Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkN-8v4sjRhezRjAGqbZ8jtg2po.roa
File: bkN-8v4sjRhezRjAGqbZ8jtg2po.roa (raw, json)
Hash identifier: PPkyyJLBaNRZIC1PcGv1bzGuIDtI8aXYK691kwpQpRQ=
Subject key identifier: 6E:43:7E:F2:FE:2C:8D:18:5E:CD:18:C0:1A:A6:D9:F2:3B:60:DA:9A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BF17ECFB53AEDBE7F3D9F71D45B5A4670
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkN-8v4sjRhezRjAGqbZ8jtg2po.roa
Signing time: Tue 21 Nov 2023 10:48:21 +0000
ROA not before: Tue 21 Nov 2023 10:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.218.102.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
176.125.248.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 09:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:7e:cf:b5:3a:ed:be:7f:3d:9f:71:d4:5b:5a:46:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 21 10:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e437ef2fe2c8d185ecd18c01aa6d9f23b60da9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:86:2f:26:4c:3d:fa:da:85:2c:ab:ea:0c:b9:
df:1b:e8:c4:5a:76:fb:8b:7b:ee:1b:38:05:eb:41:
26:ff:8a:da:62:fc:87:fc:d0:01:9e:59:1c:a8:cc:
94:6f:ed:2a:e5:c6:4f:0b:35:91:e4:31:c0:80:a9:
11:57:00:89:d7:c0:22:a6:c9:ba:18:ae:db:a1:18:
39:9b:a8:ae:d1:00:f0:d6:14:7f:35:0f:7c:ec:0f:
9d:15:1d:e7:9f:7c:7b:2b:9b:63:48:4a:c7:de:11:
53:8f:4f:4f:2f:26:c2:66:9b:67:df:44:4e:f0:89:
38:7d:ca:55:5b:90:e3:cc:84:6d:35:c6:f0:4c:e6:
46:21:8e:b7:99:03:29:b9:12:70:2e:55:14:76:0e:
e1:5b:a6:5e:25:fe:a4:13:9f:00:c0:73:b7:ae:e1:
6d:9a:d9:cc:82:94:26:71:0c:ab:37:d2:1b:25:b5:
b1:46:28:c1:54:2a:1c:50:ac:e4:de:75:a3:24:ae:
b8:0d:5a:39:6a:b2:30:cb:7d:40:1a:14:3c:3a:c6:
c9:c8:97:69:56:63:62:6e:25:fc:ee:d6:89:88:ef:
f6:f9:43:12:52:f5:84:9d:66:ee:f1:58:8b:3d:17:
cc:25:e8:2d:e0:c5:bc:95:b2:08:17:7b:4d:76:22:
94:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:43:7E:F2:FE:2C:8D:18:5E:CD:18:C0:1A:A6:D9:F2:3B:60:DA:9A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bkN-8v4sjRhezRjAGqbZ8jtg2po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.105.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:98:d9:0f:b8:8e:83:01:d0:7a:ad:e1:4a:16:08:15:2c:51:
01:01:fb:f6:52:dd:e9:88:23:77:13:7d:9a:81:66:7d:92:68:
08:96:18:04:8b:d5:50:b7:fc:c5:9b:30:95:25:31:50:81:1c:
72:a0:e2:49:9a:2c:25:24:c7:13:be:26:27:37:72:0f:c8:05:
83:60:a7:21:aa:42:88:40:f4:ec:b4:95:e1:b4:2b:08:b0:1f:
60:59:52:06:b3:62:ec:e1:33:b1:c8:3e:b0:a3:03:94:9b:df:
19:47:7b:78:1d:3f:f5:3a:43:35:13:f0:9e:7c:d2:7b:75:9e:
8a:c0:e6:fc:9f:91:85:6c:37:26:b6:cb:ec:fb:c4:5b:0e:c5:
85:aa:8f:de:f9:f5:9a:df:23:47:75:e7:c3:77:b4:3f:70:18:
5e:b2:c9:48:f3:ff:4b:a5:4c:13:f4:b0:a1:f4:a2:01:b0:ae:
d6:eb:19:dc:5e:a5:c6:a5:ae:cb:54:3a:08:21:cd:bb:33:86:
98:56:da:bc:77:2b:7c:4a:07:2e:e2:ba:bc:07:81:e5:c5:ec:
d4:01:8b:35:40:0c:cc:b8:c3:9a:b1:16:fa:5c:b1:14:89:e8:
48:6f:2d:94:3a:e3:56:54:10:2d:ae:cd:99:0c:4d:08:f7:77:
45:3c:71:53
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYvxfs+1Ou2+fz2fcdRbWkZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTIxMTA0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQzN2VmMmZlMmM4ZDE4NWVjZDE4YzAxYWE2ZDlmMjNiNjBkYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IYvJkw9+tqFLKvqDLnfG+jEWnb7
i3vuGzgF60Em/4raYvyH/NABnlkcqMyUb+0q5cZPCzWR5DHAgKkRVwCJ18Aipsm6
GK7boRg5m6iu0QDw1hR/NQ987A+dFR3nn3x7K5tjSErH3hFTj09PLybCZptn30RO
8Ik4fcpVW5DjzIRtNcbwTOZGIY63mQMpuRJwLlUUdg7hW6ZeJf6kE58AwHO3ruFt
mtnMgpQmcQyrN9IbJbWxRijBVCocUKzk3nWjJK64DVo5arIwy31AGhQ8OsbJyJdp
VmNibiX87taJiO/2+UMSUvWEnWbu8ViLPRfMJegt4MW8lbIIF3tNdiKUKwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFG5DfvL+LI0YXs0YwBqm2fI7YNqaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYmtOLTh2NHNqUmhlelJqQUdxYlo4anRnMnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALB9+AME
Arl5DAMEALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEALnRSgMEArnSmAMEALnaZgME
ALnfTAMEALnfUAMEALnhAgMEALniaQMEALniawMEALnjkQMEArnqFAMEArnu5AME
AbnweAMEALn75zANBgkqhkiG9w0BAQsFAAOCAQEAj5jZD7iOgwHQeq3hShYIFSxR
AQH79lLd6YgjdxN9moFmfZJoCJYYBIvVULf8xZswlSUxUIEccqDiSZosJSTHE74m
JzdyD8gFg2CnIapCiED07LSV4bQrCLAfYFlSBrNi7OEzscg+sKMDlJvfGUd7eB0/
9TpDNRPwnnzSe3WeisDm/J+RhWw3JrbL7PvEWw7FhaqP3vn1mt8jR3Xnw3e0P3AY
XrLJSPP/S6VME/SwofSiAbCu1usZ3F6lxqWuy1Q6CCHNuzOGmFbavHcrfEoHLuK6
vAeB5cXs1AGLNUAMzLjDmrEW+lyxFInoSG8tlDrjVlQQLa7NmQxNCPd3RTxxUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org