Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X1wpSl6XESeuNaNSMCMeui3Y36w.roa
File: X1wpSl6XESeuNaNSMCMeui3Y36w.roa (raw, json)
Hash identifier: KSqA7BBRoNARdY5EdOrufizi0zYD6Em6JADTQqe0p/M=
Subject key identifier: 5F:5C:29:4A:5E:97:11:27:AE:35:A3:52:30:23:1E:BA:2D:D8:DF:AC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D21054CD21A1F64A227BF28B136EC9881
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X1wpSl6XESeuNaNSMCMeui3Y36w.roa
Signing time: Fri 19 Jan 2024 09:20:11 +0000
ROA not before: Fri 19 Jan 2024 09:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 10:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:05:4c:d2:1a:1f:64:a2:27:bf:28:b1:36:ec:98:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 19 09:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5c294a5e971127ae35a35230231eba2dd8dfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:66:e6:09:62:64:4c:c9:3d:da:72:6a:7a:20:
29:18:61:4e:c9:d0:05:f4:c8:47:ec:fa:19:be:47:
2d:5a:ed:c8:24:b1:d0:d6:f6:96:86:59:c1:4b:e1:
74:98:23:52:27:45:d9:e2:a5:d2:b7:20:fd:ea:8e:
c9:f7:aa:f2:64:17:f7:56:67:57:44:9d:a2:37:41:
0b:de:bf:79:2a:df:14:76:90:ef:71:7d:9b:76:6a:
4b:03:7f:d7:95:61:9a:11:d8:e4:dd:11:b3:1b:97:
fa:c2:54:4a:c0:e1:81:9b:79:b3:cd:d7:9b:ec:ea:
f8:42:ca:f4:05:a6:c2:19:c6:c5:08:c8:95:c9:16:
ed:e0:41:1b:84:31:93:1b:19:ab:ba:c3:b5:d8:d0:
69:e0:86:c7:74:f1:7e:eb:2d:93:9e:63:85:14:09:
9d:7d:f2:79:a0:85:2d:01:c7:c5:f6:95:e2:6f:a7:
1c:4d:67:20:b2:52:2b:46:dc:9f:ee:6b:42:04:c1:
8e:28:92:f0:c9:de:7f:a7:89:bc:d0:ab:7c:51:54:
53:9e:32:58:f4:c5:c6:11:41:ab:1e:0c:b5:0f:68:
9b:99:65:8b:9b:84:a8:f3:51:db:cc:42:4b:76:31:
fd:b3:54:82:e4:af:da:04:de:e1:5a:93:8c:09:fc:
94:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5C:29:4A:5E:97:11:27:AE:35:A3:52:30:23:1E:BA:2D:D8:DF:AC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X1wpSl6XESeuNaNSMCMeui3Y36w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c8:5b:89:37:4d:5d:c3:2e:b7:67:cd:a5:4e:c7:90:03:b0:
61:ef:9f:d9:b8:2b:d7:90:4a:3a:43:c8:35:3d:76:05:6d:90:
9b:43:cc:b4:0c:b7:41:25:cf:5e:bc:c5:d8:cc:51:fe:7a:7f:
48:9a:a7:c5:61:41:41:18:67:a5:02:4e:92:e1:3b:50:6f:ff:
6f:cc:91:87:f0:bf:a1:51:6e:53:43:0b:bb:3e:67:57:bd:7f:
de:c1:d8:5f:4f:95:b4:7d:d8:be:83:37:81:3e:62:30:99:1c:
0e:f0:20:fc:59:31:f8:80:32:02:d8:f6:45:fd:70:6c:b1:80:
25:34:c6:0c:bf:d5:d2:d3:47:44:e8:ed:5a:bb:a6:36:14:f5:
d5:3f:f5:eb:d2:10:99:2d:8c:ff:0f:a6:83:52:c4:5b:91:1e:
51:14:89:92:94:74:5c:5b:c2:d1:b5:5f:44:9e:a5:31:d9:b4:
09:a5:f5:8f:86:58:77:a5:b2:27:99:ca:a2:a7:1c:43:cf:a5:
29:e6:3d:63:dd:fb:c0:8b:89:43:06:52:e3:56:f9:f0:15:84:
f2:c0:60:66:fe:4f:93:a9:ba:56:c9:9b:0d:b2:09:11:23:61:
02:46:5d:3b:8c:b5:f9:84:54:c2:34:19:d3:0d:9c:8e:d9:d8:
e8:44:e7:9c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY0hBUzSGh9koie/KLE27JiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTE5MDkyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjVjMjk0YTVlOTcxMTI3YWUzNWEzNTIzMDIzMWViYTJkZDhkZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2bmCWJkTMk92nJqeiApGGFOydAF
9MhH7PoZvkctWu3IJLHQ1vaWhlnBS+F0mCNSJ0XZ4qXStyD96o7J96ryZBf3VmdX
RJ2iN0EL3r95Kt8UdpDvcX2bdmpLA3/XlWGaEdjk3RGzG5f6wlRKwOGBm3mzzdeb
7Or4Qsr0BabCGcbFCMiVyRbt4EEbhDGTGxmrusO12NBp4IbHdPF+6y2TnmOFFAmd
ffJ5oIUtAcfF9pXib6ccTWcgslIrRtyf7mtCBMGOKJLwyd5/p4m80Kt8UVRTnjJY
9MXGEUGrHgy1D2ibmWWLm4So81HbzEJLdjH9s1SC5K/aBN7hWpOMCfyU1QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF9cKUpelxEnrjWjUjAjHrot2N+sMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWDF3cFNsNlhFU2V1TmFOU01DTWV1aTNZMzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSAwQAwgVAMA0GCSqGSIb3
DQEBCwUAA4IBAQBYyFuJN01dwy63Z82lTseQA7Bh75/ZuCvXkEo6Q8g1PXYFbZCb
Q8y0DLdBJc9evMXYzFH+en9ImqfFYUFBGGelAk6S4TtQb/9vzJGH8L+hUW5TQwu7
PmdXvX/ewdhfT5W0fdi+gzeBPmIwmRwO8CD8WTH4gDIC2PZF/XBssYAlNMYMv9XS
00dE6O1au6Y2FPXVP/Xr0hCZLYz/D6aDUsRbkR5RFImSlHRcW8LRtV9EnqUx2bQJ
pfWPhlh3pbInmcqipxxDz6Up5j1j3fvAi4lDBlLjVvnwFYTywGBm/k+TqbpWyZsN
sgkRI2ECRl07jLX5hFTCNBnTDZyO2djoROec
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org