Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hlLBLQzcF7b8-qe_oTpKjS0T8TA.roa
File: hlLBLQzcF7b8-qe_oTpKjS0T8TA.roa (raw, json)
Hash identifier: asdXrBkdrpNsdTbNUMZunNCVeezN+UUg/id/K3ADxuk=
Subject key identifier: 86:52:C1:2D:0C:DC:17:B6:FC:FA:A7:BF:A1:3A:4A:8D:2D:13:F1:30
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187E6A73C00FF045C158DC197AA2D1FBAAE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hlLBLQzcF7b8-qe_oTpKjS0T8TA.roa
Signing time: Thu 04 May 2023 12:05:32 +0000
ROA not before: Thu 04 May 2023 12:05:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.225.20.0/24 maxlen: 24
185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.228.74.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.214.108.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 May 2023 11:56:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:a7:3c:00:ff:04:5c:15:8d:c1:97:aa:2d:1f:ba:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 4 12:05:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8652c12d0cdc17b6fcfaa7bfa13a4a8d2d13f130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fd:9a:5b:8e:7d:a1:25:74:70:5e:72:b5:a3:
d8:fe:69:72:08:ed:93:4a:0e:85:aa:b6:a2:d0:c7:
29:83:b5:05:7e:aa:1e:bc:93:f4:ab:46:e8:f7:2d:
95:97:b1:41:29:6d:49:7e:b3:f6:1a:80:c3:8a:6a:
bd:f2:ef:f5:99:75:89:98:9b:6e:93:ab:ce:5d:cf:
54:65:c8:1b:ff:18:00:41:08:c6:58:69:98:ae:1d:
3f:31:12:70:19:b9:af:c6:29:bc:ff:8e:eb:6b:f3:
78:9e:57:9b:87:1e:05:3c:46:2b:15:dc:8b:5f:47:
fb:24:52:07:03:0c:eb:34:97:cb:38:c5:44:cb:2e:
45:c2:86:4e:80:a3:fc:f9:f0:8b:42:ca:d6:bb:34:
a6:d3:86:31:23:c3:f7:d0:fa:9f:64:1c:6b:69:42:
8e:cb:d0:e6:19:d4:44:be:8f:af:eb:06:12:fd:f1:
c4:9e:2a:90:c9:99:1a:ca:e9:a7:fe:ac:c8:9a:07:
ec:8d:63:04:4a:ed:ff:11:ba:d7:0b:00:71:56:5c:
54:e6:03:34:6b:8e:83:ef:c0:a1:04:9d:f5:cb:a8:
00:61:30:02:0a:c2:35:c7:98:fe:9b:5d:aa:64:93:
00:c9:73:ea:e0:b6:99:d8:d4:18:84:4a:11:a3:a7:
31:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:52:C1:2D:0C:DC:17:B6:FC:FA:A7:BF:A1:3A:4A:8D:2D:13:F1:30
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hlLBLQzcF7b8-qe_oTpKjS0T8TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.204.0/24
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.214.108.0/24
185.223.76.0/24
185.225.2.0/24
185.225.20.0/24
185.226.105.0/24
185.226.107.0/24
185.228.74.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4a:5f:4f:75:15:61:9e:e9:e0:81:74:4f:df:be:ec:6c:4a:
c5:37:4c:95:f7:db:19:ac:c9:6c:75:39:f4:a8:1b:37:d1:ba:
21:3f:e9:3e:cf:1f:da:21:b7:4a:fb:82:a3:04:9a:73:9a:88:
fd:3d:b5:36:3f:2a:cf:2f:4b:10:83:d5:f5:f8:34:51:d6:76:
57:43:6b:50:05:bc:26:e2:8f:28:90:9c:df:7d:57:de:93:a2:
f6:3b:e9:76:9f:7a:bb:b2:53:72:6b:65:a0:fc:d9:68:a8:23:
83:02:f3:ae:9b:03:ee:bf:1f:4e:73:5c:41:ad:93:72:f4:85:
a7:d9:3c:58:4e:00:5e:64:e4:01:88:b3:4f:7f:4b:57:4f:62:
6f:d8:5f:33:be:83:45:84:5b:2d:c9:81:b0:25:2f:7b:af:32:
61:ff:01:af:77:22:1c:28:05:4e:97:a3:9a:fe:41:e1:94:4c:
00:21:73:4f:da:46:d1:6e:3e:9a:60:13:fc:ae:72:fa:3b:d6:
84:32:ee:82:fd:7d:c5:1c:dd:8d:b7:2b:88:03:c7:d5:2b:05:
bf:fc:44:45:6b:a0:1a:21:69:6b:c8:75:6c:03:b8:6f:f7:c4:
50:db:4d:2d:d9:7e:c8:76:88:7b:5c:7f:86:f6:71:00:74:62:
77:5f:fc:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYfmpzwA/wRcFY3Bl6otH7quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTA0MTIwNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUyYzEyZDBjZGMxN2I2ZmNmYWE3YmZhMTNhNGE4ZDJkMTNmMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv2aW459oSV0cF5ytaPY/mlyCO2T
Sg6Fqrai0Mcpg7UFfqoevJP0q0bo9y2Vl7FBKW1JfrP2GoDDimq98u/1mXWJmJtu
k6vOXc9UZcgb/xgAQQjGWGmYrh0/MRJwGbmvxim8/47ra/N4nlebhx4FPEYrFdyL
X0f7JFIHAwzrNJfLOMVEyy5FwoZOgKP8+fCLQsrWuzSm04YxI8P30PqfZBxraUKO
y9DmGdREvo+v6wYS/fHEniqQyZkayumn/qzImgfsjWMESu3/EbrXCwBxVlxU5gM0
a46D78ChBJ31y6gAYTACCsI1x5j+m12qZJMAyXPq4LaZ2NQYhEoRo6cxRwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIZSwS0M3Be2/Pqnv6E6So0tE/EwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaGxMQkxRemNGN2I4LXFlX29UcEtqUzBUOFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAuSTMAwQC
uXkMAwQAuc74AwQAuc77AwQAudZsAwQAud9MAwQAueECAwQAueEUAwQAueJpAwQA
ueJrAwQAueRKAwQBueY0AwQCueoUAwQCue7kAwQBufB4AwQAufvnAwQAuf98MA0G
CSqGSIb3DQEBCwUAA4IBAQBTSl9PdRVhnunggXRP377sbErFN0yV99sZrMlsdTn0
qBs30bohP+k+zx/aIbdK+4KjBJpzmoj9PbU2PyrPL0sQg9X1+DRR1nZXQ2tQBbwm
4o8okJzffVfek6L2O+l2n3q7slNya2Wg/NloqCODAvOumwPuvx9Oc1xBrZNy9IWn
2TxYTgBeZOQBiLNPf0tXT2Jv2F8zvoNFhFstyYGwJS97rzJh/wGvdyIcKAVOl6Oa
/kHhlEwAIXNP2kbRbj6aYBP8rnL6O9aEMu6C/X3FHN2NtyuIA8fVKwW//ERFa6Aa
IWlryHVsA7hv98RQ200t2X7Idoh7XH+G9nEAdGJ3X/zu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org