Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TVbwgGJxIaUk3Z9IeREXz52Ncpo.roa
File: TVbwgGJxIaUk3Z9IeREXz52Ncpo.roa (raw, json)
Hash identifier: 9l5grS+skgtLsptKx4LxngzLS5dRmglEcSa+NjuS0C4=
Subject key identifier: 4D:56:F0:80:62:71:21:A5:24:DD:9F:48:79:11:17:CF:9D:8D:72:9A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189442F850826B084924C231DE3E87C8AB8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TVbwgGJxIaUk3Z9IeREXz52Ncpo.roa
Signing time: Tue 11 Jul 2023 09:01:52 +0000
ROA not before: Tue 11 Jul 2023 09:01:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.52.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 12 Jul 2023 10:40:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:2f:85:08:26:b0:84:92:4c:23:1d:e3:e8:7c:8a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 11 09:01:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d56f080627121a524dd9f48791117cf9d8d729a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:eb:01:51:2d:5c:28:02:5d:ae:ac:44:64:73:
80:d4:bb:a7:d7:30:07:38:01:be:1d:80:c0:f6:b3:
e2:9d:40:5d:c1:14:30:9e:8d:5b:11:03:91:d8:1c:
64:15:72:d5:38:f8:03:10:a7:51:b4:d7:ba:de:af:
b1:77:6c:f9:b5:9c:84:28:a2:1d:6e:1b:ce:12:97:
58:f9:c6:4d:1c:6c:0a:13:66:b5:78:9e:5c:a8:52:
05:7e:41:ba:7b:c7:69:56:0e:b3:d9:b5:7d:ab:10:
b2:38:0f:4e:fb:6e:f1:38:a8:98:bf:8a:1a:b9:93:
c5:a5:f9:74:54:c3:86:90:5d:c9:cd:9a:6a:44:5d:
40:e1:c2:2c:bd:f7:0b:e7:bc:e5:63:bd:51:df:c8:
89:a4:0c:f7:81:cf:43:2b:3e:ff:cf:07:fe:8f:b3:
7e:a9:de:24:74:cb:72:dd:10:b8:d6:05:2e:81:44:
32:b7:a8:78:9c:3c:c3:83:01:aa:78:35:36:91:44:
a8:50:26:36:6c:29:65:d2:43:27:7d:4a:e0:f6:fd:
c2:75:1a:d0:40:3b:0f:22:08:88:4a:61:f1:a1:d3:
7a:46:be:aa:eb:ab:4e:8f:cd:86:d4:b1:3e:d5:22:
58:83:16:44:76:7c:63:55:27:b3:5c:39:e9:2e:06:
3a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:56:F0:80:62:71:21:A5:24:DD:9F:48:79:11:17:CF:9D:8D:72:9A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TVbwgGJxIaUk3Z9IeREXz52Ncpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.210.233.0/24
185.225.0.0/23
185.230.52.0/24
185.251.229.0/24
193.58.145.0-193.58.147.255
Signature Algorithm: sha256WithRSAEncryption
be:65:da:6c:0f:14:5e:98:24:eb:56:01:4e:c5:32:c7:09:2c:
58:14:c3:35:78:9f:44:7b:08:a9:af:2f:28:ea:f2:60:e3:a5:
9c:5e:84:28:2a:29:95:7a:14:3f:ce:51:f5:89:d6:9f:c7:dc:
c3:ef:58:fe:51:97:b4:3a:91:fb:d2:45:21:91:65:02:65:fd:
4f:95:93:78:2e:5f:99:c8:ee:20:fd:b8:f0:55:f4:bd:82:3d:
64:a5:68:2a:1f:38:52:a1:73:c8:62:84:4d:39:b4:23:58:71:
89:27:96:b8:00:4c:ce:34:99:be:da:21:94:25:ee:d4:cd:58:
2f:c3:ff:13:1f:4f:70:84:09:4e:d5:5c:29:90:55:e6:04:72:
06:5a:d9:6f:88:d2:24:e1:c4:1a:e0:2b:d1:56:5f:d3:47:8f:
c5:7d:7e:75:d5:16:05:1a:99:19:29:27:c7:83:49:07:d4:47:
22:7e:7b:9b:74:27:95:96:a9:6b:13:55:90:5d:4f:28:34:90:
a4:9f:3e:ba:f7:fa:19:f3:c9:a1:4c:61:fb:99:3b:f4:f8:13:
88:69:79:f2:59:ca:61:5f:d2:49:44:97:7f:22:1e:77:12:b5:
ed:2d:42:3f:96:98:03:5b:00:5b:c4:f6:1a:22:b7:12:f5:17:
ca:45:c6:36
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYlEL4UIJrCEkkwjHePofIq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzExMDkwMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU2ZjA4MDYyNzEyMWE1MjRkZDlmNDg3OTExMTdjZjlkOGQ3MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiesBUS1cKAJdrqxEZHOA1Lun1zAH
OAG+HYDA9rPinUBdwRQwno1bEQOR2BxkFXLVOPgDEKdRtNe63q+xd2z5tZyEKKId
bhvOEpdY+cZNHGwKE2a1eJ5cqFIFfkG6e8dpVg6z2bV9qxCyOA9O+27xOKiYv4oa
uZPFpfl0VMOGkF3JzZpqRF1A4cIsvfcL57zlY71R38iJpAz3gc9DKz7/zwf+j7N+
qd4kdMty3RC41gUugUQyt6h4nDzDgwGqeDU2kUSoUCY2bCll0kMnfUrg9v3CdRrQ
QDsPIgiISmHxodN6Rr6q66tOj82G1LE+1SJYgxZEdnxjVSezXDnpLgY6PQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFE1W8IBicSGlJN2fSHkRF8+djXKaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFZid2dHSnhJYVVrM1o5SWVSRVh6NTJOY3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQgVAwQA
LZPgAwQAudLpAwQBueEAAwQAueY0AwQAufvlMAwDBADBOpEDBALBOpAwDQYJKoZI
hvcNAQELBQADggEBAL5l2mwPFF6YJOtWAU7FMscJLFgUwzV4n0R7CKmvLyjq8mDj
pZxehCgqKZV6FD/OUfWJ1p/H3MPvWP5Rl7Q6kfvSRSGRZQJl/U+Vk3guX5nI7iD9
uPBV9L2CPWSlaCofOFKhc8hihE05tCNYcYknlrgATM40mb7aIZQl7tTNWC/D/xMf
T3CECU7VXCmQVeYEcgZa2W+I0iThxBrgK9FWX9NHj8V9fnXVFgUamRkpJ8eDSQfU
RyJ+e5t0J5WWqWsTVZBdTyg0kKSfPrr3+hnzyaFMYfuZO/T4E4hpefJZymFf0klE
l38iHncSte0tQj+WmANbAFvE9hoitxL1F8pFxjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org