Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7tI7FPX8Y9mVbVSwn3-C9OWeno.roa
File: d7tI7FPX8Y9mVbVSwn3-C9OWeno.roa (raw, json)
Hash identifier: QvkRgjD2pKyxsL2tCiXeJZg84xOI3RWQyG73SaOJjPE=
Subject key identifier: 77:BB:48:EC:53:D7:F1:8F:66:55:B5:52:C2:7D:FE:0B:D3:96:7A:7A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C4E87A2B840C60E8A4973153548CAC88F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7tI7FPX8Y9mVbVSwn3-C9OWeno.roa
Signing time: Sat 09 Dec 2023 12:22:41 +0000
ROA not before: Sat 09 Dec 2023 12:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 194.5.67.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:87:a2:b8:40:c6:0e:8a:49:73:15:35:48:ca:c8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 9 12:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77bb48ec53d7f18f6655b552c27dfe0bd3967a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:54:05:bd:2f:5c:9c:b2:6e:2c:a7:b8:58:e2:
76:85:25:be:54:7c:fd:68:01:71:f3:1a:1b:fb:61:
65:bd:e6:8b:ae:b8:46:e3:9a:69:3e:f0:a4:3f:06:
e2:8a:c2:f7:8e:19:b0:74:26:b7:d4:49:69:41:6d:
b6:ee:1a:d1:b5:58:c4:82:03:0f:bc:c3:24:f5:a8:
c6:8a:37:f8:7d:56:c7:1b:15:86:d9:ff:1e:c8:74:
3c:1d:0a:5d:a5:97:92:fc:5d:c8:18:74:05:e3:15:
c3:e4:7b:bb:09:bd:fc:d4:d1:25:bc:55:19:e1:87:
55:0c:6b:6f:5d:10:3d:64:5e:22:83:52:16:57:e2:
4d:32:15:ad:03:ec:21:ac:86:ad:24:84:13:6b:81:
0b:7a:5a:d2:7b:a9:ab:d5:75:87:f2:b6:96:45:75:
5b:a9:df:4d:38:69:1f:cc:4e:e0:56:fb:85:a1:17:
90:f8:d3:f6:f5:d9:ed:4c:0b:d7:83:e7:9b:23:d7:
0b:b9:d9:f2:34:b5:35:28:38:f8:7e:d7:db:cd:85:
44:08:bb:c3:80:43:43:16:5b:b5:e4:98:fa:95:bd:
5a:36:db:94:65:fb:90:24:a5:c9:23:ef:bd:00:fb:
61:87:7e:0e:45:3e:ae:04:87:fb:00:51:85:f4:eb:
ff:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BB:48:EC:53:D7:F1:8F:66:55:B5:52:C2:7D:FE:0B:D3:96:7A:7A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7tI7FPX8Y9mVbVSwn3-C9OWeno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
185.223.83.0/24
194.5.67.0/24
Signature Algorithm: sha256WithRSAEncryption
55:dd:c8:28:51:ee:1e:c3:31:06:b8:ee:51:2e:85:4a:59:66:
6d:67:20:7e:ea:36:14:a2:31:07:9f:e2:5f:89:f4:0a:6a:a9:
1a:80:13:dd:37:60:64:b8:a2:66:7d:77:30:c7:c9:a4:53:70:
e7:49:02:cc:02:0a:84:fc:e8:3f:04:51:7b:42:66:26:c2:bc:
33:f1:93:d6:d1:ff:04:5f:8c:ae:c8:97:c6:9a:f5:70:0b:5a:
09:40:32:2b:b5:3b:6b:bb:ae:41:34:88:1f:d6:cb:22:77:34:
7c:39:ec:bf:46:93:5b:77:73:d7:84:6b:68:95:31:a2:81:3b:
80:a5:d5:d1:ce:51:2a:42:fc:c2:99:b6:71:18:ee:dd:e3:38:
76:9b:35:07:59:49:ef:9e:d9:77:6a:d5:d6:e3:05:f0:0c:68:
ab:8c:2f:e9:47:93:b4:1a:2b:0a:4f:f3:19:62:8b:06:f8:f6:
cb:a1:b4:d8:24:c5:1d:cc:df:28:fd:6c:05:52:ec:cd:4d:fc:
75:0f:cf:31:7b:48:3d:2e:f1:69:93:3e:77:75:fd:79:6b:15:
12:ee:58:0e:56:c6:b2:9e:a9:0e:4e:70:c5:2e:32:b9:f6:bc:
5d:ff:2f:de:32:e8:03:82:3a:03:77:b5:44:53:40:34:f3:af:
13:32:b7:c6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxOh6K4QMYOiklzFTVIysiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjA5MTIyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JiNDhlYzUzZDdmMThmNjY1NWI1NTJjMjdkZmUwYmQzOTY3YTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1QFvS9cnLJuLKe4WOJ2hSW+VHz9
aAFx8xob+2FlveaLrrhG45ppPvCkPwbiisL3jhmwdCa31ElpQW227hrRtVjEggMP
vMMk9ajGijf4fVbHGxWG2f8eyHQ8HQpdpZeS/F3IGHQF4xXD5Hu7Cb381NElvFUZ
4YdVDGtvXRA9ZF4ig1IWV+JNMhWtA+whrIatJIQTa4ELelrSe6mr1XWH8raWRXVb
qd9NOGkfzE7gVvuFoReQ+NP29dntTAvXg+ebI9cLudnyNLU1KDj4ftfbzYVECLvD
gENDFlu15Jj6lb1aNtuUZfuQJKXJI++9APthh34ORT6uBIf7AFGF9Ov/3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHe7SOxT1/GPZlW1UsJ9/gvTlnp6MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZDd0STdGUFg4WTltVmJWU3duMy1DOU9XZW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPgAwQA
ud4eAwQAud9TAwQAwgVDMA0GCSqGSIb3DQEBCwUAA4IBAQBV3cgoUe4ewzEGuO5R
LoVKWWZtZyB+6jYUojEHn+JfifQKaqkagBPdN2BkuKJmfXcwx8mkU3DnSQLMAgqE
/Og/BFF7QmYmwrwz8ZPW0f8EX4yuyJfGmvVwC1oJQDIrtTtru65BNIgf1ssidzR8
Oey/RpNbd3PXhGtolTGigTuApdXRzlEqQvzCmbZxGO7d4zh2mzUHWUnvntl3atXW
4wXwDGirjC/pR5O0GisKT/MZYosG+PbLobTYJMUdzN8o/WwFUuzNTfx1D88xe0g9
LvFpkz53df15axUS7lgOVsaynqkOTnDFLjK59rxd/y/eMugDgjoDd7VEU0A0868T
MrfG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org