Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UR1dXj7kEQJ84GnbwirBlakOZ_I.roa
File: UR1dXj7kEQJ84GnbwirBlakOZ_I.roa (raw, json)
Hash identifier: QrxsTjDqV7Bgp5xLC2G1fCxLJ8NYalUorDavPEY9jWo=
Subject key identifier: 51:1D:5D:5E:3E:E4:11:02:7C:E0:69:DB:C2:2A:C1:95:A9:0E:67:F2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187E1619B9E99C986B1C1504022E2AC8EFF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UR1dXj7kEQJ84GnbwirBlakOZ_I.roa
Signing time: Wed 03 May 2023 11:31:23 +0000
ROA not before: Wed 03 May 2023 11:31:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.238.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 12:05:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:61:9b:9e:99:c9:86:b1:c1:50:40:22:e2:ac:8e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 3 11:31:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=511d5d5e3ee411027ce069dbc22ac195a90e67f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6c:f4:a6:63:45:17:24:01:89:34:f9:41:b0:
c7:24:f5:9f:64:66:36:c1:b1:84:97:31:10:a0:5d:
76:bb:20:9e:fd:22:7e:13:a7:84:d0:a3:75:f2:23:
67:7b:4f:17:87:0f:e9:3a:df:ed:5c:78:a5:a8:86:
87:f4:1f:b4:0c:da:14:e6:b9:fb:78:59:ab:63:63:
f1:a2:b5:58:4e:88:d3:1c:bc:ec:32:ac:81:09:85:
8a:d5:81:a2:cf:cd:16:71:be:74:78:0f:55:23:d4:
6e:88:72:f3:2d:43:fa:4d:b3:4b:4e:20:70:83:23:
a8:a1:c8:ab:15:7f:6e:e0:76:4e:ea:02:61:fd:f8:
5e:d8:e2:a8:2b:0b:0b:df:90:83:2b:1f:e4:e4:e8:
d1:ac:ea:11:61:27:05:e0:aa:96:5d:00:04:50:60:
6f:20:57:1c:8e:71:0b:da:c5:d4:5d:93:6f:b6:ee:
0c:f8:d9:b3:f8:52:ee:38:b2:db:b8:4f:aa:ea:ea:
4d:b5:0d:93:b9:b2:e5:21:39:5f:87:a0:c7:d1:d5:
06:54:d4:fd:f3:d0:fd:fb:35:33:03:58:63:0e:23:
24:a8:d4:4d:56:80:cc:6e:6e:d0:22:91:53:cb:6a:
7b:9d:af:13:b8:d8:8f:c9:a6:3c:4c:91:64:49:78:
0b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1D:5D:5E:3E:E4:11:02:7C:E0:69:DB:C2:2A:C1:95:A9:0E:67:F2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/UR1dXj7kEQJ84GnbwirBlakOZ_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.199.159.0/24
185.225.0.0/23
185.225.22.0/24
185.238.230.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:11:3b:13:16:41:76:33:f0:ff:36:2b:85:90:03:cd:b6:5a:
73:e6:47:0d:af:b8:d2:98:b5:6a:91:4e:27:9f:64:0f:7a:4e:
ae:76:ff:70:e9:64:22:62:47:07:3b:c4:fa:2b:af:cb:ee:f0:
a5:fd:44:69:77:15:1e:66:20:19:85:0b:b7:c3:1b:dc:1e:fb:
49:3b:84:7e:c0:30:20:46:01:f9:a9:33:59:e1:d8:62:2d:73:
d8:c2:2a:15:5a:32:4e:f0:36:76:84:34:e7:48:72:b2:3b:5f:
18:c0:b7:4c:2d:51:a3:3b:e9:7e:ce:bc:ba:06:2e:85:69:cc:
bb:60:13:6c:30:47:1d:f2:a3:8b:d0:4f:23:42:40:f5:27:7e:
2b:5d:37:1c:cb:01:f2:bf:23:f9:12:42:a7:c4:33:b4:3c:fa:
13:2d:06:fd:2a:14:a3:da:28:3e:ac:f9:a4:13:2d:13:81:22:
29:8a:78:bd:a7:79:e6:ad:f0:cc:23:bf:88:74:3d:6a:cf:4c:
52:60:d0:4b:61:52:e9:ae:bb:bb:f0:75:39:d1:02:f8:d1:ba:
e8:ee:19:a2:80:69:fd:f0:dd:f0:08:87:a5:70:2a:9e:00:3e:
8a:ac:38:04:55:e0:31:98:00:c0:08:f0:2c:e2:5c:4c:e6:3c:
40:14:44:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYfhYZuemcmGscFQQCLirI7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTAzMTEzMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFkNWQ1ZTNlZTQxMTAyN2NlMDY5ZGJjMjJhYzE5NWE5MGU2N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGz0pmNFFyQBiTT5QbDHJPWfZGY2
wbGElzEQoF12uyCe/SJ+E6eE0KN18iNne08Xhw/pOt/tXHilqIaH9B+0DNoU5rn7
eFmrY2PxorVYTojTHLzsMqyBCYWK1YGiz80Wcb50eA9VI9RuiHLzLUP6TbNLTiBw
gyOoocirFX9u4HZO6gJh/fhe2OKoKwsL35CDKx/k5OjRrOoRYScF4KqWXQAEUGBv
IFccjnEL2sXUXZNvtu4M+Nmz+FLuOLLbuE+q6upNtQ2TubLlITlfh6DH0dUGVNT9
89D9+zUzA1hjDiMkqNRNVoDMbm7QIpFTy2p7na8TuNiPyaY8TJFkSXgL6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFEdXV4+5BECfOBp28IqwZWpDmfyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVVIxZFhqN2tFUUo4NEduYndpckJsYWtPWl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQgVAwQA
LZPgAwQAucefAwQBueEAAwQAueEWAwQAue7mMA0GCSqGSIb3DQEBCwUAA4IBAQCw
ETsTFkF2M/D/NiuFkAPNtlpz5kcNr7jSmLVqkU4nn2QPek6udv9w6WQiYkcHO8T6
K6/L7vCl/URpdxUeZiAZhQu3wxvcHvtJO4R+wDAgRgH5qTNZ4dhiLXPYwioVWjJO
8DZ2hDTnSHKyO18YwLdMLVGjO+l+zry6Bi6Facy7YBNsMEcd8qOL0E8jQkD1J34r
XTccywHyvyP5EkKnxDO0PPoTLQb9KhSj2ig+rPmkEy0TgSIpini9p3nmrfDMI7+I
dD1qz0xSYNBLYVLprru78HU50QL40bro7hmigGn98N3wCIelcCqeAD6KrDgEVeAx
mADACPAs4lxM5jxAFERi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org