Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TaF4dcRjzgmgCseiimdN9FlOTgQ.roa
File: TaF4dcRjzgmgCseiimdN9FlOTgQ.roa (raw, json)
Hash identifier: QCDyc7cSzGuCdOMxkrvdOlho6K7LzchvobCykBpIj6s=
Subject key identifier: 4D:A1:78:75:C4:63:CE:09:A0:0A:C7:A2:8A:67:4D:F4:59:4E:4E:04
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01900BC7FF4DEF5909EC3AC2D708C9C0E8E6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TaF4dcRjzgmgCseiimdN9FlOTgQ.roa
Signing time: Wed 12 Jun 2024 09:29:34 +0000
ROA not before: Wed 12 Jun 2024 09:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 12:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:c7:ff:4d:ef:59:09:ec:3a:c2:d7:08:c9:c0:e8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 12 09:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4da17875c463ce09a00ac7a28a674df4594e4e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:24:8b:89:7a:f5:ba:06:5d:c2:c4:05:6b:d1:
0e:72:ed:18:02:3c:fe:8e:08:32:47:a3:35:b7:7d:
58:8f:0b:32:89:88:86:16:7a:b8:2b:d0:4b:ee:df:
69:02:e2:57:5c:82:d0:5b:16:3c:2e:6a:40:27:20:
57:f3:bf:24:6a:9f:fd:39:78:79:4e:74:83:4a:5d:
e2:66:e8:b4:bd:2b:65:5b:be:e2:41:a8:7a:ac:da:
39:1f:84:22:3e:95:51:b9:78:6e:83:d0:95:84:67:
bd:cb:47:5b:5c:c2:98:df:92:5f:48:ca:9f:b0:fb:
de:96:b2:47:a8:c4:9a:6b:a9:92:01:85:16:20:68:
0f:ce:ad:5a:96:32:26:d0:c1:bb:16:17:0e:0e:87:
21:d7:e0:44:88:8f:da:b1:66:62:7c:1c:cc:c6:48:
2f:38:c2:03:31:2b:5a:70:75:22:54:1c:51:f9:4e:
95:fc:0a:2c:81:90:18:7b:8b:e4:81:31:f8:0c:c9:
e6:8f:c7:78:dc:94:36:72:8d:07:2c:ba:64:35:8f:
3a:3f:e4:bc:4e:42:3e:f6:81:85:8c:6a:a2:8d:6e:
ef:9c:c0:ce:e7:5b:72:4e:8f:ba:88:f6:3a:8e:8a:
71:d1:90:64:e7:9e:a6:7e:a0:12:fc:55:da:03:f8:
79:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A1:78:75:C4:63:CE:09:A0:0A:C7:A2:8A:67:4D:F4:59:4E:4E:04
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TaF4dcRjzgmgCseiimdN9FlOTgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:66:26:d2:dc:79:d5:9b:25:64:b7:4d:c9:2f:2e:52:89:b5:
56:dd:69:f0:ce:8c:6a:4e:e1:1c:72:61:2a:e3:d9:9c:8d:49:
06:f6:75:07:ba:ca:e0:4b:7a:b8:e5:65:5e:ad:47:f3:73:76:
d2:c9:09:bb:a8:b9:c9:ec:94:e1:3f:ed:af:bc:be:fe:23:82:
aa:8d:3e:86:c8:47:4d:7c:d0:fe:1a:99:c2:7a:df:e0:a4:94:
04:54:82:6c:34:be:b5:ee:d1:f5:2c:56:b5:31:34:9c:11:84:
df:5d:4d:35:4e:46:b0:4c:47:b5:9d:b7:e6:2e:7e:fe:58:dc:
f5:c2:1c:d5:b1:86:ee:26:f4:0b:6a:e7:7c:3e:43:e8:f6:63:
97:0c:b7:8c:05:a7:59:cf:df:9e:bd:07:d8:30:c1:f8:ae:fa:
ff:9d:f6:eb:71:34:0d:8c:1b:f2:b5:69:00:cd:81:e6:36:86:
80:35:70:25:bf:8c:a6:d3:8b:03:05:9d:75:d6:ba:57:2f:cd:
3f:3a:08:be:47:c7:95:fa:d2:b7:25:3c:9f:4a:c7:da:0a:ee:
68:a2:df:6e:11:70:dc:e7:c0:87:e3:40:04:ca:dc:14:22:72:
d6:1b:84:5c:a2:71:45:4f:5d:6f:52:a4:e5:e0:6f:da:e1:a4:
de:67:08:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZALx/9N71kJ7DrC1wjJwOjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjEyMDkyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGExNzg3NWM0NjNjZTA5YTAwYWM3YTI4YTY3NGRmNDU5NGU0ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCSLiXr1ugZdwsQFa9EOcu0YAjz+
jggyR6M1t31YjwsyiYiGFnq4K9BL7t9pAuJXXILQWxY8LmpAJyBX878kap/9OXh5
TnSDSl3iZui0vStlW77iQah6rNo5H4QiPpVRuXhug9CVhGe9y0dbXMKY35JfSMqf
sPvelrJHqMSaa6mSAYUWIGgPzq1aljIm0MG7FhcODoch1+BEiI/asWZifBzMxkgv
OMIDMStacHUiVBxR+U6V/AosgZAYe4vkgTH4DMnmj8d43JQ2co0HLLpkNY86P+S8
TkI+9oGFjGqijW7vnMDO51tyTo+6iPY6jopx0ZBk556mfqAS/FXaA/h5RwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE2heHXEY84JoArHoopnTfRZTk4EMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVGFGNGRjUmp6Z21nQ3NlaWltZE45RmxPVGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVoTAwQA
uSTMAwQAuc74AwQBufB4AwQAufZzMA0GCSqGSIb3DQEBCwUAA4IBAQANZibS3HnV
myVkt03JLy5SibVW3WnwzoxqTuEccmEq49mcjUkG9nUHusrgS3q45WVerUfzc3bS
yQm7qLnJ7JThP+2vvL7+I4KqjT6GyEdNfND+GpnCet/gpJQEVIJsNL617tH1LFa1
MTScEYTfXU01TkawTEe1nbfmLn7+WNz1whzVsYbuJvQLaud8PkPo9mOXDLeMBadZ
z9+evQfYMMH4rvr/nfbrcTQNjBvytWkAzYHmNoaANXAlv4ym04sDBZ111rpXL80/
Ogi+R8eV+tK3JTyfSsfaCu5oot9uEXDc58CH40AEytwUInLWG4RconFFT11vUqTl
4G/a4aTeZwhc
-----END CERTIFICATE-----
Generated at Mon Oct 14 13:08:43 2024 by rpki-client on console-fra.rpki-client.org