHZ3xJquDsoogpk=
Subject key identifier: 49:97:07:30:EC:0D:16:0A:35:15:8A:C8:0D:7E:CC:22:FF:B7:5C:EF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188C51236EA7034AED0642D4593F16C360B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SZcHMOwNFgo1FYrIDX7MIv-3XO8.roa
Signing time: Fri 16 Jun 2023 16:38:05 +0000
ROA not before: Fri 16 Jun 2023 16:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.20.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 19 Jun 2023 11:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c5:12:36:ea:70:34:ae:d0:64:2d:45:93:f1:6c:36:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 16 16:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49970730ec0d160a35158ac80d7ecc22ffb75cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:98:37:13:ab:50:2a:71:c9:32:e2:d8:e9:
88:49:ec:80:15:af:11:1a:ef:36:6e:47:8e:b1:a5:
8d:ec:49:72:fe:c8:10:94:4d:21:73:68:cc:52:11:
5f:94:81:e7:7f:f1:6c:a3:43:af:f4:32:bd:c5:0a:
62:10:d3:3e:0e:0f:2a:ad:cf:f8:f6:03:15:54:fc:
66:4e:c8:cc:5a:12:6c:3d:ac:d1:b3:92:fd:e2:76:
33:72:d9:9c:21:e2:90:8a:12:43:81:b7:6a:71:50:
6c:c7:bd:12:2e:9e:28:3f:5a:ee:17:38:4a:ae:6c:
56:0d:07:a2:2d:68:85:12:1a:9c:78:01:7e:47:e6:
ff:9d:a3:7c:4a:50:30:f8:78:c9:bc:87:3a:e9:ab:
d3:61:13:f3:a9:33:0a:dc:43:6e:de:c6:17:20:2c:
de:cd:df:db:47:00:88:00:d6:63:c2:d6:8e:e8:42:
cd:55:16:23:7b:3a:3f:70:fb:30:5d:12:fd:e8:02:
2c:2b:11:3a:f8:04:b2:8d:40:2f:df:25:99:34:14:
34:24:df:5e:38:d3:7d:58:78:93:0e:01:8d:d7:34:
bc:7b:fa:91:53:34:9f:f1:80:a6:c1:da:4d:3a:b6:
7c:91:2f:86:88:27:51:c0:8a:b8:d3:cb:2c:00:d5:
56:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:97:07:30:EC:0D:16:0A:35:15:8A:C8:0D:7E:CC:22:FF:B7:5C:EF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/SZcHMOwNFgo1FYrIDX7MIv-3XO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.225.0.0/23
185.225.20.0/24
185.246.112.0/24
193.58.145.0-193.58.147.255
194.147.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:db:01:58:ec:a1:21:5b:03:06:d5:a2:db:af:f7:16:cc:c2:
ef:88:79:e4:47:0a:67:c4:3b:82:32:f4:6d:61:d1:f4:34:f7:
2d:cf:15:fc:23:57:f1:2b:e6:d9:43:21:1c:60:3e:00:c2:52:
ac:41:4b:b2:37:8d:15:5c:6e:5d:74:09:6e:60:ef:48:d5:df:
1e:c1:08:0a:17:7f:9d:78:89:e5:9e:ce:4f:6a:5e:5c:2b:df:
26:92:35:c4:68:d3:0a:39:e7:15:8c:65:df:af:f4:ce:6f:34:
7a:ea:21:d7:d0:52:6d:60:f9:3f:d7:fe:fc:b0:a1:03:c6:e4:
e0:43:be:c6:38:42:13:07:54:e2:3e:46:9b:b9:ca:92:67:b6:
51:d0:18:00:5d:c4:84:95:87:90:ec:50:55:6d:4d:65:53:22:
60:47:e0:b4:e5:aa:61:20:b9:63:d7:0f:5b:2e:3a:f5:03:c8:
7a:ce:e8:d7:81:80:53:cc:22:6f:d9:2f:1b:9f:8d:58:cf:4a:
0b:7f:70:32:98:da:ad:a2:1e:10:ce:52:c7:a8:6d:82:3b:f3:
17:d4:57:17:1e:7b:da:40:a2:0b:c4:ac:c9:1b:df:75:2a:52:
e1:e8:bb:7d:45:64:ca:2e:ac:44:51:3a:4f:a8:7c:61:36:2c:
fe:a4:f2:b7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYjFEjbqcDSu0GQtRZPxbDYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE2MTYzODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTk3MDczMGVjMGQxNjBhMzUxNThhYzgwZDdlY2MyMmZmYjc1Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiWYNxOrUCpxyTLi2OmISeyAFa8R
Gu82bkeOsaWN7Ely/sgQlE0hc2jMUhFflIHnf/Fso0Ov9DK9xQpiENM+Dg8qrc/4
9gMVVPxmTsjMWhJsPazRs5L94nYzctmcIeKQihJDgbdqcVBsx70SLp4oP1ruFzhK
rmxWDQeiLWiFEhqceAF+R+b/naN8SlAw+HjJvIc66avTYRPzqTMK3ENu3sYXICze
zd/bRwCIANZjwtaO6ELNVRYjezo/cPswXRL96AIsKxE6+ASyjUAv3yWZNBQ0JN9e
ONN9WHiTDgGN1zS8e/qRUzSf8YCmwdpNOrZ8kS+GiCdRwIq408ssANVW7wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEmXBzDsDRYKNRWKyA1+zCL/t1zvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvU1pjSE1Pd05GZ28xRllySURYN01Jdi0zWE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQgVAwQA
LZPgAwQBueEAAwQAueEUAwQAufZwMAwDBADBOpEDBALBOpADBAHCkxAwDQYJKoZI
hvcNAQELBQADggEBAKLbAVjsoSFbAwbVotuv9xbMwu+IeeRHCmfEO4Iy9G1h0fQ0
9y3PFfwjV/Er5tlDIRxgPgDCUqxBS7I3jRVcbl10CW5g70jV3x7BCAoXf514ieWe
zk9qXlwr3yaSNcRo0wo55xWMZd+v9M5vNHrqIdfQUm1g+T/X/vywoQPG5OBDvsY4
QhMHVOI+Rpu5ypJntlHQGABdxISVh5DsUFVtTWVTImBH4LTlqmEguWPXD1suOvUD
yHrO6NeBgFPMIm/ZLxufjVjPSgt/cDKY2q2iHhDOUseobYI78xfUVxcee9pAogvE
rMkb33UqUuHou31FZMourERROk+ofGE2LP6k8rc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org