Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TXj__3dkoWOMPzS5Hk0wp-GOwoE.roa
File: TXj__3dkoWOMPzS5Hk0wp-GOwoE.roa (raw, json)
Hash identifier: pAvOlYswfY1o6/9tZt0g28XlTadCe0Ey3r/Iz63lp6I=
Subject key identifier: 4D:78:FF:FF:77:64:A1:63:8C:3F:34:B9:1E:4D:30:A7:E1:8E:C2:81
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AF0F0425BF5BA947DDAEEEC6C21E4ED1E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TXj__3dkoWOMPzS5Hk0wp-GOwoE.roa
Signing time: Mon 02 Oct 2023 15:09:52 +0000
ROA not before: Mon 02 Oct 2023 15:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.230.52.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Oct 2023 09:41:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:f0:42:5b:f5:ba:94:7d:da:ee:ec:6c:21:e4:ed:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 2 15:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d78ffff7764a1638c3f34b91e4d30a7e18ec281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:29:38:1d:98:6c:49:ee:b5:41:8a:62:18:f7:
40:56:ef:14:70:b6:76:15:0f:ba:00:8a:ef:0b:11:
10:e0:4b:70:e9:eb:bf:46:af:b6:5c:56:cd:f2:04:
7f:be:75:5b:b3:7d:e5:9a:dd:bb:9f:e8:f7:94:cd:
51:90:6a:af:90:a3:27:fc:cf:f5:95:6b:ca:e9:82:
40:d5:6c:03:82:34:72:38:c1:92:21:40:26:3e:b3:
9f:7d:cc:b7:c6:98:d9:15:8c:a1:ea:06:c6:fd:45:
9f:44:b7:af:ff:91:9e:ee:7b:37:30:a8:28:1e:15:
bf:cd:c3:ae:0d:4a:f0:8e:56:f7:bd:40:40:61:d8:
36:06:be:38:99:fd:2c:39:eb:72:c7:0f:3d:e2:74:
0d:4d:e3:4c:de:50:62:62:9a:c2:ab:16:2a:f6:a4:
bf:2c:c0:e8:f4:7e:4e:f7:9f:43:c3:b1:9e:dd:f9:
30:e4:61:f0:c1:8a:af:85:de:ee:dd:98:7f:a0:4f:
9f:34:4b:04:35:87:14:e7:d9:8e:68:3c:0f:dd:7b:
7b:2a:89:5c:13:9f:05:f2:4a:88:64:d6:1b:9d:3f:
17:e5:27:fb:20:23:a8:a5:f3:27:fd:46:a0:53:bd:
ae:49:58:e8:5f:9e:bd:b7:e7:38:df:d4:36:48:f3:
dd:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:78:FF:FF:77:64:A1:63:8C:3F:34:B9:1E:4D:30:A7:E1:8E:C2:81
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TXj__3dkoWOMPzS5Hk0wp-GOwoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.230.52.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:df:92:3f:c3:a0:71:b4:98:67:17:00:06:02:9c:75:18:e6:
d0:22:28:5b:7e:75:07:94:d0:29:25:cc:29:56:37:28:09:96:
50:1f:47:ac:27:af:89:c3:8a:4e:e8:96:ea:84:cd:40:82:24:
96:56:1c:28:20:07:99:f6:ec:38:6a:05:13:31:24:01:56:c2:
2c:f0:aa:44:2a:6c:ca:ac:f7:f0:c4:20:b9:bc:6e:09:95:84:
9d:52:14:dd:b1:96:7c:56:37:15:77:5f:b9:e1:57:07:83:6f:
1f:3c:a2:85:89:82:72:af:7b:5f:f4:ae:df:4d:23:cc:d1:52:
cd:b0:b5:3c:12:e1:0d:c2:75:39:24:0d:75:90:bd:5c:4d:dc:
41:a7:8e:24:4a:cf:3e:f6:f9:93:cf:a7:d8:7f:3f:84:e4:f1:
f0:c6:ba:1d:8f:e4:32:0a:cf:32:c3:0b:0c:bd:27:c5:54:55:
a2:b7:d6:c1:6e:9c:6d:05:00:11:80:dd:d8:a9:6c:b6:9d:8d:
8d:c5:8d:e4:bb:8f:45:d7:69:95:c5:63:dd:bb:4e:15:00:40:
bf:84:af:ca:59:a7:1a:18:91:4f:a1:c9:6a:fd:b4:e7:e5:6f:
f3:af:50:96:f0:c8:8c:b3:11:c1:50:eb:af:c7:94:4f:0d:60:
99:43:38:98
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrw8EJb9bqUfdru7Gwh5O0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDAyMTUwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc4ZmZmZjc3NjRhMTYzOGMzZjM0YjkxZTRkMzBhN2UxOGVjMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCk4HZhsSe61QYpiGPdAVu8UcLZ2
FQ+6AIrvCxEQ4Etw6eu/Rq+2XFbN8gR/vnVbs33lmt27n+j3lM1RkGqvkKMn/M/1
lWvK6YJA1WwDgjRyOMGSIUAmPrOffcy3xpjZFYyh6gbG/UWfRLev/5Ge7ns3MKgo
HhW/zcOuDUrwjlb3vUBAYdg2Br44mf0sOetyxw894nQNTeNM3lBiYprCqxYq9qS/
LMDo9H5O959Dw7Ge3fkw5GHwwYqvhd7u3Zh/oE+fNEsENYcU59mOaDwP3Xt7Kolc
E58F8kqIZNYbnT8X5Sf7ICOopfMn/UagU72uSVjoX569t+c439Q2SPPdawIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE14//93ZKFjjD80uR5NMKfhjsKBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFhqX18zZGtvV09NUHpTNUhrMHdwLUdPd29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAueY0AwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQDE35I/w6BxtJhnFwAGApx1GObQIihbfnUHlNApJcwp
VjcoCZZQH0esJ6+Jw4pO6JbqhM1AgiSWVhwoIAeZ9uw4agUTMSQBVsIs8KpEKmzK
rPfwxCC5vG4JlYSdUhTdsZZ8VjcVd1+54VcHg28fPKKFiYJyr3tf9K7fTSPM0VLN
sLU8EuENwnU5JA11kL1cTdxBp44kSs8+9vmTz6fYfz+E5PHwxrodj+QyCs8ywwsM
vSfFVFWit9bBbpxtBQARgN3YqWy2nY2NxY3ku49F12mVxWPdu04VAEC/hK/KWaca
GJFPoclq/bTn5W/zr1CW8MiMsxHBUOuvx5RPDWCZQziY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org