Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kEp5V5MbxihfovRelDIg-atSWYA.roa
File: kEp5V5MbxihfovRelDIg-atSWYA.roa (raw, json)
Hash identifier: SijtttZ5yUYqLaWrJd+Wmp5HiQXJvUE9mj2YYsZUKtQ=
Subject key identifier: 90:4A:79:57:93:1B:C6:28:5F:A2:F4:5E:94:32:20:F9:AB:52:59:80
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188248DDF52A3570F8C9D2A882DE4274645
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kEp5V5MbxihfovRelDIg-atSWYA.roa
Signing time: Tue 16 May 2023 12:34:17 +0000
ROA not before: Tue 16 May 2023 12:34:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.53.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.131.134.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 15:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:8d:df:52:a3:57:0f:8c:9d:2a:88:2d:e4:27:46:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 16 12:34:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=904a7957931bc6285fa2f45e943220f9ab525980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:09:78:d1:3c:d6:23:69:24:26:c7:7b:a0:
11:b5:ae:85:52:d1:f5:44:98:5e:57:43:a2:76:5f:
ec:e3:32:f1:d2:17:dc:ee:96:bb:d7:d7:1b:97:9f:
86:f2:d9:01:34:f7:58:7e:1d:b0:66:a2:f8:54:ac:
30:2b:29:de:2f:fa:6a:4e:64:91:e0:c3:aa:d1:50:
06:46:c6:cc:10:4f:33:09:7a:19:63:6c:52:e9:96:
46:ae:85:98:0b:a7:bf:1a:8d:70:73:ee:aa:26:8d:
b0:3d:0d:6c:0c:0e:74:b6:82:68:58:1c:92:bf:7d:
ca:a5:70:c7:aa:c8:90:01:ce:ba:21:f3:85:59:76:
a1:84:37:38:52:bb:7c:f7:39:36:57:74:24:c5:2c:
84:8c:0a:36:9e:5e:36:7d:ed:28:9b:bc:75:99:3a:
e7:61:a8:f6:ea:e9:c9:3f:5c:34:ee:b8:9d:56:e6:
d6:ad:d0:43:39:c6:86:71:d9:6d:f0:4a:cb:9e:ec:
ef:18:bf:2c:17:09:72:14:d0:0c:ff:b0:6c:65:3e:
d8:53:ff:db:eb:3a:43:30:7d:5b:0a:ff:10:b3:a2:
66:38:fa:f2:ff:41:05:13:3d:c5:df:26:d0:2d:32:
04:b9:73:d2:dc:73:aa:2c:d1:6c:6e:f7:fb:98:4b:
c0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4A:79:57:93:1B:C6:28:5F:A2:F4:5E:94:32:20:F9:AB:52:59:80
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kEp5V5MbxihfovRelDIg-atSWYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.134.0/24
45.147.224.0/24
45.147.226.0/24
185.225.0.0/23
185.230.53.0/24
185.246.115.0/24
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f0:84:30:4b:11:08:dc:ac:f9:11:80:62:d0:3a:57:47:cc:
7a:12:53:6c:52:51:39:c6:fe:d3:c9:c5:26:67:6c:f7:5a:ac:
07:d5:d2:b7:fc:4d:92:56:03:4a:be:1a:f6:73:40:dc:47:66:
3f:3c:78:48:04:cf:b1:7f:2a:ad:9a:c0:b4:4e:12:a9:14:d2:
22:ba:a8:22:6c:6d:f9:1f:c2:03:c8:b3:70:b3:fe:da:a9:84:
d6:a1:22:00:6d:f5:5d:6b:b4:4d:c9:8b:7c:7b:bc:cb:2e:58:
36:fb:c3:15:82:4f:14:9b:ac:01:9a:2e:01:90:58:1a:91:05:
17:f7:6c:dc:ed:72:a6:cd:30:86:a8:5a:35:1c:c7:b9:57:a6:
59:ad:6a:c6:34:eb:26:56:10:06:6e:ff:8e:1f:ef:40:b4:a3:
82:38:08:5d:84:88:79:33:59:62:55:13:0e:df:e1:90:8d:68:
d9:58:9f:97:1b:d4:16:fc:11:d7:17:8c:a5:8d:fc:26:da:27:
3d:f3:43:24:65:70:78:87:e0:d9:d5:e1:59:3b:db:5e:88:8c:
c8:ed:8e:26:44:b2:9c:e7:cd:2e:91:c5:20:99:e1:eb:1b:d5:
df:fa:13:79:99:f8:e4:69:05:61:a8:5e:38:86:60:9a:06:8c:
8e:6c:a7:4e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgkjd9So1cPjJ0qiC3kJ0ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNTE2MTIzNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRhNzk1NzkzMWJjNjI4NWZhMmY0NWU5NDMyMjBmOWFiNTI1OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMwJeNE81iNpJCbHe6ARta6FUtH1
RJheV0Oidl/s4zLx0hfc7pa719cbl5+G8tkBNPdYfh2wZqL4VKwwKyneL/pqTmSR
4MOq0VAGRsbMEE8zCXoZY2xS6ZZGroWYC6e/Go1wc+6qJo2wPQ1sDA50toJoWByS
v33KpXDHqsiQAc66IfOFWXahhDc4Urt89zk2V3QkxSyEjAo2nl42fe0om7x1mTrn
Yaj26unJP1w07ridVubWrdBDOcaGcdlt8ErLnuzvGL8sFwlyFNAM/7BsZT7YU//b
6zpDMH1bCv8Qs6JmOPry/0EFEz3F3ybQLTIEuXPS3HOqLNFsbvf7mEvAqQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJBKeVeTG8YoX6L0XpQyIPmrUlmAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEva0VwNVY1TWJ4aWhmb3ZSZWxESWctYXRTV1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
LYOGAwQALZPgAwQALZPiAwQBueEAAwQAueY1AwQAufZzAwQAwTqQMA0GCSqGSIb3
DQEBCwUAA4IBAQBp8IQwSxEI3Kz5EYBi0DpXR8x6ElNsUlE5xv7TycUmZ2z3WqwH
1dK3/E2SVgNKvhr2c0DcR2Y/PHhIBM+xfyqtmsC0ThKpFNIiuqgibG35H8IDyLNw
s/7aqYTWoSIAbfVda7RNyYt8e7zLLlg2+8MVgk8Um6wBmi4BkFgakQUX92zc7XKm
zTCGqFo1HMe5V6ZZrWrGNOsmVhAGbv+OH+9AtKOCOAhdhIh5M1liVRMO3+GQjWjZ
WJ+XG9QW/BHXF4yljfwm2ic980MkZXB4h+DZ1eFZO9teiIzI7Y4mRLKc580ukcUg
meHrG9Xf+hN5mfjkaQVhqF44hmCaBoyObKdO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org