Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WYvT24DzCBhnyzyG2aKsxm85ybg.roa
File: WYvT24DzCBhnyzyG2aKsxm85ybg.roa (raw, json)
Hash identifier: rzOpi2X93IO/INUcGapt38jN6TDvSxo0QWGVvXDub5s=
Subject key identifier: 59:8B:D3:DB:80:F3:08:18:67:CB:3C:86:D9:A2:AC:C6:6F:39:C9:B8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F2ECD7841D632B27D109E570D817A05B5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WYvT24DzCBhnyzyG2aKsxm85ybg.roa
Signing time: Tue 30 Apr 2024 11:39:28 +0000
ROA not before: Tue 30 Apr 2024 11:39:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 May 2024 13:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:cd:78:41:d6:32:b2:7d:10:9e:57:0d:81:7a:05:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 30 11:39:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=598bd3db80f3081867cb3c86d9a2acc66f39c9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:42:1c:02:3f:6c:5c:06:06:02:b3:31:19:8a:
77:5f:c6:cf:ea:94:39:d8:ca:c5:4f:74:ba:3d:89:
06:1c:77:8e:02:71:50:f7:72:c0:3e:77:35:8f:da:
c7:7c:30:ad:0b:b3:41:93:54:75:48:23:7c:39:ed:
ee:88:47:cc:df:af:a6:bd:96:d5:90:2f:26:1d:7f:
5e:c4:d0:4f:d9:56:8f:74:44:61:6f:b6:77:b1:42:
d2:48:92:d0:5d:68:67:9e:d3:63:d6:1d:12:ce:aa:
d6:fe:eb:ab:a3:9c:40:73:e8:bd:fc:9d:73:45:bd:
21:98:b1:4c:15:b3:2e:a3:de:de:33:5a:f1:1c:26:
6c:1f:86:6a:c8:f4:97:73:d5:5d:ac:e9:a9:e1:11:
bc:86:9a:b1:ec:84:d5:70:60:13:8f:db:e3:57:84:
fa:c2:7b:8d:36:7f:59:d4:fd:65:e3:35:2e:2c:06:
b1:0e:10:69:26:28:4d:55:35:a3:91:45:e1:ee:f6:
45:f8:09:94:1a:36:ce:42:58:ac:b4:c1:d2:4f:31:
7e:37:b2:78:f8:e1:5e:80:d8:3e:17:44:1a:9e:3e:
de:69:4b:c7:ac:17:82:61:ee:2d:ff:f2:83:46:c3:
84:21:f6:86:1e:24:67:e2:73:16:09:94:d2:22:78:
97:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8B:D3:DB:80:F3:08:18:67:CB:3C:86:D9:A2:AC:C6:6F:39:C9:B8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/WYvT24DzCBhnyzyG2aKsxm85ybg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:55:72:b6:e9:21:c6:08:b1:94:36:23:37:9d:c3:23:00:26:
76:23:5a:aa:fb:12:85:f9:4f:96:4a:9a:1a:21:36:94:39:62:
6f:1c:b6:16:77:6d:39:2e:4e:d1:65:72:b2:99:be:47:e4:2e:
40:3d:56:03:8a:74:0b:df:67:0a:a7:81:b1:15:ab:58:00:c9:
86:11:1e:c0:0c:7f:e8:ca:82:4e:c3:6a:1d:bd:07:71:83:9e:
25:e2:ca:e6:da:6a:e0:c6:f7:0e:af:b8:5b:10:0b:a6:86:0f:
b7:bf:54:4f:49:90:d2:f7:64:8d:15:5d:91:7d:ce:84:b3:bc:
0a:02:e5:02:94:29:90:1d:2f:49:4f:04:73:79:a1:97:71:be:
89:b8:84:a1:cd:c3:c1:a5:4d:9c:2b:02:8a:16:e8:47:30:43:
10:0c:3b:32:49:7a:bc:51:27:0e:b9:07:38:b3:02:4a:33:18:
68:1d:04:92:20:ca:c6:e0:48:12:52:39:82:03:38:bd:9a:2b:
6e:47:9e:b4:ac:af:c6:a4:ae:46:f5:71:1a:d3:7a:db:30:57:
db:a5:c0:29:56:68:83:7f:99:8b:4b:0b:41:02:d6:94:68:67:
76:4a:0a:42:15:9a:70:3a:b6:51:17:38:bf:71:38:7e:b9:ba:
27:33:f3:8b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY8uzXhB1jKyfRCeVw2BegW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDMwMTEzOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OThiZDNkYjgwZjMwODE4NjdjYjNjODZkOWEyYWNjNjZmMzljOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykIcAj9sXAYGArMxGYp3X8bP6pQ5
2MrFT3S6PYkGHHeOAnFQ93LAPnc1j9rHfDCtC7NBk1R1SCN8Oe3uiEfM36+mvZbV
kC8mHX9exNBP2VaPdERhb7Z3sULSSJLQXWhnntNj1h0SzqrW/uuro5xAc+i9/J1z
Rb0hmLFMFbMuo97eM1rxHCZsH4ZqyPSXc9VdrOmp4RG8hpqx7ITVcGATj9vjV4T6
wnuNNn9Z1P1l4zUuLAaxDhBpJihNVTWjkUXh7vZF+AmUGjbOQlistMHSTzF+N7J4
+OFegNg+F0Qanj7eaUvHrBeCYe4t//KDRsOEIfaGHiRn4nMWCZTSIniXBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFmL09uA8wgYZ8s8htmirMZvOcm4MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvV1l2VDI0RHpDQmhueXp5RzJhS3N4bTg1eWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQCuVXK26SHGCLGUNiM3ncMjACZ2I1qq+xKF+U+WSpoaITaUOWJv
HLYWd205Lk7RZXKymb5H5C5APVYDinQL32cKp4GxFatYAMmGER7ADH/oyoJOw2od
vQdxg54l4srm2mrgxvcOr7hbEAumhg+3v1RPSZDS92SNFV2Rfc6Es7wKAuUClCmQ
HS9JTwRzeaGXcb6JuIShzcPBpU2cKwKKFuhHMEMQDDsySXq8UScOuQc4swJKMxho
HQSSIMrG4EgSUjmCAzi9mituR560rK/GpK5G9XEa03rbMFfbpcApVmiDf5mLSwtB
AtaUaGd2SgpCFZpwOrZRFzi/cTh+ubonM/OL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org