Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jfRiGqdh__C8wvMWnqcHAti_-eA.roa
File: jfRiGqdh__C8wvMWnqcHAti_-eA.roa (raw, json)
Hash identifier: t2qe3xViRvOuY3EruX0k3tXcnabXnhkLxj//LcPVBco=
Subject key identifier: 8D:F4:62:1A:A7:61:FF:F0:BC:C2:F3:16:9E:A7:07:02:D8:BF:F9:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191B36FEE598B50400726DF3F9169DD71DD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jfRiGqdh__C8wvMWnqcHAti_-eA.roa
Signing time: Mon 02 Sep 2024 15:52:22 +0000
ROA not before: Mon 02 Sep 2024 15:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 14:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:6f:ee:59:8b:50:40:07:26:df:3f:91:69:dd:71:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 2 15:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8df4621aa761fff0bcc2f3169ea70702d8bff9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:9a:b9:f9:fe:f6:0b:4c:7e:60:37:5a:74:
fb:57:91:30:95:cc:80:df:57:75:d5:b6:d1:c5:ac:
65:3f:ce:6e:fa:5b:cc:eb:6f:90:8c:b2:96:2a:59:
22:c6:99:eb:b2:63:3e:26:db:f4:55:52:e5:31:f1:
44:15:e6:57:f6:3b:17:37:9f:81:b8:c8:7f:b0:9f:
59:db:28:db:b4:42:2d:38:be:19:d1:2a:c5:e5:00:
fe:d2:88:93:34:a3:c2:4e:ef:ac:82:c9:b5:8a:2c:
ea:2c:0b:13:39:ec:ff:ed:0d:f0:93:06:27:87:d9:
09:aa:6f:28:73:64:07:35:10:e6:52:97:f6:27:20:
4b:59:c8:e3:8a:7c:2b:1b:1e:ec:6e:0f:84:49:a2:
82:f1:52:dd:3d:be:9e:7f:3e:d3:2d:19:3d:33:ce:
95:b4:96:39:b6:81:06:4a:d0:11:36:66:4e:1f:dd:
df:2b:95:99:72:77:c6:ef:9d:f6:5b:85:7d:ea:79:
7f:d5:9d:0f:4b:c4:11:85:be:06:bb:49:2a:da:20:
8a:1c:dd:18:a9:ea:05:ea:15:5f:90:00:73:c4:82:
6c:fd:ce:3e:bc:c7:6d:d6:5b:c9:d0:eb:5b:93:a2:
05:4c:fb:b8:03:53:e9:9c:25:f8:b0:76:00:48:4e:
7b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F4:62:1A:A7:61:FF:F0:BC:C2:F3:16:9E:A7:07:02:D8:BF:F9:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jfRiGqdh__C8wvMWnqcHAti_-eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.218.20.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
35:1b:42:93:ae:0c:1d:b1:a6:18:fc:80:0c:26:36:c2:df:9f:
c9:75:52:f9:f7:52:aa:b0:e3:18:b3:eb:51:44:cd:82:12:49:
96:2e:49:91:f4:36:0c:1a:b7:3c:03:2e:de:04:7a:d6:8d:20:
12:ae:a0:7c:f2:20:69:6f:f3:b1:b9:0e:47:a8:46:6c:57:92:
7e:3d:e0:62:cc:7d:ac:e3:c6:22:92:7f:45:08:2a:04:97:7e:
5b:d6:82:b9:4c:d5:77:b6:21:b1:76:04:6b:07:f2:ef:19:ea:
8e:b0:3c:31:2b:b3:11:ac:07:fe:ac:3d:0d:b2:56:36:0f:b1:
8e:0b:91:37:0b:e4:7e:da:60:d2:d6:1b:95:83:2d:72:e8:ad:
f5:ae:5a:80:46:14:60:63:aa:eb:2a:fa:53:c5:dc:d1:b9:75:
45:dd:a3:a6:15:a4:2c:d1:35:35:00:8f:43:1e:dc:a5:d7:d4:
d2:29:8e:9b:34:13:5e:42:f5:99:80:48:31:8b:ac:79:f3:53:
f0:8a:fc:21:6e:e6:99:a4:f6:b7:bb:00:4b:93:e9:0b:46:bb:
03:82:0c:6f:ae:c1:bd:74:a0:75:44:d5:19:91:e4:09:cd:01:
d1:37:4a:32:28:d7:83:42:2d:c9:53:fc:ae:47:15:be:a8:37:
4c:6d:50:a0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZGzb+5Zi1BABybfP5Fp3XHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwOTAyMTU1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY0NjIxYWE3NjFmZmYwYmNjMmYzMTY5ZWE3MDcwMmQ4YmZmOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIOaufn+9gtMfmA3WnT7V5EwlcyA
31d11bbRxaxlP85u+lvM62+QjLKWKlkixpnrsmM+Jtv0VVLlMfFEFeZX9jsXN5+B
uMh/sJ9Z2yjbtEItOL4Z0SrF5QD+0oiTNKPCTu+sgsm1iizqLAsTOez/7Q3wkwYn
h9kJqm8oc2QHNRDmUpf2JyBLWcjjinwrGx7sbg+ESaKC8VLdPb6efz7TLRk9M86V
tJY5toEGStARNmZOH93fK5WZcnfG7532W4V96nl/1Z0PS8QRhb4Gu0kq2iCKHN0Y
qeoF6hVfkABzxIJs/c4+vMdt1lvJ0Otbk6IFTPu4A1PpnCX4sHYASE57bwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI30YhqnYf/wvMLzFp6nBwLYv/ngMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvamZSaUdxZGhfX0M4d3ZNV25xY0hBdGlfLWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQAudoUAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQA1G0KTrgwdsaYY/IAMJjbC35/JdVL591KqsOMYs+tR
RM2CEkmWLkmR9DYMGrc8Ay7eBHrWjSASrqB88iBpb/OxuQ5HqEZsV5J+PeBizH2s
48Yikn9FCCoEl35b1oK5TNV3tiGxdgRrB/LvGeqOsDwxK7MRrAf+rD0NslY2D7GO
C5E3C+R+2mDS1huVgy1y6K31rlqARhRgY6rrKvpTxdzRuXVF3aOmFaQs0TU1AI9D
Htyl19TSKY6bNBNeQvWZgEgxi6x581PwivwhbuaZpPa3uwBLk+kLRrsDggxvrsG9
dKB1RNUZkeQJzQHRN0oyKNeDQi3JU/yuRxW+qDdMbVCg
-----END CERTIFICATE-----
Generated at Wed Sep 4 18:42:08 2024 by rpki-client on console-ams.rpki-client.org