Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/isIpmileRZtdc1Z-phSsCPTbI54.roa
File: isIpmileRZtdc1Z-phSsCPTbI54.roa (raw, json)
Hash identifier: gQZrM3w32eXMqn95h8rzriE8n0ZXbL3kwTl/BRS/TcA=
Subject key identifier: 8A:C2:29:9A:29:5E:45:9B:5D:73:56:7E:A6:14:AC:08:F4:DB:23:9E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01900BC8E9655D9279ABCAF22DE2AA75D55F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/isIpmileRZtdc1Z-phSsCPTbI54.roa
Signing time: Wed 12 Jun 2024 09:30:34 +0000
ROA not before: Wed 12 Jun 2024 09:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Jun 2024 10:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:c8:e9:65:5d:92:79:ab:ca:f2:2d:e2:aa:75:d5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 12 09:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ac2299a295e459b5d73567ea614ac08f4db239e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:e5:d4:9c:da:57:46:ce:a1:6d:50:55:95:
3a:de:20:63:4a:91:50:a0:47:65:7b:e5:0a:6a:1b:
db:12:68:ff:a3:b3:43:f8:39:1a:ea:e6:c3:f8:c2:
1d:f6:05:73:88:56:d7:be:b4:2c:87:98:2b:d2:25:
60:49:47:c0:45:75:28:2f:90:0d:dc:8b:b8:64:e9:
2e:1a:21:b1:d8:bd:3b:1c:a9:d1:71:e3:ad:14:1c:
51:66:fc:0f:d9:32:d6:a3:b2:04:57:bd:37:d9:7f:
a7:96:88:85:d2:9d:a5:69:45:4a:e2:93:b9:be:ca:
91:9b:e5:4e:c3:32:81:79:94:b1:4f:43:1b:cf:ad:
83:f6:e6:d4:97:a0:ad:39:8a:a3:18:3f:89:0e:15:
73:54:9b:29:61:8c:c9:ea:07:99:50:c1:80:26:00:
fd:1d:a9:0d:78:8a:a1:e1:74:28:83:ea:fb:f6:a9:
49:e2:74:d4:7b:a4:f9:e4:74:65:7e:be:d6:33:b2:
9a:50:bf:fc:4a:e9:0c:15:41:f2:c9:aa:50:50:e5:
c8:bd:37:1f:81:d1:95:07:1e:df:b6:a0:2b:38:0d:
7f:ad:ca:f2:30:12:68:ef:f1:3a:4a:8e:5b:c0:4f:
f2:98:e9:73:c0:a2:e1:65:02:99:32:81:43:c6:18:
6c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:C2:29:9A:29:5E:45:9B:5D:73:56:7E:A6:14:AC:08:F4:DB:23:9E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/isIpmileRZtdc1Z-phSsCPTbI54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.206.249.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
74:eb:02:f2:06:84:56:58:b3:1e:34:53:0b:f4:e0:cf:ec:41:
c8:3a:ac:a5:3c:79:22:21:39:ed:ff:f6:3c:61:bf:a4:51:af:
bd:94:dd:91:d3:26:1f:3d:24:9d:c5:f0:0e:b5:77:ce:fb:d3:
99:b9:78:b4:d5:21:94:b4:ae:eb:2c:da:9b:57:48:a9:5c:7a:
0c:aa:df:10:f4:ad:d1:30:08:2b:0a:48:49:23:de:dd:8a:2b:
ae:09:90:9f:e5:e5:32:f3:76:43:57:05:e7:0a:bf:21:75:0c:
90:a6:cb:e6:c0:98:1a:7b:36:79:79:58:a2:4c:88:23:d0:ac:
d8:fb:35:e5:52:46:22:69:3f:07:b4:c6:72:7c:01:1f:94:64:
d9:22:3c:0b:df:23:5c:23:8e:4a:86:08:72:d0:51:42:9b:06:
16:ec:c9:4c:2a:a3:55:97:bf:27:bf:b7:d7:5c:d2:f1:90:29:
f7:7e:e0:63:d8:e2:d2:25:ac:9c:86:13:d9:de:a4:74:01:9c:
3e:40:d3:58:5d:69:5e:79:b3:75:d7:c7:40:ad:34:71:ea:4a:
1a:14:11:e4:6f:1c:1c:41:cd:88:39:15:e1:4b:ee:e2:e3:18:
f3:96:c1:90:be:22:55:36:d7:d6:6f:91:d9:1c:c2:2a:aa:e8:
c9:e6:2d:2a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZALyOllXZJ5q8ryLeKqddVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjEyMDkzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWMyMjk5YTI5NWU0NTliNWQ3MzU2N2VhNjE0YWMwOGY0ZGIyMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04Dl1JzaV0bOoW1QVZU63iBjSpFQ
oEdle+UKahvbEmj/o7ND+Dka6ubD+MId9gVziFbXvrQsh5gr0iVgSUfARXUoL5AN
3Iu4ZOkuGiGx2L07HKnRceOtFBxRZvwP2TLWo7IEV7032X+nloiF0p2laUVK4pO5
vsqRm+VOwzKBeZSxT0Mbz62D9ubUl6CtOYqjGD+JDhVzVJspYYzJ6geZUMGAJgD9
HakNeIqh4XQog+r79qlJ4nTUe6T55HRlfr7WM7KaUL/8SukMFUHyyapQUOXIvTcf
gdGVBx7ftqArOA1/rcryMBJo7/E6So5bwE/ymOlzwKLhZQKZMoFDxhhsyQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIrCKZopXkWbXXNWfqYUrAj02yOeMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaXNJcG1pbGVSWnRkYzFaLXBoU3NDUFRiSTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQAuc75AwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQB06wLyBoRWWLMeNFML9ODP7EHIOqylPHkiITnt//Y8
Yb+kUa+9lN2R0yYfPSSdxfAOtXfO+9OZuXi01SGUtK7rLNqbV0ipXHoMqt8Q9K3R
MAgrCkhJI97diiuuCZCf5eUy83ZDVwXnCr8hdQyQpsvmwJgaezZ5eViiTIgj0KzY
+zXlUkYiaT8HtMZyfAEflGTZIjwL3yNcI45Khghy0FFCmwYW7MlMKqNVl78nv7fX
XNLxkCn3fuBj2OLSJaychhPZ3qR0AZw+QNNYXWleebN118dArTRx6koaFBHkbxwc
Qc2IORXhS+7i4xjzlsGQviJVNtfWb5HZHMIqqujJ5i0q
-----END CERTIFICATE-----
Generated at Tue Jun 18 16:21:51 2024 by rpki-client on console-ams.rpki-client.org