Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/leAp4PYIw_lOC9kgulAETACJM9w.roa
File: leAp4PYIw_lOC9kgulAETACJM9w.roa (raw, json)
Hash identifier: 7NXVJiU7m3v7wcBmzC7DJIkxCHup+bW5eWcIE8DbRPg=
Subject key identifier: 95:E0:29:E0:F6:08:C3:F9:4E:0B:D9:20:BA:50:04:4C:00:89:33:DC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A4BA95AFA3CB8A7EEC3F5785ED1C6B188
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/leAp4PYIw_lOC9kgulAETACJM9w.roa
Signing time: Thu 31 Aug 2023 12:55:04 +0000
ROA not before: Thu 31 Aug 2023 12:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.0.0/24 maxlen: 24
185.194.177.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.221.23.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.221.22.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 17:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:a9:5a:fa:3c:b8:a7:ee:c3:f5:78:5e:d1:c6:b1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 31 12:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95e029e0f608c3f94e0bd920ba50044c008933dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:50:40:77:35:67:ed:76:6f:7d:d5:a7:8e:03:
12:b0:87:e7:24:e4:97:8c:f5:dd:65:0a:47:b3:57:
01:5b:b8:f4:98:47:72:71:7d:62:8b:12:8a:60:bf:
21:c0:d0:6c:d4:62:58:45:8d:30:32:f4:9e:d2:6d:
01:ff:ac:fe:6e:3b:70:c1:ae:74:3e:4c:e0:10:47:
d9:ba:37:dd:17:bd:41:5b:73:b2:05:e5:ff:5d:6f:
90:0d:84:96:33:38:10:ee:af:52:04:dc:59:01:3b:
5c:5d:48:90:ca:7e:5f:82:c5:78:32:49:67:2d:d9:
b5:3f:d5:fa:03:9b:28:81:5b:a1:f2:ac:cb:01:cd:
05:78:b9:e4:8b:dd:22:09:5d:e6:b2:6e:c1:11:06:
40:72:9f:0c:db:31:2c:2f:f9:55:38:83:7b:a0:22:
43:2e:c8:43:fd:ee:4d:d7:9b:40:b7:7d:56:0e:c6:
8f:2f:ba:39:84:dd:08:19:21:34:f1:9b:d6:86:03:
02:92:26:6d:16:86:1b:0e:74:3a:6d:60:ce:93:24:
b2:a7:f4:a4:df:9a:28:38:02:8f:b5:9a:0f:c0:b4:
10:84:f3:fb:5d:a9:ae:c2:eb:c6:9f:18:51:d6:f6:
04:87:8e:5a:11:0d:9a:b0:f9:02:e3:eb:b9:78:3f:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E0:29:E0:F6:08:C3:F9:4E:0B:D9:20:BA:50:04:4C:00:89:33:DC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/leAp4PYIw_lOC9kgulAETACJM9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.194.177.0/24
185.210.232.0/24
185.220.249.0/24
185.221.20.0/24
185.221.22.0/23
185.222.29.0/24
185.223.80.0/24
185.223.83.0/24
185.225.0.0/23
185.225.20.0/24
185.225.22.0/24
185.226.106.0/24
185.227.145.0/24
185.228.75.0/24
185.246.115.0/24
185.251.229.0/24
185.251.231.0/24
193.58.144.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
09:ed:40:1e:7d:7a:03:db:41:e0:2d:67:c5:56:69:95:3f:a3:
00:5b:f7:03:de:9e:94:44:c9:f9:45:67:f6:7b:50:2f:86:8f:
7a:d8:c7:d0:55:b2:42:d0:49:f3:41:87:0d:0e:86:15:58:3a:
05:bb:ed:fc:cf:28:b0:d5:36:52:28:7c:bc:9d:39:92:4f:f5:
99:53:a3:a1:24:66:62:64:0f:fb:28:89:be:bd:6b:3d:7f:40:
e6:df:78:66:06:c9:d8:1a:3b:f7:4d:66:fe:31:03:0c:7d:28:
e4:2a:f0:18:b1:d5:62:f2:d9:17:62:4c:ac:dc:cf:bd:93:fd:
79:52:54:1c:fa:c7:f2:c0:fd:9a:3d:5d:ae:0a:3c:b6:2f:6e:
32:57:74:c5:c0:7b:d9:a7:83:41:59:1f:d0:5a:f6:a3:7b:5c:
cd:a6:71:5b:be:c1:07:17:45:e2:98:4f:d6:7f:f8:e3:d2:75:
fd:c0:b8:88:fc:11:11:85:e9:01:4e:22:73:95:db:32:79:e7:
76:ac:98:d4:04:27:10:38:e4:09:03:4a:80:27:77:79:c5:d0:
ea:e1:c1:b4:ce:af:bd:86:e6:44:4c:18:64:0e:fa:83:1c:76:
96:9f:0d:aa:11:e2:ac:42:94:53:8b:a4:bf:8b:7a:08:7c:2b:
bb:cc:e6:17
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYpLqVr6PLin7sP1eF7RxrGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODMxMTI1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUwMjllMGY2MDhjM2Y5NGUwYmQ5MjBiYTUwMDQ0YzAwODkzM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81BAdzVn7XZvfdWnjgMSsIfnJOSX
jPXdZQpHs1cBW7j0mEdycX1iixKKYL8hwNBs1GJYRY0wMvSe0m0B/6z+bjtwwa50
PkzgEEfZujfdF71BW3OyBeX/XW+QDYSWMzgQ7q9SBNxZATtcXUiQyn5fgsV4Mkln
Ldm1P9X6A5sogVuh8qzLAc0FeLnki90iCV3msm7BEQZAcp8M2zEsL/lVOIN7oCJD
LshD/e5N15tAt31WDsaPL7o5hN0IGSE08ZvWhgMCkiZtFoYbDnQ6bWDOkySyp/Sk
35ooOAKPtZoPwLQQhPP7XamuwuvGnxhR1vYEh45aEQ2asPkC4+u5eD+78QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJXgKeD2CMP5TgvZILpQBEwAiTPcMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbGVBcDRQWUl3X2xPQzlrZ3VsQUVUQUNKTTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC0I
FQMEAC2T4AMEALnCsQMEALnS6AMEALnc+QMEALndFAMEAbndFgMEALneHQMEALnf
UAMEALnfUwMEAbnhAAMEALnhFAMEALnhFgMEALniagMEALnjkQMEALnkSwMEALn2
cwMEALn75QMEALn75wMEAME6kAMEAcE6kjANBgkqhkiG9w0BAQsFAAOCAQEACe1A
Hn16A9tB4C1nxVZplT+jAFv3A96elETJ+UVn9ntQL4aPetjH0FWyQtBJ80GHDQ6G
FVg6Bbvt/M8osNU2Uih8vJ05kk/1mVOjoSRmYmQP+yiJvr1rPX9A5t94ZgbJ2Bo7
901m/jEDDH0o5CrwGLHVYvLZF2JMrNzPvZP9eVJUHPrH8sD9mj1drgo8ti9uMld0
xcB72aeDQVkf0Fr2o3tczaZxW77BBxdF4phP1n/449J1/cC4iPwREYXpAU4ic5Xb
MnnndqyY1AQnEDjkCQNKgCd3ecXQ6uHBtM6vvYbmREwYZA76gxx2lp8NqhHirEKU
U4ukv4t6CHwru8zmFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org