Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ecU8dnOXiykFjTXQLzOXfmi6uyU.roa
File: ecU8dnOXiykFjTXQLzOXfmi6uyU.roa (raw, json)
Hash identifier: ztcwRqyi7iUMdO3kS4T98YI16J0k06D9+dTgN78M7Cg=
Subject key identifier: 79:C5:3C:76:73:97:8B:29:05:8D:35:D0:2F:33:97:7E:68:BA:BB:25
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01865448187544D0C0B10842CD96599F14FD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ecU8dnOXiykFjTXQLzOXfmi6uyU.roa
Signing time: Wed 15 Feb 2023 08:54:16 +0000
ROA not before: Wed 15 Feb 2023 08:54:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
45.131.132.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
45.131.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Mar 2023 09:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:48:18:75:44:d0:c0:b1:08:42:cd:96:59:9f:14:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 15 08:54:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79c53c7673978b29058d35d02f33977e68babb25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9f:3e:af:50:5e:bb:d1:c5:0b:0a:57:c6:4a:
95:08:11:93:6f:27:66:0b:68:5a:83:c4:51:6d:b1:
23:d0:9e:12:34:9f:b3:68:4c:a5:f3:b4:c6:fc:bd:
c4:e0:45:27:b8:e8:c1:12:46:80:c7:20:ad:22:a9:
f4:67:c0:55:e3:12:9e:b8:97:49:35:c4:f1:85:09:
28:6f:76:64:ee:f0:22:e3:ee:13:11:e7:16:fa:b6:
58:b5:03:d5:d7:d7:73:fb:f7:bd:13:09:10:c7:ce:
57:1d:65:ea:2d:74:6d:7b:13:b9:44:d7:ee:80:d3:
74:13:48:67:6e:92:ef:15:86:84:2a:85:61:57:04:
7e:f3:e5:35:aa:ba:88:77:57:0d:90:99:a6:ec:0f:
d4:11:54:c2:a1:20:b6:5d:72:50:14:8b:00:76:ea:
f0:c0:b5:a7:3c:c0:d1:8c:ec:de:ac:e0:4e:46:9b:
4d:dc:67:ae:ca:c2:e1:24:35:41:d8:32:b7:48:83:
1e:f7:60:f4:97:97:01:fb:60:d7:80:ee:a4:92:5b:
81:b7:cf:24:70:83:c0:3b:87:78:11:1d:8c:d7:67:
d4:d9:36:a8:00:fb:0d:1d:5b:80:2a:ed:68:48:81:
ba:36:51:3f:3c:1b:f5:0c:34:d9:c2:a4:47:69:43:
e5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C5:3C:76:73:97:8B:29:05:8D:35:D0:2F:33:97:7E:68:BA:BB:25
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ecU8dnOXiykFjTXQLzOXfmi6uyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.132.0/23
45.131.135.0/24
45.147.226.0/24
185.206.250.0/24
185.223.78.0/24
185.223.155.0/24
185.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:05:12:bb:fe:10:99:37:bf:cc:ae:34:51:8e:fa:f5:3a:52:
2c:7a:5d:91:b0:b3:dc:96:83:26:9f:2f:d8:f8:04:9c:c7:28:
aa:19:ed:f1:ae:9c:1e:75:46:2e:2c:67:cf:71:bb:b0:e8:4b:
f5:82:a3:22:b6:34:67:c5:c7:f0:9c:d2:5e:58:20:a5:c5:8f:
ba:e5:30:2f:cf:26:1a:ee:6c:06:dc:ef:a8:cd:8c:38:db:64:
8e:ef:00:ad:5a:f9:2f:ab:64:50:f3:c8:d6:43:01:31:23:3b:
e6:66:42:dc:59:40:b1:52:13:71:85:da:a9:97:36:5c:a9:29:
f8:0b:9e:21:1e:d5:b4:cd:d0:7f:0a:4d:60:83:e3:7c:ba:e8:
b3:a4:18:25:81:0a:c4:3d:fa:e5:50:81:fe:25:40:ab:db:0d:
7f:ba:4b:7f:5e:5f:0f:47:8c:44:e4:7b:b8:bc:9b:19:80:ce:
76:22:44:23:cd:1f:d0:e2:32:e8:a9:19:de:fb:d1:b5:9c:8c:
b6:7e:26:9f:48:5a:2f:e2:61:9a:99:fc:a3:e0:7a:d5:e6:7a:
e4:14:8e:07:e5:63:c1:bd:fc:85:65:43:bd:3a:0c:6b:4b:88:
59:7a:e6:c9:7d:63:df:dd:10:ba:c1:a8:7c:ca:3f:58:33:03:
4b:9d:f4:43
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYZUSBh1RNDAsQhCzZZZnxT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjE1MDg1NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM1M2M3NjczOTc4YjI5MDU4ZDM1ZDAyZjMzOTc3ZTY4YmFiYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA058+r1Beu9HFCwpXxkqVCBGTbydm
C2hag8RRbbEj0J4SNJ+zaEyl87TG/L3E4EUnuOjBEkaAxyCtIqn0Z8BV4xKeuJdJ
NcTxhQkob3Zk7vAi4+4TEecW+rZYtQPV19dz+/e9EwkQx85XHWXqLXRtexO5RNfu
gNN0E0hnbpLvFYaEKoVhVwR+8+U1qrqId1cNkJmm7A/UEVTCoSC2XXJQFIsAdurw
wLWnPMDRjOzerOBORptN3GeuysLhJDVB2DK3SIMe92D0l5cB+2DXgO6kkluBt88k
cIPAO4d4ER2M12fU2TaoAPsNHVuAKu1oSIG6NlE/PBv1DDTZwqRHaUPl8QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHnFPHZzl4spBY010C8zl35ourslMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZWNVOGRuT1hpeWtGalRYUUx6T1hmbWk2dXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
LYOEAwQALYOHAwQALZPiAwQAuc76AwQAud9OAwQAud+bAwQAufZwMA0GCSqGSIb3
DQEBCwUAA4IBAQC9BRK7/hCZN7/MrjRRjvr1OlIsel2RsLPcloMmny/Y+AScxyiq
Ge3xrpwedUYuLGfPcbuw6Ev1gqMitjRnxcfwnNJeWCClxY+65TAvzyYa7mwG3O+o
zYw422SO7wCtWvkvq2RQ88jWQwExIzvmZkLcWUCxUhNxhdqplzZcqSn4C54hHtW0
zdB/Ck1gg+N8uuizpBglgQrEPfrlUIH+JUCr2w1/ukt/Xl8PR4xE5Hu4vJsZgM52
IkQjzR/Q4jLoqRne+9G1nIy2fiafSFov4mGamfyj4HrV5nrkFI4H5WPBvfyFZUO9
OgxrS4hZeubJfWPf3RC6wah8yj9YMwNLnfRD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org