Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XQ7uJ2ipYjMOXDZPArBvAtsOWmk.roa
File: XQ7uJ2ipYjMOXDZPArBvAtsOWmk.roa (raw, json)
Hash identifier: qgho65F2VmgKRy/CRFUy6R80ok36w+SRch+5P+4r2KE=
Subject key identifier: 5D:0E:EE:27:68:A9:62:33:0E:5C:36:4F:02:B0:6F:02:DB:0E:5A:69
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01889FD4043F36607BA7A76FA2F5FB353D50
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XQ7uJ2ipYjMOXDZPArBvAtsOWmk.roa
Signing time: Fri 09 Jun 2023 11:04:12 +0000
ROA not before: Fri 09 Jun 2023 11:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Jun 2023 09:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:d4:04:3f:36:60:7b:a7:a7:6f:a2:f5:fb:35:3d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 9 11:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d0eee2768a962330e5c364f02b06f02db0e5a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c7:97:8c:9a:d2:d5:80:e3:d1:9d:c2:1c:17:
84:2e:40:d3:72:f7:44:cb:f2:03:38:d9:0b:97:1e:
15:13:63:6f:77:89:e2:29:d5:46:6f:54:15:15:8c:
95:4c:0f:2d:30:c7:45:37:bd:eb:de:1a:05:e6:69:
c7:84:7c:25:9b:e6:f9:58:7d:ee:97:67:d4:72:99:
7d:32:40:9c:a5:fd:ab:ff:39:83:95:ce:2d:4d:17:
a3:38:31:3b:b4:66:68:18:a5:3d:aa:85:ac:81:16:
69:be:33:03:40:f5:db:62:e8:17:f0:62:5d:aa:8c:
b7:b9:20:03:a1:aa:09:28:db:00:6e:ac:84:df:4e:
4f:5b:d1:f9:5d:a7:d9:1f:4a:c9:74:0c:d1:d5:1d:
0f:3a:8b:c6:3f:3f:96:eb:43:fe:26:d7:3f:92:28:
be:3a:55:1a:8f:ab:82:9b:3d:cb:6d:d4:16:ba:a8:
0a:9d:f6:8f:47:29:9e:e4:dd:9b:9a:81:01:92:9f:
28:8b:40:f9:df:24:9d:38:c6:0e:21:75:ed:e9:03:
83:b5:86:ae:40:05:ac:69:08:67:fe:f8:14:ca:4e:
48:f5:33:a2:7b:51:0a:a5:28:79:78:1c:29:8b:61:
3f:1e:53:59:d4:7d:cf:ce:e8:c6:7c:83:e9:c7:41:
a8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0E:EE:27:68:A9:62:33:0E:5C:36:4F:02:B0:6F:02:DB:0E:5A:69
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XQ7uJ2ipYjMOXDZPArBvAtsOWmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.210.234.0/24
185.214.100.0/23
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
58:de:b9:e8:76:9b:82:48:74:f2:25:ef:dc:99:fc:b5:84:7b:
06:71:1a:af:37:ec:d5:89:55:a2:36:e1:1b:19:60:ec:c2:ea:
c9:a9:02:db:22:79:82:ae:71:ab:29:c6:c4:7b:a5:6e:bd:ae:
a5:1e:2b:c1:6c:c7:cb:d0:63:b7:a1:46:ec:ba:70:11:5c:cb:
c1:9a:2e:95:8f:49:66:d2:70:62:15:e7:d8:96:c0:39:aa:de:
08:0d:e0:37:68:3e:9d:5c:91:ff:b8:15:fe:72:e4:12:d2:41:
2b:92:5f:6e:36:33:a8:f2:5c:67:b0:cd:bf:29:05:b0:8e:5a:
81:a9:20:e2:f0:fb:5e:c1:31:d6:21:2f:b8:36:80:3e:4f:bd:
3f:c2:94:25:44:0e:fe:7d:b0:3e:d6:4a:f9:05:3c:b5:fe:19:
df:6e:60:4a:dc:b8:51:9f:98:2e:57:5e:51:99:ab:74:65:8d:
71:76:8c:ce:da:42:34:70:34:92:f6:a5:31:14:48:39:cd:33:
06:6e:5e:86:05:c6:f4:70:90:09:f3:b9:d1:e3:ec:58:cf:67:
15:f8:6d:fc:88:9e:e3:33:d1:7c:69:1a:17:16:ae:d6:ab:ab:
4d:0f:0f:23:b2:f6:0b:de:e0:ce:c0:3e:a6:11:71:35:7e:0d:
d8:3f:dd:da
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYif1AQ/NmB7p6dvovX7NT1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjA5MTEwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBlZWUyNzY4YTk2MjMzMGU1YzM2NGYwMmIwNmYwMmRiMGU1YTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8eXjJrS1YDj0Z3CHBeELkDTcvdE
y/IDONkLlx4VE2Nvd4niKdVGb1QVFYyVTA8tMMdFN73r3hoF5mnHhHwlm+b5WH3u
l2fUcpl9MkCcpf2r/zmDlc4tTRejODE7tGZoGKU9qoWsgRZpvjMDQPXbYugX8GJd
qoy3uSADoaoJKNsAbqyE305PW9H5XafZH0rJdAzR1R0POovGPz+W60P+Jtc/kii+
OlUaj6uCmz3LbdQWuqgKnfaPRyme5N2bmoEBkp8oi0D53ySdOMYOIXXt6QODtYau
QAWsaQhn/vgUyk5I9TOie1EKpSh5eBwpi2E/HlNZ1H3PzujGfIPpx0GoUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF0O7idoqWIzDlw2TwKwbwLbDlppMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWFE3dUoyaXBZak1PWERaUEFyQnZBdHNPV21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudEmAwQA
udLqAwQBudZkAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQBY3rnodpuC
SHTyJe/cmfy1hHsGcRqvN+zViVWiNuEbGWDswurJqQLbInmCrnGrKcbEe6Vuva6l
HivBbMfL0GO3oUbsunARXMvBmi6Vj0lm0nBiFefYlsA5qt4IDeA3aD6dXJH/uBX+
cuQS0kErkl9uNjOo8lxnsM2/KQWwjlqBqSDi8PtewTHWIS+4NoA+T70/wpQlRA7+
fbA+1kr5BTy1/hnfbmBK3LhRn5guV15Rmat0ZY1xdozO2kI0cDSS9qUxFEg5zTMG
bl6GBcb0cJAJ87nR4+xYz2cV+G38iJ7jM9F8aRoXFq7Wq6tNDw8jsvYL3uDOwD6m
EXE1fg3YP93a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org