Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XVRipq8jnWZq88c0U4D8qdtOYYc.roa
File: XVRipq8jnWZq88c0U4D8qdtOYYc.roa (raw, json)
Hash identifier: TYsyZqEKUm8KhPfgXWK6dRqVuYt7PHQ58+QSs9aRUc8=
Subject key identifier: 5D:54:62:A6:AF:23:9D:66:6A:F3:C7:34:53:80:FC:A9:DB:4E:61:87
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BFDF91622FE4F7207D1607F4547544C1E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XVRipq8jnWZq88c0U4D8qdtOYYc.roa
Signing time: Thu 23 Nov 2023 20:57:21 +0000
ROA not before: Thu 23 Nov 2023 20:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.218.102.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
176.125.248.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Dec 2023 21:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:f9:16:22:fe:4f:72:07:d1:60:7f:45:47:54:4c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 23 20:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d5462a6af239d666af3c7345380fca9db4e6187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:86:7c:90:91:9e:4a:70:50:2a:ca:64:3f:
54:93:d5:4f:22:13:7c:e4:2b:18:6e:58:90:76:73:
f5:27:ef:fd:23:17:e4:6e:e8:58:ff:5f:45:30:db:
23:33:ef:eb:14:4a:7a:0c:fd:08:1f:2b:7e:1e:51:
84:1b:cc:5e:fb:35:69:a8:e2:dc:40:f9:6d:6d:7f:
bd:5d:1c:d2:58:ca:cd:87:3f:29:81:09:ff:9d:72:
55:f8:a6:b0:61:8c:91:09:6e:1f:20:0d:4a:bd:b1:
c3:c7:bc:61:96:a7:79:c8:41:85:db:d5:85:ec:37:
c1:5c:61:38:ce:e6:b4:62:be:0c:af:47:16:88:ce:
ec:b0:6a:78:9d:b2:d9:15:32:aa:35:3b:0d:5b:08:
2a:f1:60:c1:5c:d9:ef:63:44:2e:c3:a3:38:d2:f6:
71:f8:06:99:74:d6:7d:1f:d1:cf:62:87:64:9c:7e:
91:1a:63:01:5b:67:31:70:5d:a2:1d:7a:c7:b3:68:
93:ac:43:39:e2:b8:56:42:eb:74:0b:49:8f:eb:4f:
e8:b5:eb:a4:bf:07:d4:a3:82:ba:d0:ff:eb:31:1a:
40:09:01:c2:07:3c:e8:e4:d1:bb:27:f4:cf:2e:26:
4b:0c:1c:ce:fb:72:ba:ca:c1:3e:04:b7:65:8b:c3:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:54:62:A6:AF:23:9D:66:6A:F3:C7:34:53:80:FC:A9:DB:4E:61:87
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XVRipq8jnWZq88c0U4D8qdtOYYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0a:a3:69:2b:79:b5:19:7d:d3:d2:6f:b6:80:d4:64:a0:66:
8c:85:b1:6a:93:48:2c:fa:e6:83:d5:ac:ba:f5:7c:0c:ed:1b:
b0:f2:c5:e5:cd:a7:f9:5c:39:13:b0:66:9b:0c:4f:aa:20:68:
06:6d:43:65:c7:68:89:0f:e6:44:f3:fe:7e:82:9c:c4:f9:5d:
9f:cb:78:83:11:11:c5:98:01:b6:f5:6e:10:99:4f:78:e0:2e:
34:b1:83:82:64:cf:52:64:1d:d8:cb:f3:55:cc:75:be:09:2e:
dc:9d:aa:60:8b:9b:ab:09:e8:f2:1b:49:8c:17:ee:fe:a4:c5:
cd:6d:a7:ff:04:fd:0c:c7:e7:ff:96:e1:93:c1:77:1c:c4:3a:
6f:85:c3:1c:ea:0b:55:42:23:cc:fc:c1:29:21:05:72:08:18:
f3:f8:0f:b6:59:c4:d4:64:6d:95:e0:28:a4:a7:71:69:d0:f7:
23:f5:3a:bf:73:fc:e7:e8:57:68:ba:2f:ab:ba:e8:de:4e:2e:
cd:6c:cc:02:93:d7:89:a0:d8:95:18:88:f4:ea:46:1a:93:86:
b7:4b:0d:32:01:67:9d:43:e2:d9:68:6d:0f:57:7c:fe:5e:99:
29:8a:0f:60:69:83:d8:3e:de:48:39:7a:ea:26:8e:a7:3a:c6:
99:d1:f1:34
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYv9+RYi/k9yB9Fgf0VHVEweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTIzMjA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU0NjJhNmFmMjM5ZDY2NmFmM2M3MzQ1MzgwZmNhOWRiNGU2MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2OGfJCRnkpwUCrKZD9Uk9VPIhN8
5CsYbliQdnP1J+/9IxfkbuhY/19FMNsjM+/rFEp6DP0IHyt+HlGEG8xe+zVpqOLc
QPltbX+9XRzSWMrNhz8pgQn/nXJV+KawYYyRCW4fIA1KvbHDx7xhlqd5yEGF29WF
7DfBXGE4zua0Yr4Mr0cWiM7ssGp4nbLZFTKqNTsNWwgq8WDBXNnvY0Quw6M40vZx
+AaZdNZ9H9HPYodknH6RGmMBW2cxcF2iHXrHs2iTrEM54rhWQut0C0mP60/oteuk
vwfUo4K60P/rMRpACQHCBzzo5NG7J/TPLiZLDBzO+3K6ysE+BLdli8OFHQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFF1UYqavI51mavPHNFOA/KnbTmGHMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWFZSaXBxOGpuV1pxODhjMFU0RDhxZHRPWVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALB9+AME
Arl5DAMEALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmAMEALnaZgME
ALnfTAMEALnfUAMEALnhAgMEALniaQMEALniawMEALnjkQMEArnqFAMEArnu5AME
AbnweAMEALn75zANBgkqhkiG9w0BAQsFAAOCAQEAbwqjaSt5tRl909JvtoDUZKBm
jIWxapNILPrmg9WsuvV8DO0bsPLF5c2n+Vw5E7BmmwxPqiBoBm1DZcdoiQ/mRPP+
foKcxPldn8t4gxERxZgBtvVuEJlPeOAuNLGDgmTPUmQd2MvzVcx1vgku3J2qYIub
qwno8htJjBfu/qTFzW2n/wT9DMfn/5bhk8F3HMQ6b4XDHOoLVUIjzPzBKSEFcggY
8/gPtlnE1GRtleAopKdxadD3I/U6v3P85+hXaLovq7ro3k4uzWzMApPXiaDYlRiI
9OpGGpOGt0sNMgFnnUPi2WhtD1d8/l6ZKYoPYGmD2D7eSDl66iaOpzrGmdHxNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org