Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPnm0xFkW54Us32uuc1tREIjgAY.roa
File: jPnm0xFkW54Us32uuc1tREIjgAY.roa (raw, json)
Hash identifier: 0pKolExt4DVBwrGPA2kSlYScyPo/nVZWBMLEbE0XTlY=
Subject key identifier: 8C:F9:E6:D3:11:64:5B:9E:14:B3:7D:AE:B9:CD:6D:44:42:23:80:06
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AAEA25B6798CBC61CE18901B2F8DAB755
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPnm0xFkW54Us32uuc1tREIjgAY.roa
Signing time: Tue 19 Sep 2023 18:09:50 +0000
ROA not before: Tue 19 Sep 2023 18:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.23.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 12:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:a2:5b:67:98:cb:c6:1c:e1:89:01:b2:f8:da:b7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 19 18:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cf9e6d311645b9e14b37daeb9cd6d4442238006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:d5:57:e7:94:df:a4:b3:f1:32:da:e7:f9:
e8:aa:14:b8:7b:03:b5:fb:46:3a:99:7c:50:d7:94:
19:02:51:fd:32:cf:83:ab:bd:0e:1f:14:a5:81:12:
a4:a7:b3:0c:a2:db:ce:b5:2a:f9:c9:0d:e9:b8:f5:
b5:e1:ab:62:fe:ca:b0:74:72:a9:29:ac:18:b8:a9:
48:10:f0:2b:6a:61:7e:a2:be:88:04:99:db:bc:ce:
f3:e5:fb:9e:ae:73:a8:b5:c2:33:bb:82:b9:82:3c:
02:d7:87:7d:00:3c:54:e1:56:8f:84:cf:a9:d4:f4:
6c:98:95:0c:51:b6:84:95:9c:da:e0:8f:fc:1c:1e:
75:7b:b0:25:04:37:e7:62:c7:09:58:12:67:09:e6:
61:e2:26:ef:a3:77:63:42:73:fa:98:35:9c:ca:57:
cf:88:7f:8a:61:69:89:83:55:80:bb:52:8a:87:01:
d7:d2:5d:ca:e2:22:db:96:e8:60:79:fe:6d:b6:d3:
ec:1b:b1:ca:26:4d:bb:7d:d9:35:b4:6e:39:9b:81:
1a:53:ae:91:0c:46:28:14:25:ff:ae:75:5a:d6:a8:
36:65:58:41:b3:de:0b:64:ee:93:69:f5:99:23:e6:
69:32:07:5e:a2:3e:e8:52:06:74:63:98:ae:93:e1:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F9:E6:D3:11:64:5B:9E:14:B3:7D:AE:B9:CD:6D:44:42:23:80:06
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jPnm0xFkW54Us32uuc1tREIjgAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.8.23.0/24
45.90.19.0/24
45.147.224.0/24
185.36.204.0/24
185.209.73.0/24
185.210.233.0/24
185.220.249.0/24
185.222.29.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.246.112.0/24
185.246.115.0/24
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:44:6f:9e:ce:dd:ba:e5:50:86:4b:fd:be:b2:e3:93:c3:12:
25:4a:63:0d:a6:34:24:75:88:d1:6e:61:65:29:6d:0d:a4:31:
c7:4d:f9:23:d0:c3:42:43:dd:2a:2e:9f:19:91:c1:c2:3c:7b:
00:40:e5:8c:7e:51:fa:de:63:6e:3b:91:88:89:fd:a7:41:d9:
cc:57:03:f7:d0:66:2a:03:1d:9e:eb:c8:3f:27:55:6f:b5:5a:
a5:8d:b9:f6:85:d8:e4:7b:ae:b0:b8:79:df:d2:3d:ec:cc:2a:
29:a0:6b:bb:75:41:30:3c:94:a2:be:10:22:5d:af:66:65:03:
86:ef:18:a6:e2:be:20:b7:4b:cf:61:4c:42:a1:8f:40:7f:f7:
37:d2:37:bc:28:15:a1:b4:0c:6e:79:79:a1:f6:4c:15:7f:87:
01:68:57:5e:00:38:ed:ad:d2:ab:50:a2:94:31:ff:45:44:45:
4b:69:30:e3:3a:a4:f4:68:1c:42:e3:cf:28:72:2d:8b:71:39:
88:01:82:7b:a5:83:d5:9d:fe:0f:6b:2f:3a:c6:b1:5a:37:8f:
d3:f9:9b:71:9e:f0:f0:2a:d4:77:c1:2c:a8:fd:11:e6:d9:09:
8f:e9:43:4c:e6:7d:35:ae:c1:5d:92:72:93:5b:5d:82:91:7c:
52:17:32:05
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYquoltnmMvGHOGJAbL42rdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTE5MTgwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y5ZTZkMzExNjQ1YjllMTRiMzdkYWViOWNkNmQ0NDQyMjM4MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2PVV+eU36Sz8TLa5/noqhS4ewO1
+0Y6mXxQ15QZAlH9Ms+Dq70OHxSlgRKkp7MMotvOtSr5yQ3puPW14ati/sqwdHKp
KawYuKlIEPAramF+or6IBJnbvM7z5fuernOotcIzu4K5gjwC14d9ADxU4VaPhM+p
1PRsmJUMUbaElZza4I/8HB51e7AlBDfnYscJWBJnCeZh4ibvo3djQnP6mDWcylfP
iH+KYWmJg1WAu1KKhwHX0l3K4iLbluhgef5tttPsG7HKJk27fdk1tG45m4EaU66R
DEYoFCX/rnVa1qg2ZVhBs94LZO6TafWZI+ZpMgdeoj7oUgZ0Y5iuk+FKnQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIz55tMRZFueFLN9rrnNbURCI4AGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvalBubTB4RmtXNTRVczMydXVjMXRSRUlqZ0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQALQgVAwQA
LQgXAwQALVoTAwQALZPgAwQAuSTMAwQAudFJAwQAudLpAwQAudz5AwQAud4dAwQA
ud9QAwQBueEAAwQAueEWAwQAufZwAwQAufZzAwQAufvlAwQAufvnAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQBuRG+ezt265VCGS/2+suOTwxIlSmMNpjQkdYjRbmFl
KW0NpDHHTfkj0MNCQ90qLp8ZkcHCPHsAQOWMflH63mNuO5GIif2nQdnMVwP30GYq
Ax2e68g/J1VvtVqljbn2hdjke66wuHnf0j3szCopoGu7dUEwPJSivhAiXa9mZQOG
7xim4r4gt0vPYUxCoY9Af/c30je8KBWhtAxueXmh9kwVf4cBaFdeADjtrdKrUKKU
Mf9FREVLaTDjOqT0aBxC488oci2LcTmIAYJ7pYPVnf4Pay86xrFaN4/T+ZtxnvDw
KtR3wSyo/RHm2QmP6UNM5n01rsFdknKTW12CkXxSFzIF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org