Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/egBgTV3XKlFlvtmPumgQ84FhsG4.roa
File: egBgTV3XKlFlvtmPumgQ84FhsG4.roa (raw, json)
Hash identifier: nFERaS1XwjEDaNyMML8HLpLMXCHgIx8TL1gjbBHH2JI=
Subject key identifier: 7A:00:60:4D:5D:D7:2A:51:65:BE:D9:8F:BA:68:10:F3:81:61:B0:6E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C678B38427D619625DC7D7378C4AA5032
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/egBgTV3XKlFlvtmPumgQ84FhsG4.roa
Signing time: Thu 14 Dec 2023 08:57:06 +0000
ROA not before: Thu 14 Dec 2023 08:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.222.31.0/24 maxlen: 24
185.222.30.0/23 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.108.204.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 15 Dec 2023 11:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:8b:38:42:7d:61:96:25:dc:7d:73:78:c4:aa:50:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 14 08:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a00604d5dd72a5165bed98fba6810f38161b06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8f:b1:6b:83:3f:05:aa:5f:66:8a:53:9c:25:
ef:e8:a7:34:60:c2:4f:46:27:f2:be:68:67:03:65:
b6:3d:43:8f:d0:d9:15:4c:cf:f3:40:8d:1f:4e:24:
49:0b:c7:82:c4:ef:07:24:97:02:af:d4:15:a9:df:
59:fa:b3:db:ca:19:ba:a2:2a:f2:b0:c6:5c:41:bd:
7b:e4:3d:be:55:e1:b4:0c:19:ea:6e:f0:15:e7:95:
f8:91:c1:ff:61:93:04:9e:c6:d3:1e:a5:fb:20:fb:
d7:01:26:cc:5c:3f:c5:6b:53:b0:c5:07:ac:37:18:
c2:8e:39:d2:b0:53:b9:bf:0d:73:ec:ce:c7:52:b9:
fd:d5:e0:4a:c7:51:41:63:5b:3c:9c:2b:bb:b3:ea:
e8:4a:ed:05:3e:3b:60:a4:2a:8a:8c:23:9b:2b:ab:
da:21:f4:56:cb:3f:0d:d6:40:ff:b2:1e:7d:f2:37:
47:a5:b0:62:05:d6:64:e8:60:23:25:71:41:fc:3c:
9d:8d:aa:d3:6e:11:0e:c4:fe:62:02:c8:fc:11:c5:
d8:97:11:03:88:88:15:18:32:14:c1:2a:10:b1:48:
e6:34:06:02:16:d5:ef:ba:8b:f9:5c:a3:f4:41:3e:
2a:7c:64:a1:70:ff:34:02:5c:4e:a2:ee:d6:1e:cc:
1f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:00:60:4D:5D:D7:2A:51:65:BE:D9:8F:BA:68:10:F3:81:61:B0:6E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/egBgTV3XKlFlvtmPumgQ84FhsG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.108.204.0/23
185.220.249.0-185.220.251.255
185.222.30.0/23
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:4e:b9:ad:4c:56:e2:05:91:b1:30:15:31:7b:c0:73:14:ca:
41:bd:46:b6:07:8c:18:20:d7:0c:1f:23:84:f2:11:ed:e3:9f:
7a:58:2f:de:db:0a:7e:b7:20:ca:90:14:90:61:08:19:97:0c:
0c:9b:36:93:eb:27:1b:0e:5a:ba:65:c4:e9:fd:66:f6:f5:f2:
ca:2e:67:ca:6f:5e:23:b9:4b:97:91:a3:b3:d8:b0:6f:5c:ec:
a8:a4:b7:ef:d7:b5:fe:e7:81:0f:73:19:e3:64:4a:ae:19:c8:
fe:8b:8e:20:31:2d:9d:72:e0:2c:86:8a:db:ae:f8:b1:11:60:
9d:64:84:1e:43:4a:03:55:7d:8c:eb:35:c2:ae:3a:5e:6e:47:
d6:78:d4:17:3d:1e:d2:ee:c5:3c:64:68:98:0d:b8:52:6b:0e:
47:2e:c0:be:f9:6d:7a:b7:89:50:76:8b:82:e9:8e:96:f2:0e:
f9:00:e4:ef:83:50:04:97:16:5a:3e:1a:85:fe:18:47:4f:bd:
c8:46:f6:cb:83:ff:1d:e3:2f:a4:96:f0:26:58:2c:7e:41:99:
8f:7c:2c:be:78:57:ec:32:73:6c:65:8c:5b:a4:92:18:87:4e:
10:5b:08:ca:63:76:d8:43:cf:2c:73:03:de:2a:98:f0:00:4a:
e6:52:be:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYxnizhCfWGWJdx9c3jEqlAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE0MDg1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTAwNjA0ZDVkZDcyYTUxNjViZWQ5OGZiYTY4MTBmMzgxNjFiMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4+xa4M/BapfZopTnCXv6Kc0YMJP
RifyvmhnA2W2PUOP0NkVTM/zQI0fTiRJC8eCxO8HJJcCr9QVqd9Z+rPbyhm6oiry
sMZcQb175D2+VeG0DBnqbvAV55X4kcH/YZMEnsbTHqX7IPvXASbMXD/Fa1OwxQes
NxjCjjnSsFO5vw1z7M7HUrn91eBKx1FBY1s8nCu7s+roSu0FPjtgpCqKjCObK6va
IfRWyz8N1kD/sh598jdHpbBiBdZk6GAjJXFB/DydjarTbhEOxP5iAsj8EcXYlxED
iIgVGDIUwSoQsUjmNAYCFtXvuov5XKP0QT4qfGShcP80AlxOou7WHswfmQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHoAYE1d1ypRZb7Zj7poEPOBYbBuMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZWdCZ1RWM1hLbEZsdnRtUHVtZ1E4NEZoc0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALQgVAwQB
uWzMMAwDBAC53PkDBAK53PgDBAG53h4DBAG54QADBAG545IDBAC5++UDBAC5++cD
BAHBOpIwDQYJKoZIhvcNAQELBQADggEBAG9Oua1MVuIFkbEwFTF7wHMUykG9RrYH
jBgg1wwfI4TyEe3jn3pYL97bCn63IMqQFJBhCBmXDAybNpPrJxsOWrplxOn9Zvb1
8souZ8pvXiO5S5eRo7PYsG9c7Kikt+/Xtf7ngQ9zGeNkSq4ZyP6LjiAxLZ1y4CyG
ituu+LERYJ1khB5DSgNVfYzrNcKuOl5uR9Z41Bc9HtLuxTxkaJgNuFJrDkcuwL75
bXq3iVB2i4LpjpbyDvkA5O+DUASXFlo+GoX+GEdPvchG9suD/x3jL6SW8CZYLH5B
mY98LL54V+wyc2xljFukkhiHThBbCMpjdthDzyxzA94qmPAASuZSvvA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org