Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a2wEdaafwk63CdPLPEBC0EBZ1vc.roa
File: a2wEdaafwk63CdPLPEBC0EBZ1vc.roa (raw, json)
Hash identifier: mdpRMOnlUqmq7t7/W6S8aWoHVrv8lJ8Xil2zZPAn1Q0=
Subject key identifier: 6B:6C:04:75:A6:9F:C2:4E:B7:09:D3:CB:3C:40:42:D0:40:59:D6:F7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B9C3D7875ED4E30BCBDFE63D95724CAB1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a2wEdaafwk63CdPLPEBC0EBZ1vc.roa
Signing time: Sat 04 Nov 2023 21:29:16 +0000
ROA not before: Sat 04 Nov 2023 21:29:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 04 Nov 2023 22:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9c:3d:78:75:ed:4e:30:bc:bd:fe:63:d9:57:24:ca:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 4 21:29:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b6c0475a69fc24eb709d3cb3c4042d04059d6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:13:c6:26:58:54:81:d9:86:2d:c2:37:fa:
04:a5:09:85:83:fe:1c:47:70:c2:84:12:dd:1d:69:
2f:11:a6:e8:f4:5a:fc:6b:a7:94:21:d5:21:b5:51:
b6:1f:02:d3:ff:36:d8:a5:07:ff:dd:47:05:ec:ca:
2b:04:50:9a:97:49:1f:56:1d:60:59:96:53:14:62:
61:4d:ab:f7:a7:81:c3:22:af:fc:7b:26:21:8e:74:
37:c6:df:cf:b9:d3:73:a9:c3:d9:53:9c:b9:05:43:
5a:77:23:35:e6:ee:1a:5f:95:5d:b1:1a:d2:bf:8b:
d7:05:e8:83:ce:32:e4:b9:6d:5f:41:04:36:d0:52:
e8:2e:76:ad:8e:75:53:c8:9e:9b:eb:83:88:7f:6b:
db:c4:9e:af:9e:9b:79:74:21:d1:21:b0:e2:b2:31:
05:4d:b5:be:fa:2d:25:16:e4:5e:6d:5b:17:c9:db:
6c:6e:38:25:1b:29:e2:b8:ae:a5:19:68:e1:94:28:
5f:3a:e9:1d:fb:04:8a:ab:f9:10:ba:31:77:bc:45:
dc:cf:73:84:e0:dc:fc:8a:c3:82:9c:10:0b:56:97:
71:51:2e:14:42:d6:f0:5c:4a:d6:3b:f7:37:73:2b:
dd:96:fc:15:53:69:b1:29:c4:8a:45:d6:e7:44:8d:
f3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6C:04:75:A6:9F:C2:4E:B7:09:D3:CB:3C:40:42:D0:40:59:D6:F7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a2wEdaafwk63CdPLPEBC0EBZ1vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.218.103.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.226.107.0/24
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:42:a5:58:83:0f:a3:1b:3c:c9:66:4a:a3:ec:d2:3e:6a:e8:
f2:85:6a:b4:18:f0:c2:dd:97:35:af:6c:1d:8a:04:59:c6:b1:
57:29:0d:3f:ea:91:c9:69:c2:78:6c:31:92:32:6c:41:83:cd:
32:c5:fc:4a:d0:52:0f:de:28:4c:7d:5b:db:9d:f5:b0:f9:ca:
63:8d:75:24:96:31:7c:b1:47:63:c8:a7:a2:7e:c6:cb:7f:82:
3e:e7:d5:3e:2c:a5:4c:7c:e7:81:4d:ab:3b:32:7c:38:e6:26:
15:b6:8e:7a:64:6c:0a:58:15:e5:fe:00:6f:40:7c:73:00:fa:
32:f5:45:00:2d:93:d7:94:8e:73:19:6e:b1:8e:67:7a:c9:ca:
3f:56:19:a6:30:a6:70:b5:2e:1d:40:c5:34:5a:d1:fb:24:df:
08:5e:69:d5:22:42:96:85:e1:88:d2:b8:3f:20:85:c7:f1:f7:
bb:a0:5a:99:08:8b:3f:54:ee:48:69:0e:be:5a:35:56:ac:5c:
0f:e4:0a:7e:52:e8:52:e8:b8:21:1d:82:f6:75:28:84:bb:18:
4f:4c:82:b8:32:b3:a1:5b:45:97:24:64:cf:74:e8:72:a2:cc:
99:e8:5c:09:24:ad:14:66:56:55:2e:b5:41:dd:88:07:ce:60:
1a:75:f6:25
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYucPXh17U4wvL3+Y9lXJMqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTA0MjEyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZjMDQ3NWE2OWZjMjRlYjcwOWQzY2IzYzQwNDJkMDQwNTlkNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwQTxiZYVIHZhi3CN/oEpQmFg/4c
R3DChBLdHWkvEabo9Fr8a6eUIdUhtVG2HwLT/zbYpQf/3UcF7MorBFCal0kfVh1g
WZZTFGJhTav3p4HDIq/8eyYhjnQ3xt/PudNzqcPZU5y5BUNadyM15u4aX5VdsRrS
v4vXBeiDzjLkuW1fQQQ20FLoLnatjnVTyJ6b64OIf2vbxJ6vnpt5dCHRIbDisjEF
TbW++i0lFuRebVsXydtsbjglGyniuK6lGWjhlChfOukd+wSKq/kQujF3vEXcz3OE
4Nz8isOCnBALVpdxUS4UQtbwXErWO/c3cyvdlvwVU2mxKcSKRdbnRI3zCwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGtsBHWmn8JOtwnTyzxAQtBAWdb3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYTJ3RWRhYWZ3azYzQ2RQTFBFQkMwRUJaMXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQgVAwQA
LZPgAwQAudEmAwQAudpnAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQAueJrAwQA
ufZyAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQDAQqVYgw+jGzzJZkqj
7NI+aujyhWq0GPDC3Zc1r2wdigRZxrFXKQ0/6pHJacJ4bDGSMmxBg80yxfxK0FIP
3ihMfVvbnfWw+cpjjXUkljF8sUdjyKeifsbLf4I+59U+LKVMfOeBTas7Mnw45iYV
to56ZGwKWBXl/gBvQHxzAPoy9UUALZPXlI5zGW6xjmd6yco/VhmmMKZwtS4dQMU0
WtH7JN8IXmnVIkKWheGI0rg/IIXH8fe7oFqZCIs/VO5IaQ6+WjVWrFwP5Ap+UuhS
6LghHYL2dSiEuxhPTIK4MrOhW0WXJGTPdOhyosyZ6FwJJK0UZlZVLrVB3YgHzmAa
dfYl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org