Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lKz9q_8070-GGyjfXJFcDxXVxNQ.roa
File: lKz9q_8070-GGyjfXJFcDxXVxNQ.roa (raw, json)
Hash identifier: kF9AQG/eamUp38gzfaLx5aHN+iI6k+q57DwX0ifLQ2w=
Subject key identifier: 94:AC:FD:AB:FF:34:EF:4F:86:1B:28:DF:5C:91:5C:0F:15:D5:C4:D4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018798EC6908F77D61F2C13FC9DF75C80AC4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lKz9q_8070-GGyjfXJFcDxXVxNQ.roa
Signing time: Wed 19 Apr 2023 09:50:42 +0000
ROA not before: Wed 19 Apr 2023 09:50:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.240.123.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Apr 2023 08:28:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:ec:69:08:f7:7d:61:f2:c1:3f:c9:df:75:c8:0a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 19 09:50:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94acfdabff34ef4f861b28df5c915c0f15d5c4d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:00:45:0a:45:c5:93:5d:a3:32:77:d4:2c:0d:
ed:a6:22:b8:74:c4:21:b8:d3:17:59:60:46:ac:91:
20:23:c5:89:ee:85:10:fb:38:31:ca:2b:48:fb:44:
21:90:e8:a6:f9:7a:d0:49:9d:91:53:87:b4:60:e3:
73:db:c0:2d:e7:70:7e:4e:aa:ee:54:b1:ec:2d:4a:
aa:bd:39:f0:f3:c7:b0:02:10:5b:e3:ca:12:93:5a:
7b:a8:34:71:f5:f7:1a:57:34:b6:68:bf:43:ef:74:
cc:7e:e7:2c:b9:b3:96:54:63:ef:89:ae:c0:25:1a:
ad:ef:a5:21:40:84:d8:d4:a2:04:45:25:36:bc:d7:
3c:a6:38:c9:43:da:02:48:1c:6a:4a:f6:3a:d7:ca:
ee:28:b3:d9:5b:59:b3:23:ca:13:60:73:12:bf:25:
38:3f:93:0b:13:41:8c:10:96:31:d8:a9:d0:1b:d4:
47:35:67:de:a0:9e:49:a0:83:f4:2e:c7:dd:20:55:
9c:60:97:a1:85:2a:c4:c9:3c:1f:c9:df:7c:fd:20:
cc:24:00:ad:0c:92:aa:61:55:a1:7e:84:05:01:e1:
69:6a:bd:98:92:ff:fa:a6:0b:b9:58:a5:ba:a4:3f:
24:3d:5c:39:3a:4d:66:1c:e7:4a:ac:84:48:57:87:
88:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AC:FD:AB:FF:34:EF:4F:86:1B:28:DF:5C:91:5C:0F:15:D5:C4:D4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lKz9q_8070-GGyjfXJFcDxXVxNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
45.90.19.0/24
45.147.224.0/24
176.125.248.0/24
185.126.82.0/24
185.218.20.0/24
185.225.0.0/23
185.240.123.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
90:df:be:eb:ce:da:cc:9c:6a:3d:dd:50:92:6c:5b:6f:fa:72:
3b:76:66:88:51:3e:7e:05:22:b9:e1:c1:df:fc:8c:db:3a:24:
7b:c3:d9:bd:76:a7:c1:4a:d6:07:74:24:5f:bb:7f:dc:24:65:
52:74:40:58:b2:49:7f:c7:74:70:62:75:00:0e:d1:28:b6:65:
2a:c7:8f:f8:4d:56:f2:b2:e1:ad:c3:14:66:47:66:ed:22:24:
fd:c8:a9:c5:1d:f5:c0:ae:3a:66:b4:c8:f6:88:6c:27:e3:ca:
1a:7a:e8:a4:ab:05:a2:df:30:71:e7:04:dc:7c:6b:b4:1e:bf:
95:36:2d:0d:3e:80:06:fe:01:d9:b0:83:4b:0b:6e:aa:cd:7d:
79:2b:d1:ae:09:0e:4e:15:69:97:1b:4e:72:4c:9e:3b:7b:a3:
8a:bb:61:f9:e5:a3:e0:d2:9f:9c:b0:ae:23:51:b0:4b:7b:aa:
b0:ec:2a:f0:eb:1c:c8:7d:7c:d0:6b:e5:75:b9:5c:77:b3:be:
49:4e:e7:88:f5:dd:58:27:9d:fd:ce:06:17:f5:2c:4a:3c:5d:
88:7d:26:ce:37:b5:c4:47:da:0c:9f:6f:64:52:94:1a:77:b0:
36:ad:17:24:ae:e5:8e:fe:28:f0:29:c3:3e:56:34:88:39:ce:
c8:94:3d:34
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeY7GkI931h8sE/yd91yArEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDE5MDk1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFjZmRhYmZmMzRlZjRmODYxYjI4ZGY1YzkxNWMwZjE1ZDVjNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggBFCkXFk12jMnfULA3tpiK4dMQh
uNMXWWBGrJEgI8WJ7oUQ+zgxyitI+0QhkOim+XrQSZ2RU4e0YONz28At53B+Tqru
VLHsLUqqvTnw88ewAhBb48oSk1p7qDRx9fcaVzS2aL9D73TMfucsubOWVGPvia7A
JRqt76UhQITY1KIERSU2vNc8pjjJQ9oCSBxqSvY618ruKLPZW1mzI8oTYHMSvyU4
P5MLE0GMEJYx2KnQG9RHNWfeoJ5JoIP0LsfdIFWcYJehhSrEyTwfyd98/SDMJACt
DJKqYVWhfoQFAeFpar2Ykv/6pgu5WKW6pD8kPVw5Ok1mHOdKrIRIV4eI0QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJSs/av/NO9Phhso31yRXA8V1cTUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbEt6OXFfODA3MC1HR3lqZlhKRmNEeFhWeE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVoRAwQA
LVoTAwQALZPgAwQAsH34AwQAuX5SAwQAudoUAwQBueEAAwQAufB7AwQAwgVAMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ377rztrMnGo93VCSbFtv+nI7dmaIUT5+BSK54cHf
/IzbOiR7w9m9dqfBStYHdCRfu3/cJGVSdEBYskl/x3RwYnUADtEotmUqx4/4TVby
suGtwxRmR2btIiT9yKnFHfXArjpmtMj2iGwn48oaeuikqwWi3zBx5wTcfGu0Hr+V
Ni0NPoAG/gHZsINLC26qzX15K9GuCQ5OFWmXG05yTJ47e6OKu2H55aPg0p+csK4j
UbBLe6qw7Crw6xzIfXzQa+V1uVx3s75JTueI9d1YJ539zgYX9SxKPF2IfSbON7XE
R9oMn29kUpQad7A2rRckruWO/ijwKcM+VjSIOc7IlD00
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org