Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7ylMusjHyccA_WGZAyFc3-gHjo.roa
File: d7ylMusjHyccA_WGZAyFc3-gHjo.roa (raw, json)
Hash identifier: YEhmpg5VPXqJ6EFQBELtG1zZ/P09wflRZF5MyqkzcHs=
Subject key identifier: 77:BC:A5:32:EB:23:1F:27:1C:03:F5:86:64:0C:85:73:7F:A0:1E:3A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DCFFEF30600B87CA95B2A7F39A1DF842F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7ylMusjHyccA_WGZAyFc3-gHjo.roa
Signing time: Thu 22 Feb 2024 08:46:48 +0000
ROA not before: Thu 22 Feb 2024 08:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.230.65.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Feb 2024 21:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:fe:f3:06:00:b8:7c:a9:5b:2a:7f:39:a1:df:84:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 22 08:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77bca532eb231f271c03f586640c85737fa01e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:e6:84:90:5d:e0:be:1b:22:84:d2:11:83:
03:a3:fe:da:56:21:90:dd:2f:d6:0c:cc:f5:48:7a:
92:6a:fc:b7:6a:55:56:69:42:af:8c:fe:e9:06:c3:
fc:a6:6a:dc:8f:a5:da:24:4f:e8:53:8d:49:36:21:
1f:7c:e0:f4:0b:35:ff:9a:e1:b3:df:96:ca:c6:6b:
d0:e1:7c:35:37:f8:33:8b:c9:9d:d7:0d:9e:3d:a6:
9d:d0:8b:bd:8b:fd:9f:e7:28:17:0d:95:a4:b3:84:
e4:5d:6a:2b:c5:b1:6f:bf:81:f0:54:5d:2a:9b:84:
75:b9:3e:ba:0d:05:2b:57:4e:a5:46:ea:f6:81:0e:
7a:2f:45:50:b6:a2:e4:59:8a:da:94:9e:e8:e4:d1:
6f:06:c6:bd:c0:9b:ea:82:44:f7:4d:6c:02:c6:85:
8b:54:5f:b0:c6:f4:b5:2c:a0:fd:9f:44:fa:c1:6f:
02:bf:b0:16:cf:be:ea:59:55:7f:d6:e6:76:b7:ab:
07:bc:d3:a8:81:f4:37:8c:20:fb:40:ce:6d:e0:a0:
62:07:6b:d5:e3:ae:6e:a3:6e:40:f9:a6:21:54:4f:
fb:b8:0e:2d:8f:f5:eb:ee:af:e5:18:82:24:cd:f8:
5c:d1:ad:99:a9:fd:82:40:2f:42:f8:fb:1a:00:52:
5a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BC:A5:32:EB:23:1F:27:1C:03:F5:86:64:0C:85:73:7F:A0:1E:3A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/d7ylMusjHyccA_WGZAyFc3-gHjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.230.65.0/24
185.251.229.0/24
193.8.114.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
10:09:37:32:95:90:34:5c:3f:10:1b:5f:4c:ff:45:86:8d:f4:
c7:0a:db:7e:8c:0e:a9:cb:ab:47:dd:b9:94:12:bd:d5:66:ae:
e4:e8:b8:85:57:c5:9f:d9:17:44:09:e7:48:f6:9d:6d:90:e2:
b6:da:9f:1a:e5:75:b6:d8:4b:9e:ed:82:1a:e1:ea:ad:b3:c4:
d5:ee:f9:f1:27:8f:e7:83:86:56:9d:79:03:0c:ec:7b:42:ec:
15:3f:33:dc:89:eb:2b:33:27:49:40:38:41:71:7a:3b:f6:7a:
35:c0:58:de:cb:82:1e:ce:fe:a3:df:18:7d:7b:05:fa:47:78:
31:ed:b1:06:92:ed:d0:74:07:54:4e:55:7d:1c:33:39:51:a1:
83:83:e4:93:6d:0f:3b:a9:4a:a3:42:a5:50:fc:53:0d:4c:c4:
8c:4a:67:00:54:d3:95:04:ce:81:d7:7b:ad:d0:66:ca:0f:d5:
cc:df:5a:2e:0f:0c:a5:26:be:71:c5:f1:f4:d8:91:95:db:12:
59:84:97:3a:80:5f:66:7c:ef:1e:4f:52:2d:2f:b9:4d:ee:39:
19:72:32:db:9d:17:42:76:c2:70:ff:09:98:9c:a4:00:fd:0d:
ef:d1:41:44:47:80:72:86:ea:25:53:a8:87:e5:b2:42:f5:ba:
33:9c:12:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY3P/vMGALh8qVsqfzmh34QvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjIyMDg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JjYTUzMmViMjMxZjI3MWMwM2Y1ODY2NDBjODU3MzdmYTAxZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0bmhJBd4L4bIoTSEYMDo/7aViGQ
3S/WDMz1SHqSavy3alVWaUKvjP7pBsP8pmrcj6XaJE/oU41JNiEffOD0CzX/muGz
35bKxmvQ4Xw1N/gzi8md1w2ePaad0Iu9i/2f5ygXDZWks4TkXWorxbFvv4HwVF0q
m4R1uT66DQUrV06lRur2gQ56L0VQtqLkWYralJ7o5NFvBsa9wJvqgkT3TWwCxoWL
VF+wxvS1LKD9n0T6wW8Cv7AWz77qWVV/1uZ2t6sHvNOogfQ3jCD7QM5t4KBiB2vV
465uo25A+aYhVE/7uA4tj/Xr7q/lGIIkzfhc0a2Zqf2CQC9C+PsaAFJaNwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHe8pTLrIx8nHAP1hmQMhXN/oB46MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZDd5bE11c2pIeWNjQV9XR1pBeUZjMy1nSGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAueZBAwQAufvlAwQAwQhyAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAQCTcylZA0XD8QG19M/0WGjfTHCtt+jA6py6tH3bmU
Er3VZq7k6LiFV8Wf2RdECedI9p1tkOK22p8a5XW22Eue7YIa4eqts8TV7vnxJ4/n
g4ZWnXkDDOx7QuwVPzPciesrMydJQDhBcXo79no1wFjey4Iezv6j3xh9ewX6R3gx
7bEGku3QdAdUTlV9HDM5UaGDg+STbQ87qUqjQqVQ/FMNTMSMSmcAVNOVBM6B13ut
0GbKD9XM31ouDwylJr5xxfH02JGV2xJZhJc6gF9mfO8eT1ItL7lN7jkZcjLbnRdC
dsJw/wmYnKQA/Q3v0UFER4ByhuolU6iH5bJC9boznBKw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org