Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aK54f4Fe1-CGlB_kphLlimqZQXk.roa
File: aK54f4Fe1-CGlB_kphLlimqZQXk.roa (raw, json)
Hash identifier: yA8+uwpT7bO+VDBz2r9iNtAUBN5omv3YldL0mG1coqY=
Subject key identifier: 68:AE:78:7F:81:5E:D7:E0:86:94:1F:E4:A6:12:E5:8A:6A:99:41:79
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187E6A8264FCC3CC18C201B96B1E05C8400
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aK54f4Fe1-CGlB_kphLlimqZQXk.roa
Signing time: Thu 04 May 2023 12:06:32 +0000
ROA not before: Thu 04 May 2023 12:06:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.238.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 21:18:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:a8:26:4f:cc:3c:c1:8c:20:1b:96:b1:e0:5c:84:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 4 12:06:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ae787f815ed7e086941fe4a612e58a6a994179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:27:5b:b3:2e:73:31:9a:37:85:67:cf:a6:
67:48:35:ad:42:79:a3:ef:25:6c:a5:50:87:ac:54:
a9:30:bc:fe:d6:26:8d:6a:50:f7:bd:2d:12:6c:3e:
83:b0:af:c6:3a:d3:47:44:1d:d5:ef:d2:c2:8d:02:
08:ab:bf:64:dc:48:57:2a:2a:06:c3:df:b5:68:cb:
49:69:12:8b:7f:8b:b5:b2:f2:8f:0f:4c:05:a3:3c:
7c:8c:5a:8b:76:5e:b7:5c:0f:4c:3b:03:06:e9:e2:
d6:7f:9f:d4:a8:d3:a7:10:3c:90:5f:82:4c:95:43:
ab:d7:be:bb:86:02:d6:9b:bd:f7:4c:a8:50:e4:e3:
e1:cb:a9:c9:7e:b7:15:90:6f:18:e4:fc:38:8c:fb:
12:73:27:c1:a0:dc:c1:c4:53:8c:6f:61:4d:dd:85:
e6:39:d3:5f:81:35:86:49:8d:8a:aa:98:11:7e:06:
cf:9e:04:30:69:93:a3:72:2e:d4:8c:33:be:ae:ea:
10:16:fe:9c:93:07:c0:47:6a:86:f6:58:8f:c0:03:
57:55:2f:0c:63:90:28:d9:78:42:50:0a:f6:2c:a5:
c1:6c:ee:4d:48:f6:20:04:9e:f3:c0:42:7a:7f:a4:
3a:9e:ed:3a:32:3b:61:17:8b:92:1b:8b:b9:cc:8b:
c6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AE:78:7F:81:5E:D7:E0:86:94:1F:E4:A6:12:E5:8A:6A:99:41:79
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aK54f4Fe1-CGlB_kphLlimqZQXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.199.159.0/24
185.225.0.0/23
185.225.22.0/24
185.238.230.0/24
185.246.112.0/24
185.251.229.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:69:04:50:08:3f:76:7b:61:15:4c:40:17:d2:1c:b2:96:42:
6b:70:98:f6:c5:91:0f:6c:2e:0f:a8:93:18:93:a9:c5:3c:7b:
20:58:e3:f6:30:e5:d0:1f:6f:4c:00:d5:6c:39:a5:07:37:b3:
5b:a5:d1:8c:9e:00:95:99:67:7f:c8:28:91:b2:91:82:2a:b2:
42:78:7f:a4:aa:71:8a:20:b1:39:ce:0b:21:70:01:9a:38:f7:
ee:db:be:25:59:63:4d:55:62:0b:3f:92:0c:c0:50:e4:55:b6:
6d:50:4e:73:1f:7b:cd:bf:d7:b6:fa:fa:22:eb:b8:4d:2e:b5:
16:88:fb:19:c3:c2:b9:68:e1:70:98:50:58:c6:84:2e:a8:6b:
ea:f5:9c:66:7a:92:1b:5a:76:10:47:8b:3e:cb:66:56:9e:be:
79:81:d9:49:9a:fd:f5:0b:28:69:a6:b8:d3:ef:48:33:7e:fa:
43:85:f1:70:1e:2f:2c:1a:1f:c4:f5:f1:e2:78:2c:26:6d:19:
8e:13:60:ab:2a:14:07:85:e6:83:3f:ad:69:16:25:2b:ed:41:
ad:f9:d4:d3:63:83:9d:28:c4:0f:e3:64:ef:d5:87:85:e9:b1:
b9:65:ec:dd:b0:04:3d:3d:9a:f3:23:62:7e:9b:d8:cd:8c:ee:
9d:99:c3:c1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYfmqCZPzDzBjCAblrHgXIQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTA0MTIwNjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGFlNzg3ZjgxNWVkN2UwODY5NDFmZTRhNjEyZTU4YTZhOTk0MTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+0nW7MuczGaN4Vnz6ZnSDWtQnmj
7yVspVCHrFSpMLz+1iaNalD3vS0SbD6DsK/GOtNHRB3V79LCjQIIq79k3EhXKioG
w9+1aMtJaRKLf4u1svKPD0wFozx8jFqLdl63XA9MOwMG6eLWf5/UqNOnEDyQX4JM
lUOr1767hgLWm733TKhQ5OPhy6nJfrcVkG8Y5Pw4jPsScyfBoNzBxFOMb2FN3YXm
OdNfgTWGSY2KqpgRfgbPngQwaZOjci7UjDO+ruoQFv6ckwfAR2qG9liPwANXVS8M
Y5Ao2XhCUAr2LKXBbO5NSPYgBJ7zwEJ6f6Q6nu06MjthF4uSG4u5zIvGOQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGiueH+BXtfghpQf5KYS5YpqmUF5MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYUs1NGY0RmUxLUNHbEJfa3BoTGxpbXFaUVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
LZPgAwQAucefAwQBueEAAwQAueEWAwQAue7mAwQAufZwAwQAufvlMA0GCSqGSIb3
DQEBCwUAA4IBAQAdaQRQCD92e2EVTEAX0hyylkJrcJj2xZEPbC4PqJMYk6nFPHsg
WOP2MOXQH29MANVsOaUHN7NbpdGMngCVmWd/yCiRspGCKrJCeH+kqnGKILE5zgsh
cAGaOPfu274lWWNNVWILP5IMwFDkVbZtUE5zH3vNv9e2+voi67hNLrUWiPsZw8K5
aOFwmFBYxoQuqGvq9ZxmepIbWnYQR4s+y2ZWnr55gdlJmv31CyhpprjT70gzfvpD
hfFwHi8sGh/E9fHieCwmbRmOE2CrKhQHheaDP61pFiUr7UGt+dTTY4OdKMQP42Tv
1YeF6bG5ZezdsAQ9PZrzI2J+m9jNjO6dmcPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org