Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kPlxMvkaO0uggOqsxA9ztavDDpE.roa
File: kPlxMvkaO0uggOqsxA9ztavDDpE.roa (raw, json)
Hash identifier: ycZVL+3AxsV0tc619PmHwRQ5MTRjeo4yLLmz12VoQWI=
Subject key identifier: 90:F9:71:32:F9:1A:3B:4B:A0:80:EA:AC:C4:0F:73:B5:AB:C3:0E:91
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C8246C9590D65190700583081AFCBC4F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kPlxMvkaO0uggOqsxA9ztavDDpE.roa
Signing time: Tue 19 Dec 2023 13:32:06 +0000
ROA not before: Tue 19 Dec 2023 13:32:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:46:c9:59:0d:65:19:07:00:58:30:81:af:cb:c4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 19 13:32:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90f97132f91a3b4ba080eaacc40f73b5abc30e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:fe:71:9b:18:3b:5d:ad:b2:a2:b0:dc:88:
ea:9a:be:83:4b:62:30:1b:fa:d8:96:be:24:1f:41:
78:44:7b:5b:03:fe:3f:12:db:eb:27:57:93:87:51:
02:87:e6:57:17:0d:a6:25:fb:0d:83:d7:03:d9:48:
0d:06:5a:e0:d7:b6:be:8b:73:97:09:31:00:93:0c:
1a:7a:fe:80:ab:f1:e0:9f:24:5f:12:4b:18:2c:63:
c4:77:98:76:54:ab:8f:5f:99:88:a1:0a:8b:af:3e:
8b:a3:d0:f4:b8:27:b1:62:be:95:34:95:04:c7:aa:
ae:e5:4b:d9:42:d9:69:ed:3d:68:fb:fb:4e:95:20:
67:b2:c4:dc:f9:6b:40:dc:8b:4d:d2:21:a1:15:e5:
60:a7:06:05:e4:6b:dd:6b:07:9a:0d:2f:65:32:1c:
91:55:7c:d9:ef:5c:d8:0f:da:82:c5:62:8f:46:21:
13:50:1d:6f:7a:6e:3e:7c:0e:5c:d0:92:e1:be:54:
e9:15:59:92:54:36:63:f5:04:a0:e4:d4:31:28:80:
97:2d:57:04:9e:35:fd:49:72:41:34:22:22:c9:33:
ae:a6:2f:29:3d:54:0e:d9:75:3c:c0:0f:ec:fd:fe:
4b:08:20:fb:40:dc:60:be:22:f9:35:59:91:c1:a4:
c7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F9:71:32:F9:1A:3B:4B:A0:80:EA:AC:C4:0F:73:B5:AB:C3:0E:91
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/kPlxMvkaO0uggOqsxA9ztavDDpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.223.80.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
87:b0:69:2b:9e:8e:24:a0:01:dc:63:bd:7c:89:81:bc:21:a6:
61:f9:6c:ff:37:c5:d2:95:d5:31:a5:9d:fc:9c:3a:1a:90:4b:
82:5a:16:61:81:db:1f:23:dd:9f:b0:ae:cc:b9:31:ab:53:37:
3a:ac:43:59:f0:87:3a:db:38:55:b5:c5:bf:0d:d4:07:2b:61:
80:69:80:57:d9:c8:79:8f:7b:74:e3:bf:aa:04:2b:29:ad:b1:
4d:ac:88:9d:a5:07:65:d1:fc:0f:b6:47:04:df:1c:b5:61:6d:
de:7a:5a:2d:24:3b:f0:71:45:82:fb:d5:0f:ec:84:42:fa:ed:
05:c6:40:83:b1:e1:b9:8d:bc:a0:d4:ac:e5:74:95:95:dc:b3:
1e:82:b0:26:fc:c3:ef:3b:e7:76:b6:23:1a:69:80:b1:51:17:
05:6b:59:cb:84:e4:d7:72:38:df:50:7f:63:29:6e:8d:16:f9:
02:a3:0e:07:df:51:cd:c1:b1:8e:10:0f:9d:24:f3:a5:92:1f:
8f:cb:d8:f2:f7:fd:ba:07:06:ca:2c:75:9b:6f:22:1c:2b:88:
c7:42:d1:ec:ae:aa:94:ca:1c:fb:c4:ca:4a:67:cd:3b:e0:2a:
78:ba:bd:b4:7a:f4:1f:e2:96:6f:57:09:7c:21:0b:5c:0b:6d:
01:75:9e:40
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyCRslZDWUZBwBYMIGvy8TyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE5MTMzMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY5NzEzMmY5MWEzYjRiYTA4MGVhYWNjNDBmNzNiNWFiYzMwZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEb+cZsYO12tsqKw3Ijqmr6DS2Iw
G/rYlr4kH0F4RHtbA/4/EtvrJ1eTh1ECh+ZXFw2mJfsNg9cD2UgNBlrg17a+i3OX
CTEAkwwaev6Aq/HgnyRfEksYLGPEd5h2VKuPX5mIoQqLrz6Lo9D0uCexYr6VNJUE
x6qu5UvZQtlp7T1o+/tOlSBnssTc+WtA3ItN0iGhFeVgpwYF5GvdaweaDS9lMhyR
VXzZ71zYD9qCxWKPRiETUB1vem4+fA5c0JLhvlTpFVmSVDZj9QSg5NQxKICXLVcE
njX9SXJBNCIiyTOupi8pPVQO2XU8wA/s/f5LCCD7QNxgviL5NVmRwaTHvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJD5cTL5GjtLoIDqrMQPc7Wrww6RMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEva1BseE12a2FPMHVnZ09xc3hBOXp0YXZERHBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsH34AwQA
udLoAwQAudZmAwQAud9QAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCH
sGkrno4koAHcY718iYG8IaZh+Wz/N8XSldUxpZ38nDoakEuCWhZhgdsfI92fsK7M
uTGrUzc6rENZ8Ic62zhVtcW/DdQHK2GAaYBX2ch5j3t047+qBCsprbFNrIidpQdl
0fwPtkcE3xy1YW3eelotJDvwcUWC+9UP7IRC+u0FxkCDseG5jbyg1KzldJWV3LMe
grAm/MPvO+d2tiMaaYCxURcFa1nLhOTXcjjfUH9jKW6NFvkCow4H31HNwbGOEA+d
JPOlkh+Py9jy9/26BwbKLHWbbyIcK4jHQtHsrqqUyhz7xMpKZ8074Cp4ur20evQf
4pZvVwl8IQtcC20BdZ5A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org