Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfW5rDasZu7tiJCB2oa9IK6MLB0.roa
File: mfW5rDasZu7tiJCB2oa9IK6MLB0.roa (raw, json)
Hash identifier: kkL57BVL72DcnyEfzY15ch0ZAsrfPULNdEp5VtxtUSg=
Subject key identifier: 99:F5:B9:AC:36:AC:66:EE:ED:88:90:81:DA:86:BD:20:AE:8C:2C:1D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01879DCC410977C2E2672D6F8CC5DC60AC98
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfW5rDasZu7tiJCB2oa9IK6MLB0.roa
Signing time: Thu 20 Apr 2023 08:33:41 +0000
ROA not before: Thu 20 Apr 2023 08:33:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.218.20.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Apr 2023 16:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:cc:41:09:77:c2:e2:67:2d:6f:8c:c5:dc:60:ac:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 20 08:33:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f5b9ac36ac66eeed889081da86bd20ae8c2c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:54:09:7d:fb:7f:35:51:ea:98:09:1d:ca:1c:
9d:3b:2b:40:b4:6a:66:22:91:69:ae:fa:b2:2f:ea:
5a:92:d7:0c:0a:3e:95:79:86:06:09:86:a8:9c:98:
27:c4:cc:13:1d:f2:7e:e6:b3:e0:f3:34:a9:44:9b:
01:ad:35:86:c3:25:1a:e4:cb:1e:fe:2d:20:53:ea:
e2:b4:34:f3:e4:a2:5d:91:68:67:86:ac:72:df:04:
26:73:09:35:fe:96:1b:79:65:de:79:79:c3:d8:d7:
53:f4:be:bb:65:74:eb:29:2f:d2:76:cd:7b:5f:34:
23:41:cc:af:ec:87:08:93:ac:12:d1:22:db:34:41:
fa:b8:ab:59:7f:10:26:25:ae:a8:81:33:94:0c:6f:
38:30:62:cd:f5:18:df:19:d0:ab:c3:fc:50:ae:87:
34:2a:d4:6e:83:2c:aa:fb:47:f0:37:b9:8a:dd:5f:
ef:3f:43:5b:27:b7:1a:53:af:14:62:07:d8:cb:ee:
4e:b1:78:73:56:44:5a:e3:af:86:1c:3b:be:61:af:
72:39:88:7c:09:c6:f3:20:ae:69:23:05:5c:9c:63:
19:dd:86:2c:9a:f0:bb:49:12:d0:e3:a5:6a:7e:9f:
1f:3d:c3:51:c1:59:32:41:a2:e8:a9:01:f5:aa:65:
16:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F5:B9:AC:36:AC:66:EE:ED:88:90:81:DA:86:BD:20:AE:8C:2C:1D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mfW5rDasZu7tiJCB2oa9IK6MLB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.218.20.0/24
185.225.0.0/23
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:64:52:aa:39:18:65:7f:66:30:1f:6b:70:51:02:dc:ae:98:
ab:1b:dc:52:73:ca:ea:d7:2e:33:41:02:31:f4:f8:33:94:da:
cd:1b:0d:6f:23:f9:03:d4:dd:1f:31:3e:0d:bf:15:07:0b:1c:
0c:66:51:15:3a:2a:50:91:fe:68:35:6f:c5:13:d4:b0:45:47:
b6:24:0e:97:03:d2:ff:cb:29:ae:b7:3b:53:d1:3f:9a:c1:e6:
dc:b7:db:84:34:7c:c3:9a:ce:b9:2a:ce:39:51:bd:e2:4f:81:
50:87:e7:8b:75:48:7d:77:96:50:49:7a:10:dd:d0:fe:f4:ca:
ee:71:c3:02:d5:0c:72:58:21:a7:c7:37:2d:87:90:35:ed:b8:
63:c0:f9:f0:d5:07:b2:42:e4:bc:d6:fc:11:7e:17:de:58:f7:
bc:54:ff:e0:c5:7b:4d:7b:40:dc:96:e0:03:35:2b:85:ea:ed:
b2:28:9b:2e:c4:0f:26:4f:e1:7d:3f:6e:86:16:b7:81:90:fb:
4a:84:96:eb:cf:ff:54:6c:94:21:ab:59:74:a2:47:f8:42:a8:
4f:c1:1f:25:45:0d:f0:69:88:4c:e9:29:6b:b3:90:63:f9:ae:
25:21:88:aa:25:a9:b5:f8:e0:c7:03:48:2f:84:e3:18:66:9b:
b3:6c:e4:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYedzEEJd8LiZy1vjMXcYKyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDIwMDgzMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY1YjlhYzM2YWM2NmVlZWQ4ODkwODFkYTg2YmQyMGFlOGMyYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFQJfft/NVHqmAkdyhydOytAtGpm
IpFprvqyL+paktcMCj6VeYYGCYaonJgnxMwTHfJ+5rPg8zSpRJsBrTWGwyUa5Mse
/i0gU+ritDTz5KJdkWhnhqxy3wQmcwk1/pYbeWXeeXnD2NdT9L67ZXTrKS/Sds17
XzQjQcyv7IcIk6wS0SLbNEH6uKtZfxAmJa6ogTOUDG84MGLN9RjfGdCrw/xQroc0
KtRugyyq+0fwN7mK3V/vP0NbJ7caU68UYgfYy+5OsXhzVkRa46+GHDu+Ya9yOYh8
CcbzIK5pIwVcnGMZ3YYsmvC7SRLQ46Vqfp8fPcNRwVkyQaLoqQH1qmUWQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJn1uaw2rGbu7YiQgdqGvSCujCwdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbWZXNXJEYXNadTd0aUpDQjJvYTlJSzZNTEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPgAwQA
udoUAwQBueEAAwQAwgVAMA0GCSqGSIb3DQEBCwUAA4IBAQB9ZFKqORhlf2YwH2tw
UQLcrpirG9xSc8rq1y4zQQIx9PgzlNrNGw1vI/kD1N0fMT4NvxUHCxwMZlEVOipQ
kf5oNW/FE9SwRUe2JA6XA9L/yymutztT0T+awebct9uENHzDms65Ks45Ub3iT4FQ
h+eLdUh9d5ZQSXoQ3dD+9MruccMC1QxyWCGnxzcth5A17bhjwPnw1QeyQuS81vwR
fhfeWPe8VP/gxXtNe0DcluADNSuF6u2yKJsuxA8mT+F9P26GFreBkPtKhJbrz/9U
bJQhq1l0okf4QqhPwR8lRQ3waYhM6Slrs5Bj+a4lIYiqJam1+ODHA0gvhOMYZpuz
bOSl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org