Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nLUaDuoUo9J3hIX0F0A7O_aJrHE.roa
File: nLUaDuoUo9J3hIX0F0A7O_aJrHE.roa (raw, json)
Hash identifier: nnTtDgp1fzi0l4pNo98OBNlBqAiK+6JzWNvZ7xsSy/A=
Subject key identifier: 9C:B5:1A:0E:EA:14:A3:D2:77:84:85:F4:17:40:3B:3B:F6:89:AC:71
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BFDFC8F97BC8A7FD1663BA95AA4E25EC2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nLUaDuoUo9J3hIX0F0A7O_aJrHE.roa
Signing time: Thu 23 Nov 2023 21:01:09 +0000
ROA not before: Thu 23 Nov 2023 21:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.108.204.0/23 maxlen: 24
185.222.30.0/23 maxlen: 24
45.90.16.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.23.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Nov 2023 17:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:fc:8f:97:bc:8a:7f:d1:66:3b:a9:5a:a4:e2:5e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 23 21:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cb51a0eea14a3d2778485f417403b3bf689ac71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bc:12:e6:e9:2f:df:6f:de:52:cd:82:84:e1:
49:74:17:93:00:36:de:6f:a2:07:82:55:84:6f:0c:
48:1e:59:68:6c:d9:4f:3f:a7:90:e5:ad:f0:99:85:
5c:e7:ff:92:7f:eb:ba:1a:db:d8:ab:fc:7a:a5:45:
7b:5a:0f:37:4a:2a:49:36:31:cf:b8:90:22:0e:70:
12:b9:08:56:83:f4:0d:ac:75:db:df:94:e9:72:d2:
10:b5:a7:53:d0:a8:0a:bb:92:47:82:92:bc:d3:78:
e0:fb:35:7c:eb:06:35:2d:3a:f5:a3:28:b1:07:4d:
6a:d0:b7:75:c4:49:d0:b0:dd:fb:71:a5:51:df:0f:
ea:7a:22:f3:63:f2:fd:db:66:1e:03:22:f8:1f:b6:
13:c9:7b:b3:09:13:6d:36:47:a0:f7:f9:c2:d5:7e:
f5:a8:90:e1:66:d5:19:61:64:ea:db:39:14:66:ce:
b0:93:dd:3e:ad:8f:cb:ba:2c:30:2f:8d:81:3c:a5:
02:b7:8d:9f:0e:d4:22:30:66:36:c0:f5:63:06:ca:
c9:ac:ab:56:45:a1:b4:bb:72:26:71:95:be:20:f5:
c0:45:18:fc:79:b8:1f:84:88:b6:73:62:8a:e8:37:
99:e8:b6:9d:1d:91:26:1d:c9:99:bf:7f:26:b6:10:
3f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B5:1A:0E:EA:14:A3:D2:77:84:85:F4:17:40:3B:3B:F6:89:AC:71
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/nLUaDuoUo9J3hIX0F0A7O_aJrHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.8.23.0/24
45.90.16.0/24
45.147.224.0/24
185.108.204.0/23
185.209.38.0/24
185.220.249.0-185.220.251.255
185.222.30.0/23
185.223.78.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:96:f3:06:6f:e9:af:62:29:c3:d5:d4:41:56:27:a2:58:75:
aa:8a:82:b4:4b:e2:44:ff:bd:ec:48:4c:fd:31:b3:04:3b:b9:
ef:34:5d:14:bd:3a:28:40:97:ff:07:03:b1:3a:62:45:31:8d:
bf:35:eb:27:0a:51:0e:18:e5:3a:f4:48:1c:1b:2d:cb:8e:1d:
4f:81:cc:5d:c3:ad:89:66:3a:87:57:5b:4b:fc:b4:51:2d:6c:
b8:5e:cd:d3:09:70:58:03:22:6d:31:06:4f:f2:d6:4b:1d:95:
cf:fc:81:27:e1:7c:46:b3:9f:63:fc:c1:57:bf:e3:96:4f:54:
ce:63:b3:32:e3:f1:9c:3d:be:48:56:08:c5:95:8a:03:da:3d:
d9:13:75:97:c6:1f:07:ab:24:86:26:9f:ee:bb:49:25:a1:29:
dd:06:50:0c:7c:44:e7:cf:88:c3:11:c0:fc:66:b8:6c:37:4b:
9a:b8:82:ef:10:0e:94:a1:ca:2a:e8:d5:ef:3c:79:0e:df:4c:
b3:2b:8d:c5:8c:cb:38:9d:23:22:5b:74:44:1c:39:be:04:97:
60:52:88:36:81:3a:0c:33:e3:e1:45:5b:94:cb:18:c1:7c:55:
6a:ec:36:94:1e:e6:cc:c9:3c:f4:49:ad:7f:4b:a5:8b:c7:10:
51:32:08:21
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYv9/I+XvIp/0WY7qVqk4l7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTIzMjEwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I1MWEwZWVhMTRhM2QyNzc4NDg1ZjQxNzQwM2IzYmY2ODlhYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLwS5ukv32/eUs2ChOFJdBeTADbe
b6IHglWEbwxIHllobNlPP6eQ5a3wmYVc5/+Sf+u6GtvYq/x6pUV7Wg83SipJNjHP
uJAiDnASuQhWg/QNrHXb35TpctIQtadT0KgKu5JHgpK803jg+zV86wY1LTr1oyix
B01q0Ld1xEnQsN37caVR3w/qeiLzY/L922YeAyL4H7YTyXuzCRNtNkeg9/nC1X71
qJDhZtUZYWTq2zkUZs6wk90+rY/LuiwwL42BPKUCt42fDtQiMGY2wPVjBsrJrKtW
RaG0u3ImcZW+IPXARRj8ebgfhIi2c2KK6DeZ6LadHZEmHcmZv38mthA/0wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJy1Gg7qFKPSd4SF9BdAOzv2iaxxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbkxVYUR1b1VvOUozaElYMEYwQTdPX2FKckhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALQgVAwQA
LQgXAwQALVoQAwQALZPgAwQBuWzMAwQAudEmMAwDBAC53PkDBAK53PgDBAG53h4D
BAC5304DBAG54QADBAG545IDBAC5++UDBAC5++cDBAHBOpIwDQYJKoZIhvcNAQEL
BQADggEBAKyW8wZv6a9iKcPV1EFWJ6JYdaqKgrRL4kT/vexITP0xswQ7ue80XRS9
OihAl/8HA7E6YkUxjb816ycKUQ4Y5Tr0SBwbLcuOHU+BzF3DrYlmOodXW0v8tFEt
bLhezdMJcFgDIm0xBk/y1ksdlc/8gSfhfEazn2P8wVe/45ZPVM5jszLj8Zw9vkhW
CMWVigPaPdkTdZfGHwerJIYmn+67SSWhKd0GUAx8ROfPiMMRwPxmuGw3S5q4gu8Q
DpShyiro1e88eQ7fTLMrjcWMyzidIyJbdEQcOb4El2BSiDaBOgwz4+FFW5TLGMF8
VWrsNpQe5szJPPRJrX9LpYvHEFEyCCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org