Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VzUHWNOnbS0z2ufy6e0eadTqcyE.roa
File: VzUHWNOnbS0z2ufy6e0eadTqcyE.roa (raw, json)
Hash identifier: HWZlN0t9P8kxtYr20D/KD8EY7w99NygATMQor/Ylu4I=
Subject key identifier: 57:35:07:58:D3:A7:6D:2D:33:DA:E7:F2:E9:ED:1E:69:D4:EA:73:21
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E42518F9CDEF386510529556B9468D00C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VzUHWNOnbS0z2ufy6e0eadTqcyE.roa
Signing time: Fri 15 Mar 2024 13:33:45 +0000
ROA not before: Fri 15 Mar 2024 13:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.81.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
193.8.115.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 11:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:51:8f:9c:de:f3:86:51:05:29:55:6b:94:68:d0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 15 13:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57350758d3a76d2d33dae7f2e9ed1e69d4ea7321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:56:1c:e7:b8:ea:90:2e:71:4c:a7:f9:64:
69:33:cf:76:ff:d6:71:b3:64:47:c1:2d:47:cc:d2:
28:87:85:7c:7e:67:50:91:11:d5:47:be:f3:bd:67:
93:96:a8:68:25:79:b2:be:34:ef:f7:e8:b7:11:6a:
df:23:b9:7a:97:7f:bb:16:7e:7c:f1:8c:c9:50:a7:
ad:35:94:78:8d:10:ac:e6:ac:6a:e7:0e:8a:1e:62:
b3:63:1e:7d:31:4b:eb:52:18:8e:af:9d:76:b7:76:
7e:ac:cd:dc:a6:22:59:08:a5:f1:97:76:68:2b:3f:
e3:33:6f:83:18:54:20:07:82:cc:d3:db:f7:e1:1c:
01:56:c1:9e:3f:61:87:5a:f7:f9:b4:f8:7e:c4:67:
4a:b5:f3:b4:28:f0:9b:40:6b:a8:94:88:c6:c4:34:
ce:d7:ff:a8:f7:57:dd:ab:40:24:74:2e:81:fa:f7:
d8:de:08:f8:82:3d:83:db:88:c0:2b:b2:53:0c:88:
61:e3:31:23:e5:18:e7:d3:5f:52:c1:ba:d7:f5:84:
82:d2:6c:0a:02:92:17:a4:5a:6b:4f:b5:66:16:7f:
ea:98:6b:ef:e4:53:a6:32:bf:2c:05:35:a3:73:07:
7f:1a:ca:0e:99:4b:b2:ec:aa:9b:e1:91:b3:33:3e:
7b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:35:07:58:D3:A7:6D:2D:33:DA:E7:F2:E9:ED:1E:69:D4:EA:73:21
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VzUHWNOnbS0z2ufy6e0eadTqcyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.81.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.115.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:03:33:53:5c:e4:23:44:35:fe:8a:05:ae:a6:39:7b:f4:91:
97:4c:6b:82:03:e9:d2:fa:68:54:f9:c6:b4:02:5d:18:e3:b6:
84:dc:ff:5d:5d:03:47:17:f5:75:35:36:8d:4c:3c:84:fe:19:
ed:56:f9:bf:aa:b3:48:41:7e:c2:84:5f:43:dd:c2:89:2b:f2:
5e:88:e7:af:09:32:b4:40:8e:c8:d3:19:9d:5e:5f:4a:92:27:
c7:d5:51:48:a3:bc:16:9f:f5:75:9e:eb:aa:9e:7f:45:7e:79:
18:12:b3:a7:2e:0e:0c:34:71:c7:a6:a7:3a:a9:84:4b:cf:fa:
91:9b:5a:e8:70:a8:69:37:9c:3c:4a:9d:fc:b3:f1:52:56:19:
05:9c:bb:6b:7e:ea:a9:04:11:ff:70:b3:44:58:bd:ef:89:36:
85:59:e2:05:54:88:7d:0a:e8:03:48:0a:5f:ff:de:f4:5a:9e:
61:50:32:f4:92:66:f3:c3:ee:b3:75:cc:c1:2e:09:69:d0:fc:
ae:26:1a:cc:49:3e:a6:1f:33:e9:04:25:bb:01:f9:dd:6c:79:
ff:59:d7:90:4f:f3:2c:1c:75:08:fa:b4:1e:3f:32:fa:77:e0:
2d:7a:4f:a6:4f:9b:d6:6e:f8:c5:bf:2f:0d:20:a2:bd:fe:8d:
b6:4c:a1:9a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY5CUY+c3vOGUQUpVWuUaNAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzE1MTMzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM1MDc1OGQzYTc2ZDJkMzNkYWU3ZjJlOWVkMWU2OWQ0ZWE3MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIRWHOe46pAucUyn+WRpM892/9Zx
s2RHwS1HzNIoh4V8fmdQkRHVR77zvWeTlqhoJXmyvjTv9+i3EWrfI7l6l3+7Fn58
8YzJUKetNZR4jRCs5qxq5w6KHmKzYx59MUvrUhiOr512t3Z+rM3cpiJZCKXxl3Zo
Kz/jM2+DGFQgB4LM09v34RwBVsGeP2GHWvf5tPh+xGdKtfO0KPCbQGuolIjGxDTO
1/+o91fdq0AkdC6B+vfY3gj4gj2D24jAK7JTDIhh4zEj5Rjn019SwbrX9YSC0mwK
ApIXpFprT7VmFn/qmGvv5FOmMr8sBTWjcwd/GsoOmUuy7Kqb4ZGzMz57dwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFc1B1jTp20tM9rn8untHmnU6nMhMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVnpVSFdOT25iUzB6MnVmeTZlMGVhZFRxY3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5RAwQBudz6AwQAud9SAwQBueEAAwQAueJoAwQBueOSAwQAwQhzAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAeAzNTXOQjRDX+igWupjl79JGXTGuCA+nS+mhU+ca0
Al0Y47aE3P9dXQNHF/V1NTaNTDyE/hntVvm/qrNIQX7ChF9D3cKJK/JeiOevCTK0
QI7I0xmdXl9KkifH1VFIo7wWn/V1nuuqnn9FfnkYErOnLg4MNHHHpqc6qYRLz/qR
m1rocKhpN5w8Sp38s/FSVhkFnLtrfuqpBBH/cLNEWL3viTaFWeIFVIh9CugDSApf
/970Wp5hUDL0kmbzw+6zdczBLglp0PyuJhrMST6mHzPpBCW7AfndbHn/WdeQT/Ms
HHUI+rQePzL6d+Atek+mT5vWbvjFvy8NIKK9/o22TKGa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org