Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e2QY-AiBRbcRlpqA8-BhL5G8ElY.roa
File: e2QY-AiBRbcRlpqA8-BhL5G8ElY.roa (raw, json)
Hash identifier: OBvF7aeje89lOh6u+TQ01GrkJ6a6I95wsgR2DrVlBb0=
Subject key identifier: 7B:64:18:F8:08:81:45:B7:11:96:9A:80:F3:E0:61:2F:91:BC:12:56
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018959A59ABCF54B320ECBC320306CC6B817
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e2QY-AiBRbcRlpqA8-BhL5G8ElY.roa
Signing time: Sat 15 Jul 2023 13:02:52 +0000
ROA not before: Sat 15 Jul 2023 13:02:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.52.0/24 maxlen: 24
185.209.72.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 13:04:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:59:a5:9a:bc:f5:4b:32:0e:cb:c3:20:30:6c:c6:b8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 15 13:02:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b6418f8088145b711969a80f3e0612f91bc1256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:e3:60:0c:cd:6f:34:e0:51:16:e4:8a:9c:
1f:66:c6:06:a3:51:cb:13:87:3d:3c:62:ea:6f:1c:
a8:8a:63:73:02:55:08:e1:de:f9:1e:77:e0:d4:ff:
ba:ba:d5:63:0a:be:8f:f9:21:d8:ec:96:72:84:e2:
c3:9d:fc:cf:ec:3f:4d:05:55:23:15:68:4a:c6:9e:
1b:fd:55:bc:83:cb:2b:fc:f8:db:be:56:7b:57:02:
b7:ca:eb:f1:2b:e0:4e:14:89:0f:e4:43:77:14:d9:
24:83:33:ed:b1:c8:ee:60:66:0e:47:97:9c:d1:f4:
92:9c:7b:6b:16:cd:d6:bf:a6:05:a7:79:40:d1:c7:
76:eb:cf:60:01:f1:4c:be:b1:12:6b:73:63:12:35:
26:95:ab:8a:28:95:a1:6e:02:9d:37:17:5e:5b:2e:
30:67:11:c0:a4:f5:a3:80:cd:31:80:00:c4:4f:0d:
01:4d:31:24:bb:73:b4:91:13:fa:2b:9d:4c:46:c1:
42:69:b9:e5:c0:25:6d:c7:c2:90:b9:e2:62:f0:56:
22:9c:a1:76:50:37:2b:fb:b4:9d:58:4e:72:5d:88:
37:71:1a:ba:04:de:29:57:85:3a:53:af:ad:38:64:
55:7b:41:e7:64:63:d4:db:2d:b8:cc:af:11:88:76:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:64:18:F8:08:81:45:B7:11:96:9A:80:F3:E0:61:2F:91:BC:12:56
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/e2QY-AiBRbcRlpqA8-BhL5G8ElY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.72.0/24
185.223.80.0/24
185.225.0.0/23
185.230.52.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
95:f5:70:96:3c:65:da:d5:05:d6:63:62:98:a7:2c:0d:ad:b8:
6a:43:73:99:43:d6:8d:a3:5b:81:c4:14:2e:78:a9:43:87:0b:
bc:7a:a3:41:cb:a8:7d:b7:c8:57:0e:03:9c:15:4c:94:8d:6f:
dc:f9:85:12:6c:c1:2c:38:e6:24:c6:9d:f9:d5:d0:73:21:10:
ea:86:ac:f0:01:5d:e4:c5:ee:9e:8c:87:12:85:17:f5:78:e5:
2a:3f:c5:2e:38:3a:75:36:09:c2:52:18:9c:0e:ea:0a:48:9d:
16:9f:cf:9b:39:ee:74:a3:d1:d1:0e:01:05:05:01:84:bd:16:
e9:76:22:c5:a9:b1:db:b2:0e:8a:e0:c9:ca:2a:c6:01:48:63:
14:a3:1d:36:4a:54:5c:d5:86:2d:45:ef:bc:75:2b:fd:e4:12:
1b:2b:7a:8f:26:4e:c4:df:fd:e4:95:d5:b2:fc:9d:60:9b:12:
fc:3a:8a:ea:ac:23:6d:7b:12:19:ce:ea:6b:b1:22:09:ad:17:
85:b3:9a:3b:67:34:a7:2d:cf:dc:59:85:69:c7:b3:27:2d:a4:
d5:0f:e4:db:8d:96:6a:62:ec:a7:07:10:fc:48:dd:31:42:93:
d4:57:af:e0:ef:c1:d8:07:3d:2d:7f:9c:a6:d0:0b:db:33:2a:
6f:cb:7d:ad
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYlZpZq89UsyDsvDIDBsxrgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzE1MTMwMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjY0MThmODA4ODE0NWI3MTE5NjlhODBmM2UwNjEyZjkxYmMxMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6DjYAzNbzTgURbkipwfZsYGo1HL
E4c9PGLqbxyoimNzAlUI4d75Hnfg1P+6utVjCr6P+SHY7JZyhOLDnfzP7D9NBVUj
FWhKxp4b/VW8g8sr/PjbvlZ7VwK3yuvxK+BOFIkP5EN3FNkkgzPtscjuYGYOR5ec
0fSSnHtrFs3Wv6YFp3lA0cd2689gAfFMvrESa3NjEjUmlauKKJWhbgKdNxdeWy4w
ZxHApPWjgM0xgADETw0BTTEku3O0kRP6K51MRsFCabnlwCVtx8KQueJi8FYinKF2
UDcr+7SdWE5yXYg3cRq6BN4pV4U6U6+tOGRVe0HnZGPU2y24zK8RiHa8TQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHtkGPgIgUW3EZaagPPgYS+RvBJWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZTJRWS1BaUJSYmNSbHBxQTgtQmhMNUc4RWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
LZPgAwQAudFIAwQAud9QAwQBueEAAwQAueY0AwQAufvlAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQCV9XCWPGXa1QXWY2KYpywNrbhqQ3OZQ9aNo1uBxBQueKlDhwu8
eqNBy6h9t8hXDgOcFUyUjW/c+YUSbMEsOOYkxp351dBzIRDqhqzwAV3kxe6ejIcS
hRf1eOUqP8UuODp1NgnCUhicDuoKSJ0Wn8+bOe50o9HRDgEFBQGEvRbpdiLFqbHb
sg6K4MnKKsYBSGMUox02SlRc1YYtRe+8dSv95BIbK3qPJk7E3/3kldWy/J1gmxL8
OorqrCNtexIZzuprsSIJrReFs5o7ZzSnLc/cWYVpx7MnLaTVD+TbjZZqYuynBxD8
SN0xQpPUV6/g78HYBz0tf5ym0AvbMypvy32t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org