Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cZ5uOjVp1fwNW6JN1MXtrg6eKCo.roa
File: cZ5uOjVp1fwNW6JN1MXtrg6eKCo.roa (raw, json)
Hash identifier: QCamTS+oi8SEFMXceVXSnOGHyRu0Jq37qPuPSnOdoA8=
Subject key identifier: 71:9E:6E:3A:35:69:D5:FC:0D:5B:A2:4D:D4:C5:ED:AE:0E:9E:28:2A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01896336A3D3582F814F1233746A2B025F97
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cZ5uOjVp1fwNW6JN1MXtrg6eKCo.roa
Signing time: Mon 17 Jul 2023 09:37:52 +0000
ROA not before: Mon 17 Jul 2023 09:37:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.52.0/24 maxlen: 24
185.218.21.0/24 maxlen: 24
185.209.72.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 18 Jul 2023 18:35:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:36:a3:d3:58:2f:81:4f:12:33:74:6a:2b:02:5f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 17 09:37:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=719e6e3a3569d5fc0d5ba24dd4c5edae0e9e282a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:48:42:54:8b:a7:02:af:65:1d:14:85:51:a9:
e3:a9:9e:d6:ef:06:fa:8f:b3:7f:3b:b3:3a:4f:96:
49:0c:25:9c:10:67:f7:54:53:f7:01:3e:03:0a:8f:
62:57:7b:17:16:37:87:5b:b7:3e:4d:69:6c:ad:54:
23:5a:e3:8b:35:61:96:88:1a:7d:79:5e:05:69:44:
77:80:06:70:4e:24:87:65:6a:70:6c:21:60:46:ce:
be:e2:3f:2b:16:8c:15:51:8c:77:0f:ca:23:5e:39:
cc:9a:e6:2a:7d:9f:a0:a0:0d:31:79:da:71:9f:01:
1f:3a:8b:37:4f:e9:d0:8d:3a:9e:4f:e7:7e:77:18:
3a:a9:67:ae:43:58:00:67:3d:a8:ba:f7:fa:6e:98:
0c:0f:bb:03:eb:64:d0:aa:62:61:c0:3a:bd:6d:f0:
81:2e:51:cb:35:11:94:fe:18:15:5c:46:e5:23:5f:
09:5f:ac:da:2b:28:f1:e6:81:be:aa:8b:b8:f6:a9:
c2:5b:d5:d6:5b:7a:90:9d:4f:8e:e3:e6:43:ce:05:
36:0e:49:94:ef:c4:f2:74:8f:5d:34:20:69:6e:28:
46:5c:31:c8:7b:44:42:f2:e5:41:fe:af:d8:77:db:
22:bb:5f:fd:e6:04:b9:cf:9d:d8:4b:6e:61:80:dd:
59:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9E:6E:3A:35:69:D5:FC:0D:5B:A2:4D:D4:C5:ED:AE:0E:9E:28:2A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cZ5uOjVp1fwNW6JN1MXtrg6eKCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.72.0/24
185.218.21.0/24
185.223.78.0/24
185.225.0.0/23
185.230.52.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:45:d4:1f:41:84:60:d8:3d:df:80:c0:ef:75:94:fd:e5:18:
d8:06:ba:20:0a:98:8a:50:8c:99:bd:e0:50:54:fa:a2:9c:f6:
1e:b7:8f:56:94:16:33:7c:4c:88:9d:6b:b1:60:6d:dc:c2:10:
55:3b:f8:6e:ea:19:b7:c6:87:8d:f2:fd:2c:b5:2f:59:28:16:
69:64:c2:c0:d0:10:5c:04:52:d1:9e:77:48:82:cc:72:72:bb:
b1:13:42:35:fa:be:c1:2c:e3:c2:cb:20:b5:54:a8:e9:9d:f8:
bb:9c:1f:97:1f:9b:98:91:d6:f1:57:7e:4f:e6:2d:d0:93:80:
8c:37:91:19:98:ac:fa:83:84:d7:39:c5:38:5e:77:76:c3:ca:
a9:ff:ad:69:52:b4:ed:f1:ab:05:42:ef:7a:8a:ca:ec:4d:5a:
35:81:f8:9b:71:31:b7:05:d4:ed:08:69:7f:6a:22:68:86:dc:
c6:99:a3:3f:d5:51:40:4d:13:e3:8a:7b:96:97:fc:21:1b:27:
46:c6:38:53:0c:2d:3c:6a:2b:81:c5:4d:99:b2:c9:65:b4:38:
13:07:e2:bf:f7:dd:61:69:c6:93:1b:46:ae:84:4d:aa:a1:93:
cf:1c:56:3a:fc:6b:3a:03:87:59:b9:51:9e:c2:04:7c:b3:0e:
c7:b4:8c:de
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYljNqPTWC+BTxIzdGorAl+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzE3MDkzNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTllNmUzYTM1NjlkNWZjMGQ1YmEyNGRkNGM1ZWRhZTBlOWUyODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0hCVIunAq9lHRSFUanjqZ7W7wb6
j7N/O7M6T5ZJDCWcEGf3VFP3AT4DCo9iV3sXFjeHW7c+TWlsrVQjWuOLNWGWiBp9
eV4FaUR3gAZwTiSHZWpwbCFgRs6+4j8rFowVUYx3D8ojXjnMmuYqfZ+goA0xedpx
nwEfOos3T+nQjTqeT+d+dxg6qWeuQ1gAZz2ouvf6bpgMD7sD62TQqmJhwDq9bfCB
LlHLNRGU/hgVXEblI18JX6zaKyjx5oG+qou49qnCW9XWW3qQnU+O4+ZDzgU2DkmU
78TydI9dNCBpbihGXDHIe0RC8uVB/q/Yd9siu1/95gS5z53YS25hgN1Z5wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHGebjo1adX8DVuiTdTF7a4OnigqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvY1o1dU9qVnAxZndOVzZKTjFNWHRyZzZlS0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQAudFIAwQAudoVAwQAud9OAwQBueEAAwQAueY0AwQAufvlAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCgRdQfQYRg2D3fgMDvdZT95RjYBrogCpiKUIyZveBQ
VPqinPYet49WlBYzfEyInWuxYG3cwhBVO/hu6hm3xoeN8v0stS9ZKBZpZMLA0BBc
BFLRnndIgsxycruxE0I1+r7BLOPCyyC1VKjpnfi7nB+XH5uYkdbxV35P5i3Qk4CM
N5EZmKz6g4TXOcU4Xnd2w8qp/61pUrTt8asFQu96isrsTVo1gfibcTG3BdTtCGl/
aiJohtzGmaM/1VFATRPjinuWl/whGydGxjhTDC08aiuBxU2ZsslltDgTB+K/991h
acaTG0auhE2qoZPPHFY6/Gs6A4dZuVGewgR8sw7HtIze
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org