Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Zi6EAkISicE6ERtaK9xRiEzz4H4.roa
File: Zi6EAkISicE6ERtaK9xRiEzz4H4.roa (raw, json)
Hash identifier: gO5Gi64UWL93yBwLXxck/i6Y7V+NJydn6FPEyX4jYKs=
Subject key identifier: 66:2E:84:02:42:12:89:C1:3A:11:1B:5A:2B:DC:51:88:4C:F3:E0:7E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ABC6382568C4F896F4E4FBA0F5B123E45
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Zi6EAkISicE6ERtaK9xRiEzz4H4.roa
Signing time: Fri 22 Sep 2023 10:15:52 +0000
ROA not before: Fri 22 Sep 2023 10:15:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.206.249.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
185.238.229.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 15:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:63:82:56:8c:4f:89:6f:4e:4f:ba:0f:5b:12:3e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 22 10:15:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662e8402421289c13a111b5a2bdc51884cf3e07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:63:15:ff:38:33:b7:99:91:58:1a:dd:26:be:
d9:14:68:33:8e:ef:8c:cc:f5:7e:8e:97:d2:bb:06:
6b:dd:3b:e4:52:5f:2c:d5:94:1d:41:4f:13:15:03:
10:53:16:04:fe:7b:a6:ca:37:36:a1:5d:2c:bf:3c:
82:b8:79:6c:0b:cf:a1:4e:b5:00:82:61:5a:6e:35:
56:af:19:29:bb:a2:7e:69:d5:8c:f8:3a:52:96:55:
3b:5c:e2:62:ab:e3:4f:2c:d0:3b:61:a3:c4:24:20:
99:b3:35:eb:8a:29:b8:15:b3:73:7b:27:c2:f6:34:
8f:d6:59:de:7b:5c:a4:19:c8:a9:7f:3f:27:54:ef:
8c:dd:aa:02:c5:fa:19:18:4c:c1:83:1f:81:bd:a3:
e4:4e:f9:8d:0c:e6:0f:ce:7f:0c:42:a3:00:4c:a5:
5a:29:b3:28:a5:c8:3f:32:a5:a9:80:64:55:28:20:
e6:79:a2:3b:83:57:fa:08:90:bd:9f:cb:7e:1a:42:
f0:8c:70:42:3d:64:d1:24:e3:bb:97:b6:31:8f:84:
37:d7:e3:bc:ab:3c:bb:54:11:b4:bc:5d:83:fd:1c:
21:b4:0d:bf:0d:fc:15:1a:a6:31:38:8b:86:76:dd:
fb:27:e6:a6:38:1c:72:81:f6:98:95:da:c1:d2:ff:
44:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2E:84:02:42:12:89:C1:3A:11:1B:5A:2B:DC:51:88:4C:F3:E0:7E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Zi6EAkISicE6ERtaK9xRiEzz4H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/23
185.226.107.0/24
185.238.229.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:f8:03:00:95:44:c2:0b:8e:17:55:92:47:74:68:16:5e:8a:
13:64:8c:12:69:07:f3:d0:78:dd:12:54:b3:ff:43:54:f4:4a:
f6:83:4d:5b:e4:6b:3f:2c:e9:44:b6:e8:7b:c9:3c:30:b3:9c:
f0:06:ab:09:e8:b2:9d:98:70:11:c4:39:38:02:2f:c0:66:c8:
d5:7f:2f:0e:32:b2:61:5d:00:17:39:0a:7d:9d:52:a6:33:93:
3c:75:21:bd:ed:e8:62:dc:ec:e9:2f:cd:31:8d:8b:18:78:16:
bf:b9:10:ad:e4:4f:63:61:e6:32:2c:d7:af:9e:9c:72:ea:56:
64:3e:22:61:7b:06:55:2e:4a:22:51:43:74:0d:d7:1c:57:71:
ac:66:f1:a7:c7:5c:39:5c:20:56:2c:c6:ed:ab:59:35:dd:7c:
27:ba:24:bd:c7:90:4e:84:02:71:73:86:e1:43:f9:c8:68:4f:
e7:1a:a3:bf:4b:62:bf:99:a0:27:f4:0d:cf:40:eb:85:39:24:
58:d1:54:26:cf:02:27:3b:3e:d6:72:6a:78:bc:42:9d:ae:8a:
d9:78:2e:dd:34:af:e5:c3:84:97:da:17:af:2f:86:10:60:02:
39:15:96:41:9e:ec:a8:5b:0c:ca:01:3d:c2:98:78:9b:df:39:
36:3e:99:3f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYq8Y4JWjE+Jb05Pug9bEj5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTIyMTAxNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJlODQwMjQyMTI4OWMxM2ExMTFiNWEyYmRjNTE4ODRjZjNlMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2MV/zgzt5mRWBrdJr7ZFGgzju+M
zPV+jpfSuwZr3TvkUl8s1ZQdQU8TFQMQUxYE/numyjc2oV0svzyCuHlsC8+hTrUA
gmFabjVWrxkpu6J+adWM+DpSllU7XOJiq+NPLNA7YaPEJCCZszXriim4FbNzeyfC
9jSP1lnee1ykGcipfz8nVO+M3aoCxfoZGEzBgx+BvaPkTvmNDOYPzn8MQqMATKVa
KbMopcg/MqWpgGRVKCDmeaI7g1f6CJC9n8t+GkLwjHBCPWTRJOO7l7Yxj4Q31+O8
qzy7VBG0vF2D/RwhtA2/DfwVGqYxOIuGdt37J+amOBxygfaYldrB0v9E3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGYuhAJCEonBOhEbWivcUYhM8+B+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWmk2RUFrSVNpY0U2RVJ0YUs5eFJpRXp6NEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVoTAwQA
uSTMAwQBuc74AwQAueJrAwQAue7lAwQBufB4AwQAufZzMA0GCSqGSIb3DQEBCwUA
A4IBAQC5+AMAlUTCC44XVZJHdGgWXooTZIwSaQfz0HjdElSz/0NU9Er2g01b5Gs/
LOlEtuh7yTwws5zwBqsJ6LKdmHARxDk4Ai/AZsjVfy8OMrJhXQAXOQp9nVKmM5M8
dSG97ehi3OzpL80xjYsYeBa/uRCt5E9jYeYyLNevnpxy6lZkPiJhewZVLkoiUUN0
DdccV3GsZvGnx1w5XCBWLMbtq1k13XwnuiS9x5BOhAJxc4bhQ/nIaE/nGqO/S2K/
maAn9A3PQOuFOSRY0VQmzwInOz7Wcmp4vEKdrorZeC7dNK/lw4SX2hevL4YQYAI5
FZZBnuyoWwzKAT3CmHib3zk2Ppk/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org