Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/i4s6w235HW21br2I7rnenvfr8j0.roa
File: i4s6w235HW21br2I7rnenvfr8j0.roa (raw, json)
Hash identifier: NrqMXPXaTGzniKfrWk/FNkiBPp4Y9GH9kXagLHF+PbA=
Subject key identifier: 8B:8B:3A:C3:6D:F9:1D:6D:B5:6E:BD:88:EE:B9:DE:9E:F7:EB:F2:3D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018620F8EBD35286326D88E95902CFB46E37
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/i4s6w235HW21br2I7rnenvfr8j0.roa
Signing time: Sun 05 Feb 2023 09:47:09 +0000
ROA not before: Sun 05 Feb 2023 09:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.8.23.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.194.178.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 11:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:20:f8:eb:d3:52:86:32:6d:88:e9:59:02:cf:b4:6e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 5 09:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b8b3ac36df91d6db56ebd88eeb9de9ef7ebf23d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:83:80:9d:ff:7c:71:04:f7:65:f7:97:35:4c:
3a:1f:55:ce:8f:a7:e7:0e:05:fe:57:b3:d9:d5:27:
20:eb:3d:27:7d:3a:03:82:3c:9f:d0:bb:df:6b:5f:
ed:9b:ce:36:25:9c:cc:27:3d:19:82:07:3a:55:c5:
ff:09:88:cf:1b:4c:29:a0:d2:44:d7:4b:c7:17:7e:
dd:6b:3f:8d:e4:7b:46:38:2e:53:ac:68:60:e6:c8:
c7:dc:fd:08:bb:28:1d:54:98:b6:2a:44:fe:40:41:
6f:36:fa:bb:fc:72:e8:3d:df:f3:0f:92:2b:63:0d:
bf:93:5a:aa:d8:7b:d8:e4:14:63:e1:fd:26:34:83:
c4:47:c5:2b:6d:fe:50:f2:ae:21:e8:3e:27:e1:6f:
5f:55:03:0e:e8:77:9e:19:88:d1:5c:c9:c9:0e:8e:
f1:2c:b0:64:4e:0b:e6:e2:cc:dd:bf:d8:b5:93:18:
f6:18:31:29:65:50:a0:94:9b:cd:3d:4f:ad:72:7b:
8e:00:85:4c:7d:8d:9e:4d:0e:e7:fa:ac:0a:4e:be:
cb:ee:73:cc:f7:7f:b5:36:28:21:0a:1a:15:d1:01:
5e:0d:6c:e7:39:ce:5e:48:8b:d7:6a:3e:17:53:52:
2d:e0:31:88:ff:7c:65:1d:0b:c5:45:1e:a2:e2:80:
49:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:8B:3A:C3:6D:F9:1D:6D:B5:6E:BD:88:EE:B9:DE:9E:F7:EB:F2:3D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/i4s6w235HW21br2I7rnenvfr8j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
185.194.178.0/24
185.225.2.0/24
185.251.229.0-185.251.230.255
Signature Algorithm: sha256WithRSAEncryption
b6:97:bd:a8:06:e0:aa:e0:4f:47:02:6e:3c:62:ed:a6:2f:26:
0b:c0:5e:fe:04:d1:c2:59:3d:57:d0:02:b2:2e:6c:4f:3e:b3:
12:fa:7a:42:2f:26:c4:5a:a9:53:49:da:93:79:5f:e1:dd:56:
80:db:84:6c:9b:5a:7a:a9:17:2b:d1:65:36:08:5b:87:2e:d3:
be:1d:db:04:36:6c:89:23:b4:16:ef:4f:eb:8d:63:cf:c2:f9:
fb:88:71:0a:3a:2d:36:5f:a0:99:a9:82:7f:d5:85:15:69:4a:
86:6e:6c:f1:17:fa:98:08:44:ec:00:b2:c5:5f:8f:3a:18:69:
0c:7c:a0:88:36:b6:5b:32:5f:8a:cb:80:4b:f5:c9:f3:56:d5:
91:8d:72:9d:9f:cb:6e:e1:c0:ea:48:a7:6a:72:27:fc:8f:54:
f6:e0:9a:73:7d:66:c0:6c:93:9c:66:02:e1:73:c6:f8:57:2a:
7a:e5:57:b2:78:8e:97:6f:fb:a3:3b:b8:6d:1c:9d:bd:21:27:
0f:d8:b0:37:e4:ad:64:db:40:bd:c2:2a:20:a8:89:57:a1:60:
9f:5b:05:e0:3e:e9:89:66:dc:79:ce:21:a3:a5:84:9d:f1:65:
0a:57:62:20:45:a1:36:cd:f2:99:07:11:6d:dd:0f:51:1b:a1:
6a:ba:cd:5b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYg+OvTUoYybYjpWQLPtG43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjA1MDk0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjhiM2FjMzZkZjkxZDZkYjU2ZWJkODhlZWI5ZGU5ZWY3ZWJmMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIOAnf98cQT3ZfeXNUw6H1XOj6fn
DgX+V7PZ1Scg6z0nfToDgjyf0Lvfa1/tm842JZzMJz0Zggc6VcX/CYjPG0wpoNJE
10vHF37daz+N5HtGOC5TrGhg5sjH3P0IuygdVJi2KkT+QEFvNvq7/HLoPd/zD5Ir
Yw2/k1qq2HvY5BRj4f0mNIPER8Urbf5Q8q4h6D4n4W9fVQMO6HeeGYjRXMnJDo7x
LLBkTgvm4szdv9i1kxj2GDEpZVCglJvNPU+tcnuOAIVMfY2eTQ7n+qwKTr7L7nPM
93+1NighChoV0QFeDWznOc5eSIvXaj4XU1It4DGI/3xlHQvFRR6i4oBJaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIuLOsNt+R1ttW69iO653p736/I9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaTRzNncyMzVIVzIxYnIySTdybmVudmZyOGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQgXAwQA
ucKyAwQAueECMAwDBAC5++UDBAC5++YwDQYJKoZIhvcNAQELBQADggEBALaXvagG
4KrgT0cCbjxi7aYvJgvAXv4E0cJZPVfQArIubE8+sxL6ekIvJsRaqVNJ2pN5X+Hd
VoDbhGybWnqpFyvRZTYIW4cu074d2wQ2bIkjtBbvT+uNY8/C+fuIcQo6LTZfoJmp
gn/VhRVpSoZubPEX+pgIROwAssVfjzoYaQx8oIg2tlsyX4rLgEv1yfNW1ZGNcp2f
y27hwOpIp2pyJ/yPVPbgmnN9ZsBsk5xmAuFzxvhXKnrlV7J4jpdv+6M7uG0cnb0h
Jw/YsDfkrWTbQL3CKiCoiVehYJ9bBeA+6Ylm3HnOIaOlhJ3xZQpXYiBFoTbN8pkH
EW3dD1EboWq6zVs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org