Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XRxqe0JaswMhxBjaU7cKynmULyQ.roa
File: XRxqe0JaswMhxBjaU7cKynmULyQ.roa (raw, json)
Hash identifier: QJuFA+14yMsZj9IjmqkUJCrYirAHWUwgklm0iC/e2uE=
Subject key identifier: 5D:1C:6A:7B:42:5A:B3:03:21:C4:18:DA:53:B7:0A:CA:79:94:2F:24
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01941C6F3B404AA90A97AC89F4A11E9A6987
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XRxqe0JaswMhxBjaU7cKynmULyQ.roa
Signing time: Tue 31 Dec 2024 11:17:19 +0000
ROA not before: Tue 31 Dec 2024 11:17:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.122.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:6f:3b:40:4a:a9:0a:97:ac:89:f4:a1:1e:9a:69:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 31 11:17:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d1c6a7b425ab30321c418da53b70aca79942f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:4c:bc:38:03:b5:c3:9d:2e:bf:8c:12:e7:
68:fa:9b:52:a6:36:39:8a:2e:23:cb:59:ff:47:1c:
f0:00:c7:11:0e:40:1a:d4:ca:2e:54:ae:07:22:11:
26:50:51:14:09:b9:40:be:4a:bb:38:7c:b0:43:3f:
e2:01:3a:b7:dc:ea:12:47:7f:3d:29:20:1b:f5:42:
53:5e:49:90:79:52:14:de:4e:e2:01:fd:2c:16:c1:
5f:b3:8c:11:5d:c6:cd:a3:7b:a9:b0:a7:49:ef:3c:
c3:d9:fa:d4:21:26:a4:34:12:e4:47:ff:2d:a4:1d:
fa:f5:e8:6f:49:f3:f3:0a:f6:e4:4f:37:97:b9:c8:
83:51:da:fb:43:cb:16:f4:88:5f:48:ff:8c:50:03:
80:78:80:0e:1a:d4:25:28:34:65:41:94:25:77:56:
b3:d4:74:a8:8a:24:88:3c:92:15:39:15:d7:fc:fc:
e0:84:9e:0b:f3:da:06:51:ac:6e:26:ad:74:8e:f1:
46:4b:95:c9:0e:cf:cc:f1:f5:65:14:f6:58:3d:08:
d6:63:1c:e2:64:78:dc:ec:e5:cb:5c:55:61:e1:0c:
a8:1c:d4:0e:46:ea:e0:7a:72:d0:82:b4:39:01:53:
e4:b1:56:40:f1:93:5d:fe:58:70:17:7a:d9:05:70:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1C:6A:7B:42:5A:B3:03:21:C4:18:DA:53:B7:0A:CA:79:94:2F:24
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XRxqe0JaswMhxBjaU7cKynmULyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.199.54.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.230.53.0/24
185.234.22.0/24
185.240.122.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:fa:a0:55:63:e8:fd:d2:22:13:a4:11:6f:cb:10:7e:58:9c:
bb:4d:9c:82:f6:93:fa:2b:be:61:95:61:82:be:f0:b0:c7:8c:
3b:63:1b:69:8f:8b:56:f7:00:1a:4e:a7:41:52:0c:48:0c:72:
fe:70:91:02:bb:0b:11:64:84:09:d7:15:8d:d3:e5:c6:a7:60:
4b:7c:9f:aa:80:84:ea:b5:3f:48:18:2e:c4:21:b1:c3:24:5e:
6a:d5:fb:64:43:07:37:9a:fa:af:69:06:5e:67:f8:c2:4c:a2:
a6:1b:a4:76:a4:21:64:5b:9f:1c:9f:b9:8e:ac:0c:d1:de:d2:
aa:08:1a:e0:23:b4:51:01:dc:08:6d:f9:e3:51:b0:c8:92:46:
4c:d0:29:71:1c:c8:1c:fc:a8:95:0f:9f:e1:18:48:4f:c8:e2:
05:75:3f:0b:4a:6b:f2:02:39:9b:65:46:83:cb:8c:ab:06:38:
da:de:50:6b:f6:ba:b2:6c:ce:a2:35:6a:9a:10:6a:10:0e:cd:
d3:56:b1:e6:9e:00:ed:56:0d:b1:59:08:f3:37:99:56:06:ed:
53:a4:9a:31:24:03:0f:9e:42:bc:dd:a0:b3:75:31:4e:3e:57:
06:cf:b7:d6:44:29:a9:fb:b2:ff:4f:56:91:6c:d8:46:14:37:
11:8c:1f:b8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQcbztASqkKl6yJ9KEemmmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjMxMTExNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFjNmE3YjQyNWFiMzAzMjFjNDE4ZGE1M2I3MGFjYTc5OTQyZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWRMvDgDtcOdLr+MEudo+ptSpjY5
ii4jy1n/RxzwAMcRDkAa1MouVK4HIhEmUFEUCblAvkq7OHywQz/iATq33OoSR389
KSAb9UJTXkmQeVIU3k7iAf0sFsFfs4wRXcbNo3upsKdJ7zzD2frUISakNBLkR/8t
pB369ehvSfPzCvbkTzeXuciDUdr7Q8sW9IhfSP+MUAOAeIAOGtQlKDRlQZQld1az
1HSoiiSIPJIVORXX/PzghJ4L89oGUaxuJq10jvFGS5XJDs/M8fVlFPZYPQjWYxzi
ZHjc7OXLXFVh4QyoHNQORurgenLQgrQ5AVPksVZA8ZNd/lhwF3rZBXBEdwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFF0cantCWrMDIcQY2lO3Csp5lC8kMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWFJ4cWUwSmFzd01oeEJqYVU3Y0t5bm1VTHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
uX5SAwQAucc2AwQBudz6AwQBueEAAwQBueOSAwQAueY1AwQAueoWAwQAufB6AwQB
wQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQCm+qBVY+j90iITpBFvyxB+WJy7
TZyC9pP6K75hlWGCvvCwx4w7Yxtpj4tW9wAaTqdBUgxIDHL+cJECuwsRZIQJ1xWN
0+XGp2BLfJ+qgITqtT9IGC7EIbHDJF5q1ftkQwc3mvqvaQZeZ/jCTKKmG6R2pCFk
W58cn7mOrAzR3tKqCBrgI7RRAdwIbfnjUbDIkkZM0ClxHMgc/KiVD5/hGEhPyOIF
dT8LSmvyAjmbZUaDy4yrBjja3lBr9rqybM6iNWqaEGoQDs3TVrHmngDtVg2xWQjz
N5lWBu1TpJoxJAMPnkK83aCzdTFOPlcGz7fWRCmp+7L/T1aRbNhGFDcRjB+4
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:35:47 2025 by rpki-client