Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mAATZRm_7OtKw8tm7ZsNfjDoVy8.roa
File: mAATZRm_7OtKw8tm7ZsNfjDoVy8.roa (raw, json)
Hash identifier: hEntSsjQJGInlks+6S6I1EcceY5oHUxEBZEI9DMAUu4=
Subject key identifier: 98:00:13:65:19:BF:EC:EB:4A:C3:CB:66:ED:9B:0D:7E:30:E8:57:2F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B9C66AC007FCDF23245EEEB80D8080A19
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mAATZRm_7OtKw8tm7ZsNfjDoVy8.roa
Signing time: Sat 04 Nov 2023 22:14:16 +0000
ROA not before: Sat 04 Nov 2023 22:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.220.248.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.222.30.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.246.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Nov 2023 15:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9c:66:ac:00:7f:cd:f2:32:45:ee:eb:80:d8:08:0a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 4 22:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9800136519bfeceb4ac3cb66ed9b0d7e30e8572f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a1:d0:00:4b:fb:2c:c9:c1:97:ae:81:58:b1:
24:2a:52:ac:26:16:a3:6d:e0:47:ee:4f:d7:87:12:
52:12:31:9a:0c:13:12:21:77:b5:fd:ec:f6:d5:b6:
59:4f:43:f2:8a:15:b6:c8:89:af:f6:d3:79:4f:13:
e4:50:87:51:03:61:31:3b:64:fa:15:ad:0b:24:de:
c4:be:94:01:df:aa:b1:5c:15:87:b3:84:f3:68:c5:
48:a8:b7:bb:ac:eb:24:4c:da:a3:3d:bd:f1:10:ca:
9a:00:57:8f:45:91:a7:32:9b:8f:35:90:aa:6c:be:
5c:dd:f7:6e:f7:fe:c9:41:b3:49:45:ae:e4:b7:60:
73:4d:74:15:7c:91:05:65:3d:61:a4:d1:10:09:df:
10:15:b4:d3:1a:e2:0a:18:51:27:d1:a7:0e:28:06:
38:15:46:07:ed:30:58:96:0c:e3:91:7b:6b:6b:05:
7f:d3:35:3f:c5:6c:33:15:b9:23:70:9d:cd:4b:d5:
a7:c7:a0:59:7a:d8:fc:96:68:2c:c5:02:b3:5e:b9:
dc:2b:3a:cd:57:a3:ff:32:36:57:b0:8a:26:96:35:
b4:90:c1:31:1c:20:96:30:d4:80:a9:e5:a1:7d:f9:
f8:a2:46:e7:39:d3:a9:48:eb:5c:86:f7:18:d1:8c:
23:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:00:13:65:19:BF:EC:EB:4A:C3:CB:66:ED:9B:0D:7E:30:E8:57:2F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mAATZRm_7OtKw8tm7ZsNfjDoVy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.218.102.0/24
185.220.248.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.227.146.0/23
185.246.114.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
08:f0:a9:a4:57:ef:94:cf:ed:62:43:b0:ec:f8:45:82:69:c8:
fe:99:d2:c0:03:f1:fd:ef:af:70:f4:77:0c:20:f2:9f:81:ba:
82:73:9f:3a:3d:cf:8b:55:88:c8:4b:7a:2d:b2:a9:1c:82:13:
e4:b4:8b:37:cd:ae:93:03:81:3e:09:ad:25:68:00:a4:d9:0f:
ca:f6:b4:ff:d0:2e:4e:a0:c3:b3:18:10:c1:2a:ab:e8:84:ba:
9e:68:23:44:e4:8e:24:79:24:ee:d0:b6:2e:62:47:89:f6:a2:
e9:23:dd:8c:b4:41:e6:de:18:41:b3:d9:e1:f4:59:77:4a:e2:
12:3a:1c:70:4b:0d:67:c2:94:b5:69:80:fd:61:83:53:d0:eb:
da:57:9a:5d:59:0c:cc:8f:06:8a:8f:5c:80:22:b0:32:e5:86:
7a:bd:99:36:77:b0:b0:07:d4:33:94:e3:d9:e5:56:fa:45:21:
4c:54:e1:07:77:1c:88:d7:cd:54:88:54:32:1c:f5:ef:12:7d:
70:1a:56:1b:99:28:1a:c4:24:88:b0:58:27:3b:68:98:11:74:
09:04:40:46:ad:73:02:7d:0b:ab:d6:17:24:de:d8:98:a5:eb:
c9:01:e6:e0:39:4d:4b:dc:d0:04:ef:91:32:8a:ea:da:b0:90:
a1:47:f5:50
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYucZqwAf83yMkXu64DYCAoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTA0MjIxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODAwMTM2NTE5YmZlY2ViNGFjM2NiNjZlZDliMGQ3ZTMwZTg1NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6HQAEv7LMnBl66BWLEkKlKsJhaj
beBH7k/XhxJSEjGaDBMSIXe1/ez21bZZT0PyihW2yImv9tN5TxPkUIdRA2ExO2T6
Fa0LJN7EvpQB36qxXBWHs4TzaMVIqLe7rOskTNqjPb3xEMqaAFePRZGnMpuPNZCq
bL5c3fdu9/7JQbNJRa7kt2BzTXQVfJEFZT1hpNEQCd8QFbTTGuIKGFEn0acOKAY4
FUYH7TBYlgzjkXtrawV/0zU/xWwzFbkjcJ3NS9Wnx6BZetj8lmgsxQKzXrncKzrN
V6P/MjZXsIomljW0kMExHCCWMNSAqeWhffn4okbnOdOpSOtchvcY0YwjawIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJgAE2UZv+zrSsPLZu2bDX4w6FcvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbUFBVFpSbV83T3RLdzh0bTdac05makRvVnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQgVAwQA
LZPgAwQAudEmAwQAudpmAwQAudz4AwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQB
ueOSAwQAufZyAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQAI8KmkV++U
z+1iQ7Ds+EWCacj+mdLAA/H9769w9HcMIPKfgbqCc586Pc+LVYjIS3otsqkcghPk
tIs3za6TA4E+Ca0laACk2Q/K9rT/0C5OoMOzGBDBKqvohLqeaCNE5I4keSTu0LYu
YkeJ9qLpI92MtEHm3hhBs9nh9Fl3SuISOhxwSw1nwpS1aYD9YYNT0OvaV5pdWQzM
jwaKj1yAIrAy5YZ6vZk2d7CwB9QzlOPZ5Vb6RSFMVOEHdxyI181UiFQyHPXvEn1w
GlYbmSgaxCSIsFgnO2iYEXQJBEBGrXMCfQur1hck3tiYpevJAebgOU1L3NAE75Ey
iurasJChR/VQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org