Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/elNRw7Ycc79otyAqkAayeRZ7JSQ.roa
File: elNRw7Ycc79otyAqkAayeRZ7JSQ.roa (raw, json)
Hash identifier: 2cw35k3oFV9hsXB7v5QCJdPbcTvVYAMwh7bFuu4Kvm0=
Subject key identifier: 7A:53:51:C3:B6:1C:73:BF:68:B7:20:2A:90:06:B2:79:16:7B:25:24
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01880F532E9FADE50338D7B0C76E5BB1DE92
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/elNRw7Ycc79otyAqkAayeRZ7JSQ.roa
Signing time: Fri 12 May 2023 09:38:09 +0000
ROA not before: Fri 12 May 2023 09:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.131.134.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 May 2023 10:10:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:53:2e:9f:ad:e5:03:38:d7:b0:c7:6e:5b:b1:de:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 12 09:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a5351c3b61c73bf68b7202a9006b279167b2524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:37:79:88:b6:b4:c6:68:ea:63:ce:c4:99:29:
1c:d9:c9:de:93:19:a3:6c:0f:38:c3:59:e1:d1:1c:
2c:7d:1b:4b:c7:35:62:d8:8c:27:1d:23:5d:45:2b:
42:34:81:67:1f:9e:05:2f:76:e3:63:21:60:bb:a5:
3e:3f:83:12:f4:b0:c7:43:7b:be:97:c0:3b:77:67:
20:57:75:dc:49:c5:2b:67:89:33:da:ca:04:82:56:
fd:ce:96:86:40:cd:93:87:e1:bd:3d:c5:3a:95:8f:
0b:61:6a:e4:fb:c5:99:9b:66:89:f6:bf:44:71:9b:
3c:c4:11:57:79:2a:64:92:08:5b:3d:df:8e:0f:e2:
ac:b4:b4:87:4e:c4:6d:43:58:98:2e:e0:be:fb:98:
eb:fb:01:e9:ab:6a:c4:6a:81:94:21:7b:81:fc:f9:
e3:cd:59:3a:f9:f7:b3:6d:7d:42:3f:0b:a0:ab:5a:
a1:67:f1:4a:30:76:59:a4:d7:55:39:81:61:c0:a8:
fe:dc:79:d6:c5:fb:70:23:44:39:c5:4d:de:79:b3:
b1:7a:8c:bc:75:01:b4:c1:47:ff:1f:23:04:d7:20:
94:a2:87:96:21:52:ad:ab:41:c2:9b:ca:d6:7a:a1:
f9:9e:7b:f4:79:d3:42:99:f5:7a:db:25:de:e8:62:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:53:51:C3:B6:1C:73:BF:68:B7:20:2A:90:06:B2:79:16:7B:25:24
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/elNRw7Ycc79otyAqkAayeRZ7JSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.134.0/24
45.147.224.0/24
185.225.0.0/23
185.246.112.0/24
185.246.115.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
55:82:02:35:9c:ab:91:af:67:f8:09:3d:a5:52:21:e7:83:13:
6b:14:24:cc:2e:ee:b2:83:25:98:79:66:c3:d0:4a:b7:24:1d:
7e:f9:f4:21:f9:3c:e3:bc:6c:6b:dc:2a:e5:74:7c:f0:08:ba:
f5:e0:c7:da:c4:12:64:f7:66:19:64:07:78:7a:a6:77:a3:f3:
14:2e:68:a5:34:68:22:11:db:45:2a:c3:c9:37:97:97:95:fe:
83:2b:48:ea:80:fb:0c:ed:98:3b:f4:94:f4:65:58:36:0a:52:
5c:14:95:48:2c:40:b8:59:d0:ef:4b:46:7c:cc:4c:25:c2:eb:
4b:04:fc:68:17:70:f1:9e:f2:5c:00:c6:f1:65:b5:8b:8a:e4:
59:b6:c3:c0:de:05:d8:93:10:82:5f:d6:a5:be:0b:9b:75:e1:
ac:30:fd:48:82:95:57:c2:d8:bb:a4:c8:3a:7e:12:0f:3a:ea:
97:84:55:01:33:29:92:67:56:23:b5:b4:63:cb:89:a4:f3:45:
31:96:73:e7:6e:4d:72:2c:46:d9:d1:10:d1:2f:ca:eb:74:51:
3c:f2:7f:10:d5:2e:11:16:9c:fc:9d:2d:4b:62:8a:6b:aa:bf:
38:9b:ac:91:72:ab:45:44:cc:0f:0a:6a:a9:d1:5a:e9:53:4d:
02:ed:82:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYgPUy6freUDONewx25bsd6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTEyMDkzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTUzNTFjM2I2MWM3M2JmNjhiNzIwMmE5MDA2YjI3OTE2N2IyNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDd5iLa0xmjqY87EmSkc2cnekxmj
bA84w1nh0RwsfRtLxzVi2IwnHSNdRStCNIFnH54FL3bjYyFgu6U+P4MS9LDHQ3u+
l8A7d2cgV3XcScUrZ4kz2soEglb9zpaGQM2Th+G9PcU6lY8LYWrk+8WZm2aJ9r9E
cZs8xBFXeSpkkghbPd+OD+KstLSHTsRtQ1iYLuC++5jr+wHpq2rEaoGUIXuB/Pnj
zVk6+fezbX1CPwugq1qhZ/FKMHZZpNdVOYFhwKj+3HnWxftwI0Q5xU3eebOxeoy8
dQG0wUf/HyME1yCUooeWIVKtq0HCm8rWeqH5nnv0edNCmfV62yXe6GIrxQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHpTUcO2HHO/aLcgKpAGsnkWeyUkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZWxOUnc3WWNjNzlvdHlBcWtBYXllUlo3SlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
LYOGAwQALZPgAwQBueEAAwQAufZwAwQAufZzAwQAufvnMA0GCSqGSIb3DQEBCwUA
A4IBAQBVggI1nKuRr2f4CT2lUiHngxNrFCTMLu6ygyWYeWbD0Eq3JB1++fQh+Tzj
vGxr3CrldHzwCLr14MfaxBJk92YZZAd4eqZ3o/MULmilNGgiEdtFKsPJN5eXlf6D
K0jqgPsM7Zg79JT0ZVg2ClJcFJVILEC4WdDvS0Z8zEwlwutLBPxoF3DxnvJcAMbx
ZbWLiuRZtsPA3gXYkxCCX9alvgubdeGsMP1IgpVXwti7pMg6fhIPOuqXhFUBMymS
Z1YjtbRjy4mk80UxlnPnbk1yLEbZ0RDRL8rrdFE88n8Q1S4RFpz8nS1LYoprqr84
m6yRcqtFRMwPCmqp0VrpU00C7YJ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org