Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Uur20gr0J7IC9-Xn5brTWVg7fAw.roa
File: Uur20gr0J7IC9-Xn5brTWVg7fAw.roa (raw, json)
Hash identifier: uWQ09wNbhx2NcCFLqtdq/W5PLpdioQwHGEdN5eDLL88=
Subject key identifier: 52:EA:F6:D2:0A:F4:27:B2:02:F7:E5:E7:E5:BA:D3:59:58:3B:7C:0C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D7E4A2F7CC08337DD954A35527E3FB0B9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Uur20gr0J7IC9-Xn5brTWVg7fAw.roa
Signing time: Tue 06 Feb 2024 12:00:07 +0000
ROA not before: Tue 06 Feb 2024 12:00:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 11:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:4a:2f:7c:c0:83:37:dd:95:4a:35:52:7e:3f:b0:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 6 12:00:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52eaf6d20af427b202f7e5e7e5bad359583b7c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:56:08:6c:8e:71:1d:3c:7b:f6:f0:84:a7:
f9:16:54:a2:cb:7e:ee:5d:2b:5d:87:84:c6:bc:c0:
b0:1d:5e:f9:cc:43:91:50:94:4a:98:fc:6c:44:ff:
1a:dc:92:6d:69:4e:ef:ed:5a:49:ba:f2:e1:c3:f0:
60:c8:f6:5c:e2:7a:02:2d:1a:76:66:df:60:a5:36:
08:cc:1d:3c:85:d5:0f:9d:ec:2e:a5:f6:ee:62:0e:
78:7f:5d:5e:81:be:3b:65:6e:f3:76:1a:6b:6e:a4:
a2:25:39:cb:d5:5b:87:5d:2b:ef:cf:58:9f:36:43:
72:7b:c9:50:b9:56:51:88:08:6e:4c:eb:6b:bc:ad:
44:53:c1:2c:2e:97:f1:ab:4c:8e:58:ff:dc:38:68:
94:ed:5e:93:fb:2b:34:6c:10:ad:b0:42:ef:2d:f3:
40:e2:b0:b2:56:3f:15:ec:b4:95:e9:8b:42:07:52:
d2:30:6e:00:0e:69:3e:14:3a:7b:a1:ca:00:31:91:
63:35:ac:66:e1:92:e8:16:d9:c2:87:75:ca:2e:15:
12:21:59:1c:d1:5d:ac:ae:bc:6c:41:6b:43:46:38:
ea:04:11:93:0a:bd:8a:a8:74:81:b0:13:79:51:1c:
97:11:24:28:2f:03:39:1e:78:f6:a7:03:9a:61:0f:
1b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:EA:F6:D2:0A:F4:27:B2:02:F7:E5:E7:E5:BA:D3:59:58:3B:7C:0C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Uur20gr0J7IC9-Xn5brTWVg7fAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/23
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:65:c5:36:2a:24:14:67:71:f1:1b:f0:56:22:d2:38:31:43:
28:0a:4c:dd:26:0f:af:5e:98:9f:12:c2:08:1d:ae:ad:96:1c:
e2:fc:28:2f:57:24:2a:d8:b1:02:9e:c7:1e:74:e1:41:94:6a:
bc:4a:01:1d:b7:fd:36:4f:48:a8:ba:cd:d8:cc:b2:52:80:6f:
e8:10:aa:a6:65:9f:4e:e8:31:f5:55:1c:8b:a7:93:81:3d:2b:
0d:25:7c:b8:db:82:e0:7b:60:b8:df:91:ef:3f:ae:d2:e5:9d:
e8:08:db:90:f5:92:11:30:70:2b:b3:39:2d:4e:0e:1d:79:f4:
42:67:a3:71:f3:29:83:55:2f:52:68:a2:1d:73:a7:3d:3e:d6:
6f:cd:c5:79:89:d3:ee:0b:be:8c:36:c2:94:ab:6e:ee:46:e7:
bc:17:d1:f1:16:20:b5:c3:9c:34:ad:b2:f7:83:80:df:15:b4:
b9:46:74:31:cc:f9:10:e6:9b:9e:2e:5d:2b:97:fd:29:c0:96:
51:6d:40:76:a0:f7:5f:c1:3d:66:08:26:53:2c:64:58:16:ec:
82:bf:dd:f2:c2:fe:72:41:d3:61:06:1c:de:9f:94:cf:b9:9a:
9e:c2:45:1f:18:7b:59:2b:97:bf:d4:22:bc:c0:09:bd:d8:01:
54:38:10:72
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY1+Si98wIM33ZVKNVJ+P7C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA2MTIwMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmVhZjZkMjBhZjQyN2IyMDJmN2U1ZTdlNWJhZDM1OTU4M2I3YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB9WCGyOcR08e/bwhKf5FlSiy37u
XStdh4TGvMCwHV75zEORUJRKmPxsRP8a3JJtaU7v7VpJuvLhw/BgyPZc4noCLRp2
Zt9gpTYIzB08hdUPnewupfbuYg54f11egb47ZW7zdhprbqSiJTnL1VuHXSvvz1if
NkNye8lQuVZRiAhuTOtrvK1EU8EsLpfxq0yOWP/cOGiU7V6T+ys0bBCtsELvLfNA
4rCyVj8V7LSV6YtCB1LSMG4ADmk+FDp7ocoAMZFjNaxm4ZLoFtnCh3XKLhUSIVkc
0V2srrxsQWtDRjjqBBGTCr2KqHSBsBN5URyXESQoLwM5Hnj2pwOaYQ8bxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFLq9tIK9CeyAvfl5+W601lYO3wMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVXVyMjBncjBKN0lDOS1YbjViclRXVmc3ZkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQBud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQBcZcU2KiQUZ3HxG/BWItI4MUMoCkzdJg+vXpifEsIIHa6tlhzi/CgvVyQq
2LECnscedOFBlGq8SgEdt/02T0ious3YzLJSgG/oEKqmZZ9O6DH1VRyLp5OBPSsN
JXy424Lge2C435HvP67S5Z3oCNuQ9ZIRMHArszktTg4defRCZ6Nx8ymDVS9SaKId
c6c9PtZvzcV5idPuC76MNsKUq27uRue8F9HxFiC1w5w0rbL3g4DfFbS5RnQxzPkQ
5pueLl0rl/0pwJZRbUB2oPdfwT1mCCZTLGRYFuyCv93ywv5yQdNhBhzen5TPuZqe
wkUfGHtZK5e/1CK8wAm92AFUOBBy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org