Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iOZJ9Q0TsZgVsR_X-58ZKMdzTxM.roa
File: iOZJ9Q0TsZgVsR_X-58ZKMdzTxM.roa (raw, json)
Hash identifier: SQGCmyTwQYuaL8Ui8DnGPqSDZZ4fBvuTSq7KYOeXsN8=
Subject key identifier: 88:E6:49:F5:0D:13:B1:98:15:B1:1F:D7:FB:9F:19:28:C7:73:4F:13
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01896A4EAC6BB20A007404A1AFBBD2D5FC3B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iOZJ9Q0TsZgVsR_X-58ZKMdzTxM.roa
Signing time: Tue 18 Jul 2023 18:41:27 +0000
ROA not before: Tue 18 Jul 2023 18:41:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.206.249.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
194.147.16.0/24 maxlen: 24
185.238.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 18:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:4e:ac:6b:b2:0a:00:74:04:a1:af:bb:d2:d5:fc:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 18 18:41:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88e649f50d13b19815b11fd7fb9f1928c7734f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:ad:77:a7:4a:c3:0f:93:bd:22:bb:9e:70:
fd:3b:3a:22:ab:a7:0a:da:75:1f:7c:d0:58:bc:2b:
70:2c:6a:39:6b:08:e1:03:c3:e2:b8:d5:0c:a1:ad:
18:dc:50:20:f1:20:5d:62:19:e8:36:af:a4:37:76:
97:f2:ef:cb:2e:39:c4:50:9b:c2:6a:53:04:65:96:
0e:f9:53:dc:3b:19:6c:2e:05:6e:42:41:32:75:5e:
fd:33:5f:72:ac:11:66:43:5c:78:c0:e6:77:dc:12:
7c:cd:07:8c:cb:5b:21:c7:28:b3:b0:40:f6:da:94:
e1:5e:8c:77:a5:76:0d:60:d3:e2:a3:b1:82:a8:5f:
91:48:45:6c:e6:6d:cd:fe:de:d6:c3:a1:e0:83:c4:
ee:76:fe:d2:fd:43:e2:60:ad:a4:ca:65:98:e9:8c:
69:c7:9e:82:e1:30:92:ea:e5:93:7a:08:c7:1e:61:
f9:fc:96:68:76:d4:a4:47:c4:bc:57:26:50:8c:74:
be:3e:5e:59:8d:47:70:6f:83:0e:fc:59:82:3b:cf:
b5:23:f8:a0:1d:61:2b:a3:c9:56:a8:dc:b3:0b:67:
c5:52:ca:0c:37:26:83:6b:2c:cc:df:74:45:13:c8:
2d:94:21:d1:bb:51:8c:3c:a0:0d:16:92:f6:29:26:
e7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E6:49:F5:0D:13:B1:98:15:B1:1F:D7:FB:9F:19:28:C7:73:4F:13
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iOZJ9Q0TsZgVsR_X-58ZKMdzTxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.206.248.0/23
185.226.107.0/24
185.238.229.0/24
185.240.120.0/23
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
99:5e:19:ce:7b:08:a7:da:95:5d:a9:06:4c:4b:ac:73:25:ff:
82:ad:c6:78:d0:52:4c:85:4b:94:ff:fc:f3:38:0e:eb:41:70:
ea:0c:ed:f4:ea:1e:06:82:c2:9c:7d:0f:61:8d:61:e9:7c:e4:
19:e1:ff:1d:56:e1:f3:dd:37:69:66:75:fb:d9:fa:5e:b6:c6:
f5:10:cb:8e:a9:32:05:57:ee:14:11:48:7c:1f:d2:dd:9f:cb:
37:25:6e:50:39:90:8d:3e:c3:1e:88:75:b4:e3:b7:fa:f9:b7:
6d:0d:5d:18:48:25:10:de:51:9b:ba:75:5a:a2:93:8b:da:f0:
ef:e0:1b:35:b1:5e:5f:e3:83:b4:08:61:2c:fc:f8:f3:3d:a5:
8b:ab:92:62:c4:1d:90:11:93:5f:47:3c:30:2a:c4:2a:41:ed:
97:9f:31:6d:73:60:3a:35:61:39:88:cf:1b:85:b3:e3:af:4e:
d1:3a:f2:be:f4:82:3a:a2:36:84:b9:92:ae:40:82:df:b2:2a:
0e:ff:e8:2d:52:56:69:2a:8e:4a:58:a2:87:5f:06:fc:7a:3f:
2f:49:b3:71:fe:03:8c:db:19:9c:eb:ac:3d:09:fc:91:4e:83:
ce:8f:af:0f:4e:69:64:3c:f8:24:58:a7:18:4e:7c:30:53:f3:
2a:cb:ed:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYlqTqxrsgoAdAShr7vS1fw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzE4MTg0MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGU2NDlmNTBkMTNiMTk4MTViMTFmZDdmYjlmMTkyOGM3NzM0ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/2td6dKww+TvSK7nnD9Ozoiq6cK
2nUffNBYvCtwLGo5awjhA8PiuNUMoa0Y3FAg8SBdYhnoNq+kN3aX8u/LLjnEUJvC
alMEZZYO+VPcOxlsLgVuQkEydV79M19yrBFmQ1x4wOZ33BJ8zQeMy1shxyizsED2
2pThXox3pXYNYNPio7GCqF+RSEVs5m3N/t7Ww6Hgg8Tudv7S/UPiYK2kymWY6Yxp
x56C4TCS6uWTegjHHmH5/JZodtSkR8S8VyZQjHS+Pl5ZjUdwb4MO/FmCO8+1I/ig
HWEro8lWqNyzC2fFUsoMNyaDayzM33RFE8gtlCHRu1GMPKANFpL2KSbn5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIjmSfUNE7GYFbEf1/ufGSjHc08TMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaU9aSjlRMFRzWmdWc1JfWC01OFpLTWR6VHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVoTAwQB
uc74AwQAueJrAwQAue7lAwQBufB4AwQAwpMQMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
XhnOewin2pVdqQZMS6xzJf+CrcZ40FJMhUuU//zzOA7rQXDqDO306h4GgsKcfQ9h
jWHpfOQZ4f8dVuHz3TdpZnX72fpetsb1EMuOqTIFV+4UEUh8H9Ldn8s3JW5QOZCN
PsMeiHW047f6+bdtDV0YSCUQ3lGbunVaopOL2vDv4Bs1sV5f44O0CGEs/PjzPaWL
q5JixB2QEZNfRzwwKsQqQe2XnzFtc2A6NWE5iM8bhbPjr07ROvK+9II6ojaEuZKu
QILfsioO/+gtUlZpKo5KWKKHXwb8ej8vSbNx/gOM2xmc66w9CfyRToPOj68PTmlk
PPgkWKcYTnwwU/Mqy+3A
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org