Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XvJ7AetYdBoYMPAO6V35Gqzk4YQ.roa
File: XvJ7AetYdBoYMPAO6V35Gqzk4YQ.roa (raw, json)
Hash identifier: b6LunXMrFoxawnM2pXNG1ndm8WLp6kqxyoRs47MfuDg=
Subject key identifier: 5E:F2:7B:01:EB:58:74:1A:18:30:F0:0E:E9:5D:F9:1A:AC:E4:E1:84
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0185B0FB7AB3D0E139E188918AC85CC81732
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XvJ7AetYdBoYMPAO6V35Gqzk4YQ.roa
Signing time: Sat 14 Jan 2023 15:52:28 +0000
ROA not before: Sat 14 Jan 2023 15:52:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
45.131.132.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
45.131.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Feb 2023 16:40:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:fb:7a:b3:d0:e1:39:e1:88:91:8a:c8:5c:c8:17:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 14 15:52:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ef27b01eb58741a1830f00ee95df91aace4e184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:13:a9:2c:12:13:d6:fe:58:f9:d1:df:16:
6d:b4:2c:53:6a:82:d5:b3:90:d5:29:fa:d5:a6:74:
bd:01:bb:1f:79:fb:12:bf:79:b9:04:02:f3:16:15:
5e:41:e2:af:99:6f:6e:b1:09:ba:8a:76:fc:86:94:
28:49:d0:f4:34:39:47:35:80:77:ed:e6:12:31:f0:
a0:1b:a0:4f:d5:59:33:7e:09:ce:bd:89:dd:03:9b:
d1:29:fd:e7:0f:9a:15:51:a3:96:f7:76:75:82:d5:
d3:73:45:eb:be:35:e4:4e:de:f8:b6:d9:75:6d:93:
55:94:ff:41:74:ef:86:8b:29:91:12:00:2b:82:04:
35:e4:98:eb:ec:6c:bc:bc:98:dd:6b:c5:f9:c3:15:
77:55:07:d1:06:cd:c6:cf:7d:51:dc:b7:b8:ee:06:
c6:f0:43:84:4f:bb:76:7c:d2:51:90:7f:10:c2:50:
35:16:bd:92:c4:16:5d:5e:6d:77:9c:7b:2f:43:d1:
1b:2c:02:fb:d2:ca:28:ca:cf:5d:a6:0e:9f:5b:a8:
6d:78:4f:3a:d8:67:a1:ac:6f:86:07:b5:e5:6e:c0:
ed:76:30:5e:3a:d6:94:51:13:17:6a:ef:b6:aa:4f:
8e:56:b7:9a:4f:ee:00:1e:d7:c5:cf:ff:c7:42:14:
e1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F2:7B:01:EB:58:74:1A:18:30:F0:0E:E9:5D:F9:1A:AC:E4:E1:84
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XvJ7AetYdBoYMPAO6V35Gqzk4YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.132.0/23
45.131.135.0/24
185.206.250.0/24
185.223.78.0/24
185.223.155.0/24
185.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:94:5d:14:1c:51:a0:9f:41:f3:64:e4:93:9d:64:1d:a9:d7:
33:2d:a4:55:c8:f5:e9:59:14:22:20:01:10:a7:dc:2d:50:c8:
5e:c5:a9:28:3e:e3:07:0e:a5:87:08:83:c7:3e:7f:f4:b0:30:
32:4e:3c:2e:2e:ba:71:4e:4c:a2:f8:8b:84:e8:9b:8f:3d:f4:
8b:01:e6:ce:81:64:59:2d:e9:7c:db:0b:f2:1f:b4:5f:41:36:
9d:3f:ad:cb:31:39:c3:3d:c7:50:d9:69:2a:a6:11:c4:4c:65:
31:bc:38:bc:7c:f3:69:f0:0c:2a:b2:0f:95:b4:0b:77:21:f3:
5c:3d:e0:84:c2:a9:c3:9e:13:01:e5:45:5f:cb:79:d6:a2:f9:
fe:f6:5e:e1:8b:16:5d:79:b9:f1:fb:79:96:9e:0d:94:57:c3:
25:38:35:b9:ca:5e:48:61:20:df:12:23:56:a5:18:3d:20:4a:
0f:4f:94:15:7f:d6:b7:0b:e9:44:7d:c7:2a:22:63:5c:e6:62:
da:4a:f9:91:4d:29:ff:7b:ea:39:a9:fc:89:52:16:0c:49:9a:
7b:e7:ea:b2:49:ea:19:8b:7e:fb:cf:e0:df:99:1a:8c:81:6e:
64:38:43:2f:65:a0:f8:17:8d:0c:a4:39:8c:2a:ef:ef:62:e8:
ad:aa:83:d1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWw+3qz0OE54YiRishcyBcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTE0MTU1MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYyN2IwMWViNTg3NDFhMTgzMGYwMGVlOTVkZjkxYWFjZTRlMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLsTqSwSE9b+WPnR3xZttCxTaoLV
s5DVKfrVpnS9AbsfefsSv3m5BALzFhVeQeKvmW9usQm6inb8hpQoSdD0NDlHNYB3
7eYSMfCgG6BP1VkzfgnOvYndA5vRKf3nD5oVUaOW93Z1gtXTc0XrvjXkTt74ttl1
bZNVlP9BdO+GiymREgArggQ15Jjr7Gy8vJjda8X5wxV3VQfRBs3Gz31R3Le47gbG
8EOET7t2fNJRkH8QwlA1Fr2SxBZdXm13nHsvQ9EbLAL70sooys9dpg6fW6hteE86
2GehrG+GB7XlbsDtdjBeOtaUURMXau+2qk+OVreaT+4AHtfFz//HQhThMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF7yewHrWHQaGDDwDuld+Rqs5OGEMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWHZKN0FldFlkQm9ZTVBBTzZWMzVHcXprNFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
LYOEAwQALYOHAwQAuc76AwQAud9OAwQAud+bAwQAufZwMA0GCSqGSIb3DQEBCwUA
A4IBAQBKlF0UHFGgn0HzZOSTnWQdqdczLaRVyPXpWRQiIAEQp9wtUMhexakoPuMH
DqWHCIPHPn/0sDAyTjwuLrpxTkyi+IuE6JuPPfSLAebOgWRZLel82wvyH7RfQTad
P63LMTnDPcdQ2WkqphHETGUxvDi8fPNp8Awqsg+VtAt3IfNcPeCEwqnDnhMB5UVf
y3nWovn+9l7hixZdebnx+3mWng2UV8MlODW5yl5IYSDfEiNWpRg9IEoPT5QVf9a3
C+lEfccqImNc5mLaSvmRTSn/e+o5qfyJUhYMSZp75+qySeoZi377z+DfmRqMgW5k
OEMvZaD4F40MpDmMKu/vYuitqoPR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org