Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dxGa9GcrF7ohSS4BHuRmNVMzVz8.roa
File: dxGa9GcrF7ohSS4BHuRmNVMzVz8.roa (raw, json)
Hash identifier: oS8WNYCmNfPkuDGvL13Cg78MoiJXPSdgD3bN9w8JZBQ=
Subject key identifier: 77:11:9A:F4:67:2B:17:BA:21:49:2E:01:1E:E4:66:35:53:33:57:3F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E2EA36B853AB87168252B39EF70DCF4DC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dxGa9GcrF7ohSS4BHuRmNVMzVz8.roa
Signing time: Mon 11 Mar 2024 17:50:45 +0000
ROA not before: Mon 11 Mar 2024 17:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60458
IP address blocks: 45.90.238.0/24 maxlen: 24
185.199.55.0/24 maxlen: 24
185.248.200.0/22 maxlen: 22
185.254.159.0/24 maxlen: 24
193.17.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 15:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:a3:6b:85:3a:b8:71:68:25:2b:39:ef:70:dc:f4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 11 17:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77119af4672b17ba21492e011ee466355333573f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:27:1d:97:c2:a1:79:61:15:62:53:35:70:be:
2d:d4:eb:7d:c8:7a:49:69:db:0f:f8:80:5e:7a:39:
4e:9a:5d:a1:5d:c3:ac:52:84:63:06:75:44:74:52:
73:0e:f5:c1:c7:66:74:84:aa:7b:41:36:bb:bc:da:
a3:89:c2:d9:ca:8a:cc:81:00:86:3f:8b:a0:c1:8f:
ec:7a:00:bb:dc:00:ce:91:47:6d:d5:8c:42:df:94:
63:80:f2:7e:23:c1:35:bb:3c:57:fc:4c:dd:f3:8d:
38:83:f2:d4:ce:1e:f6:79:cc:86:40:4b:6a:a5:3c:
72:4d:42:14:00:f9:e3:ed:1a:e2:67:f3:93:95:02:
bf:bf:76:a8:2f:c2:a8:c6:d5:20:fe:d7:34:49:c2:
97:ef:a3:34:85:25:01:0c:45:f9:0d:8e:d7:7e:3f:
51:f8:94:20:90:03:78:b8:cd:31:b1:b3:d1:5c:94:
76:78:14:10:fc:15:78:b6:9e:cf:14:c8:e5:b6:ab:
f7:86:3a:4a:43:2e:de:4c:e7:e0:9c:87:4e:d6:31:
ab:45:e1:29:59:24:53:b9:24:a0:be:4d:db:6d:f9:
fb:2f:5c:e3:f2:6e:ff:23:b7:9c:f0:3d:59:20:ea:
f7:8c:9a:ef:58:22:7b:46:c2:89:2a:86:46:84:e4:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:11:9A:F4:67:2B:17:BA:21:49:2E:01:1E:E4:66:35:53:33:57:3F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/dxGa9GcrF7ohSS4BHuRmNVMzVz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.238.0/24
185.199.55.0/24
185.248.200.0/22
185.254.159.0/24
193.17.181.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:10:e2:0f:91:b0:0d:8a:58:d3:19:49:61:c6:d9:cc:08:02:
f4:ae:eb:c8:d5:3c:c0:b9:3e:d1:33:ba:6c:4f:47:7f:28:0f:
7b:77:e2:92:2b:57:14:ce:ab:de:a0:eb:2e:71:5b:a2:fe:5a:
ef:96:02:dc:ff:74:18:d8:2b:e7:9e:5e:1a:73:da:1e:b9:74:
29:27:45:94:59:ef:f1:ea:eb:0b:43:7f:0a:64:2c:01:f2:b5:
f5:5d:c6:ac:8c:25:55:89:b7:03:28:ab:0a:fd:3a:27:85:34:
b6:81:51:45:14:a2:24:75:89:d8:53:d0:62:bf:fc:95:4f:81:
e9:c0:bd:86:25:23:cc:69:1d:df:0a:6b:ba:f9:13:d0:3a:81:
24:d4:02:e5:88:e9:72:42:69:94:b0:62:be:69:26:c6:3b:06:
02:41:83:08:f2:7a:ba:bc:37:26:31:81:84:8d:2f:d4:d1:48:
b1:2f:e8:c7:4e:e4:e4:fd:85:67:a6:73:30:20:2f:b0:f9:a7:
a9:77:2d:52:69:4b:47:bb:9a:9d:81:f7:f9:d8:f7:b5:f1:37:
16:26:1a:7e:b3:52:e4:7e:74:f1:e1:c4:c4:f6:a9:4d:26:99:
1d:b7:37:87:f8:27:bb:85:99:80:bd:06:bb:39:85:b5:6c:4d:
87:65:39:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4uo2uFOrhxaCUrOe9w3PTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzExMTc1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzExOWFmNDY3MmIxN2JhMjE0OTJlMDExZWU0NjYzNTUzMzM1NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ccdl8KheWEVYlM1cL4t1Ot9yHpJ
adsP+IBeejlOml2hXcOsUoRjBnVEdFJzDvXBx2Z0hKp7QTa7vNqjicLZyorMgQCG
P4ugwY/segC73ADOkUdt1YxC35RjgPJ+I8E1uzxX/Ezd8404g/LUzh72ecyGQEtq
pTxyTUIUAPnj7RriZ/OTlQK/v3aoL8KoxtUg/tc0ScKX76M0hSUBDEX5DY7Xfj9R
+JQgkAN4uM0xsbPRXJR2eBQQ/BV4tp7PFMjltqv3hjpKQy7eTOfgnIdO1jGrReEp
WSRTuSSgvk3bbfn7L1zj8m7/I7ec8D1ZIOr3jJrvWCJ7RsKJKoZGhOSqkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHcRmvRnKxe6IUkuAR7kZjVTM1c/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZHhHYTlHY3JGN29oU1M0Qkh1Um1OVk16Vno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVruAwQA
ucc3AwQCufjIAwQAuf6fAwQAwRG1MA0GCSqGSIb3DQEBCwUAA4IBAQCgEOIPkbAN
iljTGUlhxtnMCAL0ruvI1TzAuT7RM7psT0d/KA97d+KSK1cUzqveoOsucVui/lrv
lgLc/3QY2Cvnnl4ac9oeuXQpJ0WUWe/x6usLQ38KZCwB8rX1XcasjCVVibcDKKsK
/TonhTS2gVFFFKIkdYnYU9Biv/yVT4HpwL2GJSPMaR3fCmu6+RPQOoEk1ALliOly
QmmUsGK+aSbGOwYCQYMI8nq6vDcmMYGEjS/U0UixL+jHTuTk/YVnpnMwIC+w+aep
dy1SaUtHu5qdgff52Pe18TcWJhp+s1LkfnTx4cTE9qlNJpkdtzeH+Ce7hZmAvQa7
OYW1bE2HZTle
-----END CERTIFICATE-----
Generated at Thu May 2 20:05:56 2024 by rpki-client on console-fra.rpki-client.org