Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X6vU_ve8wkgYAKsV75bczXT6fZ0.roa
File: X6vU_ve8wkgYAKsV75bczXT6fZ0.roa (raw, json)
Hash identifier: 95AL5rmDZR1UliMPoGzr1ie0ay3eMWQSd8wMz+ecc8k=
Subject key identifier: 5F:AB:D4:FE:F7:BC:C2:48:18:00:AB:15:EF:96:DC:CD:74:FA:7D:9D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0185AA98988EB6D7D0667CCAA0F943F19A54
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X6vU_ve8wkgYAKsV75bczXT6fZ0.roa
Signing time: Fri 13 Jan 2023 10:06:45 +0000
ROA not before: Fri 13 Jan 2023 10:06:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 45.90.16.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
185.228.74.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Feb 2023 10:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:98:98:8e:b6:d7:d0:66:7c:ca:a0:f9:43:f1:9a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 13 10:06:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fabd4fef7bcc2481800ab15ef96dccd74fa7d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:cc:fc:d3:ed:5d:77:a2:75:90:a4:0d:3d:
52:b9:f8:b5:fc:85:b4:c0:fb:0d:62:4e:07:dc:d7:
23:65:48:4a:27:40:30:da:02:2a:bb:96:b3:bc:59:
09:6a:04:3b:c2:8d:b1:77:6d:fd:c0:b1:02:9b:14:
31:da:37:f4:92:d8:ac:af:bd:9e:19:97:ad:57:04:
83:bd:b1:ea:53:72:e9:16:d9:ed:f5:cd:a1:e0:d4:
2a:68:65:8d:2f:21:77:73:a1:5f:fc:09:63:01:22:
d9:b3:30:9d:01:70:09:f5:86:7d:ee:83:35:bf:a7:
28:09:d1:19:cd:96:6e:64:e9:ac:fe:8d:77:16:8e:
40:b0:a6:4e:11:7b:04:63:8b:a6:5b:a2:2d:f4:b4:
d2:ae:02:75:44:94:bc:b7:1d:dc:18:3f:cc:e4:3a:
a4:bd:dc:fd:75:f3:56:19:20:66:a7:c1:57:d4:a4:
b9:a8:96:1e:13:7d:5b:1a:b9:26:b4:95:f5:02:dc:
1a:d4:63:00:67:81:b5:dc:73:da:d6:e3:3c:59:e2:
d0:e8:b5:82:13:36:13:4f:ce:6a:58:95:17:98:b6:
76:ce:b5:36:29:18:32:60:61:7b:a1:59:86:4c:bc:
da:f2:dd:89:4d:45:bb:1d:be:63:72:e2:c9:16:1c:
38:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AB:D4:FE:F7:BC:C2:48:18:00:AB:15:EF:96:DC:CD:74:FA:7D:9D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X6vU_ve8wkgYAKsV75bczXT6fZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.131.134.0/24
185.126.83.0/24
185.218.22.0/24
185.228.73.0-185.228.74.255
193.58.144.0/24
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ce:18:1d:f8:4f:1f:cd:9c:99:bc:2e:25:b6:2e:76:3e:62:
fb:c5:e7:d7:28:35:f6:8a:a2:5a:6d:70:83:e9:53:9c:4e:bc:
25:6c:fe:07:a8:6c:e0:e0:a0:fe:b8:12:35:2e:44:bf:09:fd:
06:49:20:33:70:66:a8:83:da:62:cd:72:33:9a:3f:63:c4:7b:
1a:5b:53:45:36:dd:6b:18:57:78:fb:5b:68:f6:b8:95:9c:3e:
62:08:06:02:88:7a:75:98:c6:78:63:1d:2b:22:57:23:bd:65:
68:97:a2:72:f5:06:c0:e4:19:28:61:24:5e:fc:f8:c2:0a:4d:
3d:82:d4:86:36:05:bb:8b:27:e4:31:11:6c:45:f0:37:79:9c:
3d:23:7d:0f:b7:97:36:42:7f:0c:16:a7:18:4e:f9:ff:4b:76:
d0:09:f9:ef:7f:de:80:32:64:fa:3d:03:bc:65:23:00:ce:a3:
12:58:c5:fe:2b:06:98:50:74:48:fc:ff:9a:aa:3e:a5:39:d1:
2b:fe:da:73:77:78:42:5e:de:28:66:37:bf:1f:2f:b7:51:12:
b8:e4:79:f7:12:f9:96:4e:40:b2:f1:d1:3b:5d:99:ba:e0:35:
b0:d2:27:75:41:0c:c5:17:23:25:f2:47:3a:f4:6c:02:ee:16:
9d:5b:77:23
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYWqmJiOttfQZnzKoPlD8ZpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTEzMTAwNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFiZDRmZWY3YmNjMjQ4MTgwMGFiMTVlZjk2ZGNjZDc0ZmE3ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmjM/NPtXXeidZCkDT1Sufi1/IW0
wPsNYk4H3NcjZUhKJ0Aw2gIqu5azvFkJagQ7wo2xd239wLECmxQx2jf0ktisr72e
GZetVwSDvbHqU3LpFtnt9c2h4NQqaGWNLyF3c6Ff/AljASLZszCdAXAJ9YZ97oM1
v6coCdEZzZZuZOms/o13Fo5AsKZOEXsEY4umW6It9LTSrgJ1RJS8tx3cGD/M5Dqk
vdz9dfNWGSBmp8FX1KS5qJYeE31bGrkmtJX1Atwa1GMAZ4G13HPa1uM8WeLQ6LWC
EzYTT85qWJUXmLZ2zrU2KRgyYGF7oVmGTLza8t2JTUW7Hb5jcuLJFhw4lQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFF+r1P73vMJIGACrFe+W3M10+n2dMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWDZ2VV92ZTh3a2dZQUtzVjc1YmN6WFQ2ZlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALVoQAwQA
LYOGAwQAuX5TAwQAudoWMAwDBAC55EkDBAC55EoDBADBOpADBADCkxAwDQYJKoZI
hvcNAQELBQADggEBAHLOGB34Tx/NnJm8LiW2LnY+YvvF59coNfaKolptcIPpU5xO
vCVs/geobODgoP64EjUuRL8J/QZJIDNwZqiD2mLNcjOaP2PEexpbU0U23WsYV3j7
W2j2uJWcPmIIBgKIenWYxnhjHSsiVyO9ZWiXonL1BsDkGShhJF78+MIKTT2C1IY2
BbuLJ+QxEWxF8Dd5nD0jfQ+3lzZCfwwWpxhO+f9LdtAJ+e9/3oAyZPo9A7xlIwDO
oxJYxf4rBphQdEj8/5qqPqU50Sv+2nN3eEJe3ihmN78fL7dRErjkefcS+ZZOQLLx
0TtdmbrgNbDSJ3VBDMUXIyXyRzr0bALuFp1bdyM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org