Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a8Bn9snfpgDfM2exe4BqpTkuVi4.roa
File: a8Bn9snfpgDfM2exe4BqpTkuVi4.roa (raw, json)
Hash identifier: sYRJD1JMfMxwHaXV9DIFzTaGSswG1ya/XuN3ECkYx+w=
Subject key identifier: 6B:C0:67:F6:C9:DF:A6:00:DF:33:67:B1:7B:80:6A:A5:39:2E:56:2E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0186AE12EB6D690B57EDF39D1741DE79BCF0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a8Bn9snfpgDfM2exe4BqpTkuVi4.roa
Signing time: Sat 04 Mar 2023 19:22:00 +0000
ROA not before: Sat 04 Mar 2023 19:22:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.8.23.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Mar 2023 09:33:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ae:12:eb:6d:69:0b:57:ed:f3:9d:17:41:de:79:bc:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 4 19:22:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bc067f6c9dfa600df3367b17b806aa5392e562e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:91:eb:b7:ae:18:b4:d9:92:2e:7f:79:54:ed:
de:bf:ae:3f:3a:8e:0e:d7:00:c7:d9:65:e4:11:10:
3e:98:fb:33:ec:a7:7c:93:a7:0c:49:d3:38:68:ed:
fe:a2:d9:8f:76:75:54:ad:e5:61:8e:6d:32:b3:b0:
2c:1f:e8:d0:e7:49:0e:3d:00:f3:1a:93:00:f6:1a:
9f:ab:23:12:dc:67:6f:20:df:03:fd:cc:2a:a6:24:
d8:ef:d5:49:29:fd:98:cd:dc:76:a7:26:cd:02:7f:
a6:e8:c9:11:f4:39:6a:0a:de:89:80:d2:ae:53:db:
3a:55:87:9c:0a:a4:97:47:e4:9a:42:3f:87:70:ec:
f5:7e:ab:db:4f:f0:b0:fe:d6:f8:78:ca:81:69:71:
e8:d8:d9:88:e3:73:d1:c3:98:35:d5:c6:9d:14:b0:
65:b7:d5:af:e8:ef:23:52:50:79:e8:7c:8d:e4:93:
b2:4c:3b:cf:66:99:6f:f1:63:8e:10:c7:32:db:17:
ae:5a:5e:61:5b:41:c9:0d:6b:15:ed:f0:f4:f6:35:
ff:b4:b0:7f:13:6b:01:0d:ef:47:a4:45:ee:97:b4:
2c:1f:e4:7e:6a:1a:3a:2d:a5:58:52:ca:29:bc:83:
ee:90:00:43:93:21:15:8e:b5:e3:21:3c:3a:94:a0:
6c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C0:67:F6:C9:DF:A6:00:DF:33:67:B1:7B:80:6A:A5:39:2E:56:2E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a8Bn9snfpgDfM2exe4BqpTkuVi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
185.225.2.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d2:f2:57:df:d6:74:70:7c:d0:9f:b3:01:6f:25:29:c4:19:
ff:15:5f:e5:a1:3a:b3:55:2b:35:6e:84:97:5c:46:c1:ea:5d:
43:ef:06:4b:f9:b8:94:39:4b:0b:e6:93:bf:3b:10:64:2d:2c:
33:3e:4e:b1:b6:b7:2b:ef:db:c6:eb:35:9d:38:ce:04:a9:df:
1b:15:b7:c8:db:7b:93:a7:69:97:c3:38:2e:8f:8f:49:1c:b8:
fe:c2:cb:49:e4:a1:92:67:98:e8:61:ed:1d:ba:fb:9d:23:e7:
f2:38:e5:53:a1:45:5f:d6:13:c0:60:4a:f7:b8:90:9a:9a:a2:
75:ca:7a:2e:ac:2e:85:e7:22:fd:35:7a:99:da:95:f7:4c:a0:
52:ef:3d:ce:70:c3:27:48:34:97:b7:28:0f:75:14:f1:20:e0:
a5:27:68:c2:b2:83:d7:b0:fd:64:02:3e:37:27:92:86:d1:d6:
d5:ea:20:3b:48:b4:17:da:3c:80:95:89:5d:ca:f4:f3:d1:e7:
9b:5b:d2:1b:9c:30:8e:ac:ce:3a:15:f9:6c:c2:40:81:90:6c:
ec:95:a0:1e:a9:91:e0:6d:d2:ab:84:e5:d6:8d:5e:94:91:0b:
07:e3:8e:06:bd:08:0e:37:d2:2e:d5:a3:fc:00:fc:da:a8:22:
d0:13:d8:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYauEuttaQtX7fOdF0HeebzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMzA0MTkyMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmMwNjdmNmM5ZGZhNjAwZGYzMzY3YjE3YjgwNmFhNTM5MmU1NjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpHrt64YtNmSLn95VO3ev64/Oo4O
1wDH2WXkERA+mPsz7Kd8k6cMSdM4aO3+otmPdnVUreVhjm0ys7AsH+jQ50kOPQDz
GpMA9hqfqyMS3GdvIN8D/cwqpiTY79VJKf2Yzdx2pybNAn+m6MkR9DlqCt6JgNKu
U9s6VYecCqSXR+SaQj+HcOz1fqvbT/Cw/tb4eMqBaXHo2NmI43PRw5g11cadFLBl
t9Wv6O8jUlB56HyN5JOyTDvPZplv8WOOEMcy2xeuWl5hW0HJDWsV7fD09jX/tLB/
E2sBDe9HpEXul7QsH+R+aho6LaVYUsopvIPukABDkyEVjrXjITw6lKBsswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvAZ/bJ36YA3zNnsXuAaqU5LlYuMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYThCbjlzbmZwZ0RmTTJleGU0QnFwVGt1Vmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQgXAwQA
ueECMA0GCSqGSIb3DQEBCwUAA4IBAQBx0vJX39Z0cHzQn7MBbyUpxBn/FV/loTqz
VSs1boSXXEbB6l1D7wZL+biUOUsL5pO/OxBkLSwzPk6xtrcr79vG6zWdOM4Eqd8b
FbfI23uTp2mXwzguj49JHLj+wstJ5KGSZ5joYe0duvudI+fyOOVToUVf1hPAYEr3
uJCamqJ1ynourC6F5yL9NXqZ2pX3TKBS7z3OcMMnSDSXtygPdRTxIOClJ2jCsoPX
sP1kAj43J5KG0dbV6iA7SLQX2jyAlYldyvTz0eebW9IbnDCOrM46FflswkCBkGzs
laAeqZHgbdKrhOXWjV6UkQsH444GvQgON9Iu1aP8APzaqCLQE9jt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org