Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ab1K1rkYVnBCswRH7Mwi3uywMRA.roa
File: ab1K1rkYVnBCswRH7Mwi3uywMRA.roa (raw, json)
Hash identifier: qhCoclIult64fdk+Mz9Ridhov1BNAMYpG+OxR13Kz/c=
Subject key identifier: 69:BD:4A:D6:B9:18:56:70:42:B3:04:47:EC:CC:22:DE:EC:B0:31:10
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D1BC403C25599111821FADEB2726CE397
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ab1K1rkYVnBCswRH7Mwi3uywMRA.roa
Signing time: Thu 18 Jan 2024 08:50:47 +0000
ROA not before: Thu 18 Jan 2024 08:50:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 09:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:c4:03:c2:55:99:11:18:21:fa:de:b2:72:6c:e3:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 18 08:50:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69bd4ad6b918567042b30447eccc22deecb03110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fc:e0:3e:73:35:02:4c:e5:f4:2e:6f:35:fb:
36:33:c5:dd:76:dc:55:13:7f:8a:a4:9b:38:74:26:
22:94:be:18:52:c0:b5:fb:24:81:8f:25:22:e4:09:
96:cc:3c:89:01:42:93:93:dd:be:f7:d6:43:4a:c5:
31:94:2c:a1:92:f7:8d:2e:a0:76:d4:58:98:2a:11:
06:73:07:17:59:a5:cd:37:fb:78:a6:da:ca:6f:6d:
4d:db:f8:38:f7:b3:3f:be:6e:af:68:5b:a7:2d:27:
ee:ee:b4:7d:78:02:65:05:6e:44:b1:a3:e1:28:ae:
cf:b1:eb:65:dc:07:45:7f:77:c2:81:29:b0:a2:fe:
33:42:80:bf:da:9e:82:a0:3c:96:7f:d1:a9:b9:8a:
fb:55:23:02:75:68:e7:9c:a1:00:04:dd:bb:6f:c5:
bd:19:a4:c6:9d:c2:d5:da:8c:65:60:e6:0e:d8:0f:
d7:f9:82:08:db:1d:3d:5c:84:ed:bc:f4:7e:94:a7:
2e:e5:ed:e2:34:f8:9a:d5:23:6b:3a:a8:ab:e9:6f:
64:ad:69:87:82:08:15:24:0f:4e:b8:f3:e2:50:33:
e0:4e:dc:b8:ab:91:46:b2:1f:6c:07:55:39:3a:87:
cd:0c:dc:e1:e3:e6:ea:1d:4a:56:16:13:6e:03:89:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:4A:D6:B9:18:56:70:42:B3:04:47:EC:CC:22:DE:EC:B0:31:10
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ab1K1rkYVnBCswRH7Mwi3uywMRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
93:45:09:95:d2:3a:5d:9b:a4:bf:5d:9c:40:a1:54:3c:68:66:
19:ed:cf:26:b5:b4:7b:a6:e8:68:f4:d6:76:74:af:dc:4d:a8:
40:dc:c1:0e:3d:a1:fd:ac:bf:7f:7d:38:7f:6b:7a:eb:14:94:
26:73:8e:e9:93:96:2e:44:38:81:0b:2c:28:6c:fe:0c:2b:5c:
b9:45:bc:b5:29:85:aa:2f:6c:57:14:b8:78:d2:99:f3:a4:3b:
9b:48:4a:59:e7:c1:ee:6a:56:24:83:cb:d2:f8:c8:3e:1f:77:
fd:25:58:23:2e:05:6f:d8:51:cb:2b:ed:23:bf:98:7e:b7:2d:
7b:ed:fa:2d:2d:81:89:a7:c3:2f:e6:9f:6f:17:f6:56:a3:44:
1a:09:d7:15:85:6c:f2:ae:f2:29:1c:0c:4c:1f:e4:d9:8a:5b:
5a:18:0a:d5:58:43:08:3c:a1:11:64:28:af:93:13:26:93:16:
5a:07:7d:05:e7:60:91:ae:f9:82:c8:0c:19:c6:99:4c:ef:93:
e5:02:7b:d1:2e:77:50:87:b5:b0:90:1b:97:f7:8f:d7:2f:2a:
a7:5d:89:db:60:5a:ee:f7:a2:ad:8b:60:f0:57:d2:67:6d:8a:
b2:1e:11:18:f0:6e:f1:07:49:31:7e:c9:f4:d3:22:cd:ca:d9:
d9:fd:fa:d2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0bxAPCVZkRGCH63rJybOOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTE4MDg1MDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJkNGFkNmI5MTg1NjcwNDJiMzA0NDdlY2NjMjJkZWVjYjAzMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvzgPnM1Akzl9C5vNfs2M8XddtxV
E3+KpJs4dCYilL4YUsC1+ySBjyUi5AmWzDyJAUKTk92+99ZDSsUxlCyhkveNLqB2
1FiYKhEGcwcXWaXNN/t4ptrKb21N2/g497M/vm6vaFunLSfu7rR9eAJlBW5EsaPh
KK7Psetl3AdFf3fCgSmwov4zQoC/2p6CoDyWf9GpuYr7VSMCdWjnnKEABN27b8W9
GaTGncLV2oxlYOYO2A/X+YII2x09XITtvPR+lKcu5e3iNPia1SNrOqir6W9krWmH
gggVJA9OuPPiUDPgTty4q5FGsh9sB1U5OofNDNzh4+bqHUpWFhNuA4kq2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGm9Sta5GFZwQrMER+zMIt7ssDEQMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYWIxSzFya1lWbkJDc3dSSDdNd2kzdXl3TVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCTRQmV0jpdm6S/XZxAoVQ8aGYZ7c8mtbR7puho9NZ2dK/cTahA3MEOPaH9
rL9/fTh/a3rrFJQmc47pk5YuRDiBCywobP4MK1y5Rby1KYWqL2xXFLh40pnzpDub
SEpZ58HualYkg8vS+Mg+H3f9JVgjLgVv2FHLK+0jv5h+ty177fotLYGJp8Mv5p9v
F/ZWo0QaCdcVhWzyrvIpHAxMH+TZiltaGArVWEMIPKERZCivkxMmkxZaB30F52CR
rvmCyAwZxplM75PlAnvRLndQh7WwkBuX94/XLyqnXYnbYFru96Kti2DwV9JnbYqy
HhEY8G7xB0kxfsn00yLNytnZ/frS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org