Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X9jkSGsKH6rdWtFBtiH8eKxHhI8.roa
File: X9jkSGsKH6rdWtFBtiH8eKxHhI8.roa (raw, json)
Hash identifier: xj2m8oXXfPLISIjWSXYsRnm1CrAnfaoCyhL+22WEtfo=
Subject key identifier: 5F:D8:E4:48:6B:0A:1F:AA:DD:5A:D1:41:B6:21:FC:78:AC:47:84:8F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A6C0B4E5ABCFB18DEB6A43634728297D3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X9jkSGsKH6rdWtFBtiH8eKxHhI8.roa
Signing time: Wed 06 Sep 2023 19:49:54 +0000
ROA not before: Wed 06 Sep 2023 19:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.228.0/22 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 09:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:0b:4e:5a:bc:fb:18:de:b6:a4:36:34:72:82:97:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 6 19:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fd8e4486b0a1faadd5ad141b621fc78ac47848f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f7:09:73:d7:75:67:ed:eb:15:ad:80:68:61:
66:5d:87:17:8e:d7:7b:2e:9c:46:7b:0d:89:ff:c8:
9c:62:53:a0:ed:de:67:73:53:70:03:62:6d:b1:62:
a4:e0:cb:33:06:65:f6:91:31:4c:be:db:0c:a0:0c:
b6:9f:f1:a3:92:34:9a:04:c5:64:1a:3b:fe:79:32:
56:c3:4e:93:68:c5:fc:d3:96:27:27:e5:8f:c3:8d:
7b:c8:56:ea:f2:74:af:bf:46:8d:db:0f:7e:05:7b:
5a:b6:3c:6c:08:ea:7f:97:0a:8f:84:5f:ec:a6:b0:
fa:ee:a2:0f:04:5e:12:fd:3d:92:7c:c8:55:f1:aa:
0e:64:3f:e0:23:67:77:0a:c0:88:92:6d:64:2b:8c:
e5:6f:91:95:d4:e8:60:4d:79:64:1a:48:5b:d0:43:
a0:49:bf:d7:43:eb:a3:e0:1e:31:fb:a7:83:d0:c1:
90:04:7d:d3:6f:81:eb:04:96:05:c0:40:93:de:f4:
66:6c:af:61:18:ea:c2:48:2c:f2:b8:fa:90:de:0f:
ec:6d:30:81:89:cd:5c:7c:62:6d:07:2a:c2:de:23:
0f:e2:cf:d3:fd:69:f6:d8:88:dc:ad:36:46:2b:d4:
92:7d:ad:97:ce:05:01:71:ec:cd:0e:30:8a:a6:4c:
fd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D8:E4:48:6B:0A:1F:AA:DD:5A:D1:41:B6:21:FC:78:AC:47:84:8F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/X9jkSGsKH6rdWtFBtiH8eKxHhI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/24
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.223.76.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:61:ff:34:91:4f:11:ae:17:06:8a:8f:5b:81:b8:53:6f:ef:
d1:a6:46:d6:28:d2:6b:b1:c0:2d:3f:e4:a1:44:d2:a5:8c:1e:
d9:1a:d0:02:63:71:05:55:0f:b1:d0:c6:d7:2e:e9:91:2e:1e:
74:57:17:09:7a:27:29:3d:ee:fd:7c:9c:42:1b:58:ba:53:97:
23:20:0e:73:e7:03:01:44:d4:56:e9:16:5f:dc:0d:7e:7a:05:
41:9f:44:b3:72:e6:4f:92:cd:54:50:fc:96:13:63:14:cb:e0:
14:b3:08:65:96:43:aa:f0:50:03:11:04:03:f5:5d:04:44:16:
8a:03:3c:b7:65:0e:f2:23:7d:1f:4c:c3:ef:72:9e:65:50:a2:
29:58:80:72:1b:3e:7e:ba:91:72:d6:ae:3c:88:16:a6:8b:01:
8d:6a:4d:f9:1d:4a:c0:ef:4b:35:77:ba:89:de:cf:f1:e5:96:
fe:91:4c:94:aa:8a:7a:96:14:03:67:92:03:e5:d1:14:d8:91:
81:ec:49:06:4f:4a:dd:79:1f:54:1d:2a:e2:1c:34:f7:0c:2f:
ea:dd:3e:8d:c2:26:0f:86:d8:12:f8:6b:86:d6:e2:81:0e:73:
4c:83:99:34:c9:39:f3:f7:09:05:7a:c4:cf:01:77:e6:e5:19:
a4:81:42:c5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYpsC05avPsY3rakNjRygpfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTA2MTk0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQ4ZTQ0ODZiMGExZmFhZGQ1YWQxNDFiNjIxZmM3OGFjNDc4NDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvcJc9d1Z+3rFa2AaGFmXYcXjtd7
LpxGew2J/8icYlOg7d5nc1NwA2JtsWKk4MszBmX2kTFMvtsMoAy2n/GjkjSaBMVk
Gjv+eTJWw06TaMX805YnJ+WPw417yFbq8nSvv0aN2w9+BXtatjxsCOp/lwqPhF/s
prD67qIPBF4S/T2SfMhV8aoOZD/gI2d3CsCIkm1kK4zlb5GV1OhgTXlkGkhb0EOg
Sb/XQ+uj4B4x+6eD0MGQBH3Tb4HrBJYFwECT3vRmbK9hGOrCSCzyuPqQ3g/sbTCB
ic1cfGJtByrC3iMP4s/T/Wn22IjcrTZGK9SSfa2XzgUBcezNDjCKpkz9ZwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFF/Y5EhrCh+q3VrRQbYh/HisR4SPMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWDlqa1NHc0tINnJkV3RGQnRpSDhlS3hIaEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAuSTMAwQC
uXkMAwQAucefAwQBuc74AwQAuc77AwQBudEkAwQCudKYAwQAud9MAwQAueECAwQA
ueJpAwQAueJrAwQCueoUAwQCue7kAwQBufB4MA0GCSqGSIb3DQEBCwUAA4IBAQC6
Yf80kU8RrhcGio9bgbhTb+/RpkbWKNJrscAtP+ShRNKljB7ZGtACY3EFVQ+x0MbX
LumRLh50VxcJeicpPe79fJxCG1i6U5cjIA5z5wMBRNRW6RZf3A1+egVBn0SzcuZP
ks1UUPyWE2MUy+AUswhllkOq8FADEQQD9V0ERBaKAzy3ZQ7yI30fTMPvcp5lUKIp
WIByGz5+upFy1q48iBamiwGNak35HUrA70s1d7qJ3s/x5Zb+kUyUqop6lhQDZ5ID
5dEU2JGB7EkGT0rdeR9UHSriHDT3DC/q3T6NwiYPhtgS+GuG1uKBDnNMg5k0yTnz
9wkFesTPAXfm5RmkgULF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org