Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fIF0VfSOa9erz6Z-8ksZf5TpnsE.roa
File: fIF0VfSOa9erz6Z-8ksZf5TpnsE.roa (raw, json)
Hash identifier: 4ly6Bo6p6ec8Pv1Mjuu+mpSfp1hV4lADDa2tGh9vM58=
Subject key identifier: 7C:81:74:55:F4:8E:6B:D7:AB:CF:A6:7E:F2:4B:19:7F:94:E9:9E:C1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B6484348BF97A69A6E8CF9EA02B2FB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fIF0VfSOa9erz6Z-8ksZf5TpnsE.roa
Signing time: Mon 02 Jan 2023 09:00:49 +0000
ROA not before: Mon 02 Jan 2023 09:00:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210876
IP address blocks: 194.35.40.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
45.134.84.0/23 maxlen: 23
45.134.84.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
45.159.76.0/22 maxlen: 24
45.142.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:48:43:48:bf:97:a6:9a:6e:8c:f9:ea:02:b2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c817455f48e6bd7abcfa67ef24b197f94e99ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:51:65:ec:c8:c6:69:df:24:5d:c2:c9:3c:
eb:27:2c:d0:0a:70:a3:5a:5d:af:ce:32:1b:21:50:
1f:6d:ba:b2:10:0c:5a:11:39:b0:ce:b5:de:de:35:
6b:1e:3e:e9:05:7b:2e:99:a4:d0:97:14:36:5d:8d:
53:c0:cf:ac:ce:7e:1f:5f:4f:63:b5:e3:89:6f:80:
1f:7a:88:20:c5:10:62:a8:b3:07:81:cd:9a:f2:b5:
fb:86:6a:e1:26:23:19:ad:83:23:02:52:5c:d0:d9:
d6:1c:9e:86:47:17:58:3d:66:1f:c0:06:13:b5:00:
96:4c:8b:41:8d:7d:ab:8b:cb:a6:c8:49:a0:ae:69:
15:85:09:ad:6c:0b:36:1b:ac:42:29:63:21:61:00:
88:4e:9c:9b:1c:26:5c:8c:b1:b9:df:0a:f2:cd:bf:
f2:d7:11:68:7f:ad:a2:fe:7b:51:46:11:73:e0:45:
b6:64:eb:0a:a7:b1:fb:6f:7c:e9:6f:b4:25:4a:e0:
26:c6:e7:de:3a:76:8b:ce:9d:60:d7:ff:3e:7c:1d:
06:16:33:33:09:5c:c9:69:1b:c9:24:0b:42:46:e6:
95:90:49:84:94:8f:ef:78:84:77:f3:33:a9:d2:97:
98:0c:bc:5f:e9:17:1c:3a:70:07:40:ec:88:a6:cb:
b1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:81:74:55:F4:8E:6B:D7:AB:CF:A6:7E:F2:4B:19:7F:94:E9:9E:C1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fIF0VfSOa9erz6Z-8ksZf5TpnsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
185.216.30.0/23
185.226.8.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2a:d5:74:eb:d1:2b:5f:89:0d:d1:a4:61:b9:20:3d:67:55:
8c:af:25:e9:c6:47:55:74:4f:68:e5:85:95:69:16:12:aa:7b:
1f:df:b9:ab:93:2a:06:75:f5:dd:c4:82:9b:fa:d7:0f:b7:0b:
57:5f:3f:df:9a:e4:52:75:01:fa:01:d4:86:37:3a:0a:f6:c2:
10:ec:d5:67:ea:9b:da:7a:74:9c:61:f7:84:24:70:58:9f:76:
97:7d:4a:69:68:b1:27:6b:68:70:23:8a:17:7b:da:a5:ca:2f:
4b:50:91:ce:81:1c:d3:e7:18:9d:4c:71:23:74:fa:ea:57:92:
88:5d:58:db:a7:43:db:3c:07:29:02:83:bc:58:8d:ae:ff:6d:
40:2a:26:ad:61:d4:46:3c:86:1e:36:70:98:66:4b:26:d2:1f:
bd:fd:7f:c7:b0:a2:5d:32:76:5c:93:4e:42:9d:93:38:84:bd:
fb:db:9a:ad:3c:ff:c9:08:8d:6c:5f:94:7c:3d:85:f2:a5:1b:
33:cf:db:fc:e2:4f:59:5c:25:b1:ef:6a:54:e1:a9:09:6d:e0:
ac:ed:0d:4e:d3:7d:ee:c7:2d:2c:af:bf:2e:ba:09:44:f6:dc:
96:c6:d9:e1:8d:2f:b9:d9:f4:ae:66:07:dd:c3:c8:00:27:0d:
bb:cc:f9:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVxtkhDSL+XpppujPnqArL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzgxNzQ1NWY0OGU2YmQ3YWJjZmE2N2VmMjRiMTk3Zjk0ZTk5ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknBRZezIxmnfJF3CyTzrJyzQCnCj
Wl2vzjIbIVAfbbqyEAxaETmwzrXe3jVrHj7pBXsumaTQlxQ2XY1TwM+szn4fX09j
teOJb4AfeoggxRBiqLMHgc2a8rX7hmrhJiMZrYMjAlJc0NnWHJ6GRxdYPWYfwAYT
tQCWTItBjX2ri8umyEmgrmkVhQmtbAs2G6xCKWMhYQCITpybHCZcjLG53wryzb/y
1xFof62i/ntRRhFz4EW2ZOsKp7H7b3zpb7QlSuAmxufeOnaLzp1g1/8+fB0GFjMz
CVzJaRvJJAtCRuaVkEmElI/veIR38zOp0peYDLxf6RccOnAHQOyIpsuxTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHyBdFX0jmvXq8+mfvJLGX+U6Z7BMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZklGMFZmU09hOWVyejZaLThrc1pmNVRwbnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQBudgeAwQAueIIAwQAwiMoMA0GCSqGSIb3DQEBCwUA
A4IBAQAvKtV069ErX4kN0aRhuSA9Z1WMryXpxkdVdE9o5YWVaRYSqnsf37mrkyoG
dfXdxIKb+tcPtwtXXz/fmuRSdQH6AdSGNzoK9sIQ7NVn6pvaenScYfeEJHBYn3aX
fUppaLEna2hwI4oXe9qlyi9LUJHOgRzT5xidTHEjdPrqV5KIXVjbp0PbPAcpAoO8
WI2u/21AKiatYdRGPIYeNnCYZksm0h+9/X/HsKJdMnZck05CnZM4hL3725qtPP/J
CI1sX5R8PYXypRszz9v84k9ZXCWx72pU4akJbeCs7Q1O033uxy0sr78uuglE9tyW
xtnhjS+52fSuZgfdw8gAJw27zPn7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org