Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TSq1_YrKHmwUocA-qNhN5P9ixsY.roa
File: TSq1_YrKHmwUocA-qNhN5P9ixsY.roa (raw, json)
Hash identifier: CfaEwUOxHvlqnhGm60peBYQeBE1HIbKizb5waYBlgTw=
Subject key identifier: 4D:2A:B5:FD:8A:CA:1E:6C:14:A1:C0:3E:A8:D8:4D:E4:FF:62:C6:C6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187230A9EB29629D47417D6F8B70FAAA5F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TSq1_YrKHmwUocA-qNhN5P9ixsY.roa
Signing time: Mon 27 Mar 2023 12:28:31 +0000
ROA not before: Mon 27 Mar 2023 12:28:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.218.20.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 03 Apr 2023 10:45:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:0a:9e:b2:96:29:d4:74:17:d6:f8:b7:0f:aa:a5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 27 12:28:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2ab5fd8aca1e6c14a1c03ea8d84de4ff62c6c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:72:cf:4d:d9:6a:4d:7f:33:57:ef:14:57:
76:4c:7c:c3:96:0b:fa:67:22:b9:43:e8:5d:f9:4b:
9f:10:3e:a5:ad:79:9a:9f:b3:cf:4f:34:86:97:41:
77:e1:49:9c:38:58:54:9d:3e:85:6c:c2:c6:94:28:
71:c4:a3:4a:9f:62:47:56:d3:3a:f4:27:1d:c9:88:
36:01:55:73:17:92:77:bc:12:43:5f:c5:7b:b9:76:
b8:39:14:eb:16:a5:cd:f5:7a:ff:69:c2:6c:6c:1d:
fc:4f:50:b5:70:e0:71:26:55:9a:7f:56:1f:17:59:
5c:a2:22:bf:c2:c3:b8:b7:c0:3a:84:23:2d:ab:cf:
0b:d4:bc:15:0d:1d:cd:4d:fc:85:87:7f:34:14:5c:
7e:0e:7e:39:11:fc:ba:bf:ab:ef:71:61:1b:be:aa:
19:d2:b7:9b:c8:45:12:71:ab:f1:11:d3:72:f0:f8:
1b:36:f0:ea:9c:e6:8e:cc:ce:69:68:86:a1:a0:31:
fe:12:85:54:6e:e0:6b:e1:b8:b8:de:9f:ec:a9:32:
1b:4e:ec:7f:a5:73:38:10:09:93:4a:be:57:12:8c:
e0:6b:9e:d4:cf:3d:d5:09:bb:bd:99:88:b2:34:65:
03:d6:18:ef:38:80:94:28:9a:23:33:9c:28:26:32:
e4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2A:B5:FD:8A:CA:1E:6C:14:A1:C0:3E:A8:D8:4D:E4:FF:62:C6:C6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TSq1_YrKHmwUocA-qNhN5P9ixsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.218.20.0/24
185.225.0.0/23
Signature Algorithm: sha256WithRSAEncryption
17:b6:a7:ce:95:27:0f:a7:71:17:14:c6:f0:2d:ab:00:c1:08:
4b:7b:2d:76:db:7a:e8:aa:73:46:55:01:69:cf:c1:1e:de:b0:
10:c3:3f:e1:5e:56:95:a3:06:d2:4c:d2:4c:f7:63:ca:47:20:
24:6c:0b:6c:86:e9:22:01:cd:6e:e0:e1:b9:7e:e3:87:25:3c:
57:c7:53:67:30:c9:a4:46:b9:a2:8f:d4:e8:a3:d6:f5:b9:cb:
4f:8c:eb:ed:4c:04:95:18:5e:25:a0:8c:e5:74:61:72:5a:9a:
fd:6d:5e:b6:80:c5:9a:e7:27:55:b5:ac:6b:46:35:81:48:ed:
b3:86:e8:c7:36:21:f0:b6:3a:0e:62:9e:57:67:9b:f7:e6:ba:
b1:c0:74:2e:b2:f1:0d:47:fb:65:f9:3f:94:88:5d:e9:eb:d9:
33:9b:7c:31:33:73:2f:f4:21:0c:27:17:de:d4:eb:2c:59:7e:
82:eb:f9:10:c0:13:e0:29:f7:2d:3c:00:a8:6b:eb:11:da:5f:
c8:e5:80:64:ce:9b:08:74:30:81:68:40:4a:87:ca:06:7a:7b:
53:9c:5f:01:70:95:ba:a3:6e:97:b0:b1:fb:2d:a3:91:05:e5:
c6:ac:d4:38:4c:44:8e:38:a3:b6:ee:b4:a0:69:08:2c:33:a7:
b3:be:a0:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcjCp6ylinUdBfW+LcPqqXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMzI3MTIyODMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJhYjVmZDhhY2ExZTZjMTRhMWMwM2VhOGQ4NGRlNGZmNjJjNmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk5yz03Zak1/M1fvFFd2THzDlgv6
ZyK5Q+hd+UufED6lrXman7PPTzSGl0F34UmcOFhUnT6FbMLGlChxxKNKn2JHVtM6
9CcdyYg2AVVzF5J3vBJDX8V7uXa4ORTrFqXN9Xr/acJsbB38T1C1cOBxJlWaf1Yf
F1lcoiK/wsO4t8A6hCMtq88L1LwVDR3NTfyFh380FFx+Dn45Efy6v6vvcWEbvqoZ
0rebyEUScavxEdNy8PgbNvDqnOaOzM5paIahoDH+EoVUbuBr4bi43p/sqTIbTux/
pXM4EAmTSr5XEozga57Uzz3VCbu9mYiyNGUD1hjvOICUKJojM5woJjLk8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0qtf2Kyh5sFKHAPqjYTeT/YsbGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFNxMV9ZcktIbXdVb2NBLXFOaE41UDlpeHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZPgAwQA
udoUAwQBueEAMA0GCSqGSIb3DQEBCwUAA4IBAQAXtqfOlScPp3EXFMbwLasAwQhL
ey1223roqnNGVQFpz8Ee3rAQwz/hXlaVowbSTNJM92PKRyAkbAtshukiAc1u4OG5
fuOHJTxXx1NnMMmkRrmij9Too9b1uctPjOvtTASVGF4loIzldGFyWpr9bV62gMWa
5ydVtaxrRjWBSO2zhujHNiHwtjoOYp5XZ5v35rqxwHQusvENR/tl+T+UiF3p69kz
m3wxM3Mv9CEMJxfe1OssWX6C6/kQwBPgKfctPACoa+sR2l/I5YBkzpsIdDCBaEBK
h8oGentTnF8BcJW6o26XsLH7LaORBeXGrNQ4TESOOKO27rSgaQgsM6ezvqAP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org