Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZQeF54S1Ar0dycUc0YsW-jy1sf8.roa
File: ZQeF54S1Ar0dycUc0YsW-jy1sf8.roa (raw, json)
Hash identifier: OeJA0UR0iD4oGId8Qie2xRn1lkb3425VRUvxwP4NWRQ=
Subject key identifier: 65:07:85:E7:84:B5:02:BD:1D:C9:C5:1C:D1:8B:16:FA:3C:B5:B1:FF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ABC6C6EFDA117D4545F0E3255C3B00381
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZQeF54S1Ar0dycUc0YsW-jy1sf8.roa
Signing time: Fri 22 Sep 2023 10:25:37 +0000
ROA not before: Fri 22 Sep 2023 10:25:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.220.249.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Sep 2023 08:37:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:6c:6e:fd:a1:17:d4:54:5f:0e:32:55:c3:b0:03:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 22 10:25:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=650785e784b502bd1dc9c51cd18b16fa3cb5b1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fc:f0:03:64:e8:2c:bc:71:88:6c:4b:17:7e:
18:61:e4:dc:d3:d0:3b:6f:5d:93:45:23:2e:12:65:
7c:0c:8e:e4:c6:42:e3:ce:b9:43:6b:4c:9e:e6:12:
92:78:f9:c0:52:51:6a:5e:a0:a0:fe:0c:29:e8:2f:
e5:32:32:51:79:ac:43:25:03:3b:48:5f:9f:32:35:
15:66:ef:6d:2c:94:f3:0f:60:5a:4c:ea:b2:82:11:
2f:ab:47:f4:44:15:bf:ac:05:bc:2d:80:63:9d:65:
ec:bf:43:76:30:b2:1c:ee:ab:50:75:f5:e4:96:87:
f6:1a:d2:09:21:f1:1c:da:3d:44:e8:c8:04:05:12:
58:4f:e1:4d:78:27:e9:cd:ea:9d:aa:5c:91:0d:33:
6d:c4:98:44:76:60:83:37:8d:54:d2:0d:9a:21:15:
26:71:f9:e6:ef:d0:a8:1c:fc:30:1b:8d:a0:21:bf:
c4:82:d2:9d:dd:9e:14:1e:8d:f4:a1:51:78:5d:38:
05:c6:7d:24:2d:1a:71:6d:7f:34:d3:1c:ab:22:d9:
dc:db:36:32:a4:a5:1f:fc:c6:0c:d8:d2:34:ec:5d:
11:a9:dc:f6:0b:58:44:32:a5:16:15:5e:d2:02:56:
8b:68:fc:f2:e3:f2:a5:50:05:e6:cd:2b:9f:e8:d6:
27:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:07:85:E7:84:B5:02:BD:1D:C9:C5:1C:D1:8B:16:FA:3C:B5:B1:FF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZQeF54S1Ar0dycUc0YsW-jy1sf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.220.249.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:4f:f0:a9:4f:b0:78:44:10:ae:b9:41:99:ac:1e:26:c6:e3:
f0:37:d8:2d:30:f1:5b:3d:90:a9:4a:e2:1a:04:51:c8:81:7e:
11:a5:97:8d:9f:5d:cd:d8:36:90:c4:2f:70:6e:33:2c:a7:fc:
2f:3e:fe:1f:7b:af:c9:48:4e:40:35:3e:d4:b5:12:40:a2:50:
f0:9e:78:7f:a2:40:12:4a:09:24:e5:93:d2:f3:f7:71:c8:b6:
ff:f1:fc:9f:77:6c:b5:7c:d8:cc:85:c2:0d:ac:63:a9:ac:74:
74:d1:60:3f:40:42:77:cd:7f:4c:62:98:92:15:c6:37:a9:35:
93:b8:2b:14:ff:19:51:eb:f8:37:bf:8c:f2:c0:27:fe:c9:25:
3d:85:8d:6f:ec:c3:34:ef:06:e1:3a:a8:f2:c6:4c:85:d1:57:
4c:f6:c8:52:ec:85:43:a6:a9:79:10:e5:3c:15:95:81:82:2a:
c6:ef:23:ce:e7:73:9c:72:ce:cd:2f:02:50:2e:a2:00:b4:79:
0c:db:94:b3:ef:12:c2:47:59:6b:c9:79:b8:a8:c1:29:0e:2a:
08:a4:8b:7b:d1:93:03:7b:eb:f5:e7:e4:8e:13:03:a1:af:59:
9f:28:a4:c9:3a:88:da:25:b2:04:d4:dc:89:48:15:62:3e:9f:
b4:66:73:f4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYq8bG79oRfUVF8OMlXDsAOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTIyMTAyNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTA3ODVlNzg0YjUwMmJkMWRjOWM1MWNkMThiMTZmYTNjYjViMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvzwA2ToLLxxiGxLF34YYeTc09A7
b12TRSMuEmV8DI7kxkLjzrlDa0ye5hKSePnAUlFqXqCg/gwp6C/lMjJReaxDJQM7
SF+fMjUVZu9tLJTzD2BaTOqyghEvq0f0RBW/rAW8LYBjnWXsv0N2MLIc7qtQdfXk
lof2GtIJIfEc2j1E6MgEBRJYT+FNeCfpzeqdqlyRDTNtxJhEdmCDN41U0g2aIRUm
cfnm79CoHPwwG42gIb/EgtKd3Z4UHo30oVF4XTgFxn0kLRpxbX800xyrItnc2zYy
pKUf/MYM2NI07F0Rqdz2C1hEMqUWFV7SAlaLaPzy4/KlUAXmzSuf6NYn5QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGUHheeEtQK9HcnFHNGLFvo8tbH/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWlFlRjU0UzFBcjBkeWNVYzBZc1ctankxc2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCuXkMAwQA
ucefAwQBuc74AwQAuc77AwQBudEkAwQCudKYAwQAudz5AwQAud9MAwQAud9QAwQA
ueECAwQAueJpAwQAueJrAwQCueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3
DQEBCwUAA4IBAQCmT/CpT7B4RBCuuUGZrB4mxuPwN9gtMPFbPZCpSuIaBFHIgX4R
pZeNn13N2DaQxC9wbjMsp/wvPv4fe6/JSE5ANT7UtRJAolDwnnh/okASSgkk5ZPS
8/dxyLb/8fyfd2y1fNjMhcINrGOprHR00WA/QEJ3zX9MYpiSFcY3qTWTuCsU/xlR
6/g3v4zywCf+ySU9hY1v7MM07wbhOqjyxkyF0VdM9shS7IVDpql5EOU8FZWBgirG
7yPO53Occs7NLwJQLqIAtHkM25Sz7xLCR1lryXm4qMEpDioIpIt70ZMDe+v15+SO
EwOhr1mfKKTJOojaJbIE1NyJSBViPp+0ZnP0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org