Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o1oI85Ewq-a7di5hGi0xbGSHARk.roa
File: o1oI85Ewq-a7di5hGi0xbGSHARk.roa (raw, json)
Hash identifier: XOMJjuKSSdacCSxduxueeymvVol/quXsn1pQ6a0SPcg=
Subject key identifier: A3:5A:08:F3:91:30:AB:E6:BB:76:2E:61:1A:2D:31:6C:64:87:01:19
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01864BA63CEB67F7A774B8ADFC43B01CFA6D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o1oI85Ewq-a7di5hGi0xbGSHARk.roa
Signing time: Mon 13 Feb 2023 16:40:30 +0000
ROA not before: Mon 13 Feb 2023 16:40:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
45.131.132.0/24 maxlen: 24
45.131.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Feb 2023 08:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:a6:3c:eb:67:f7:a7:74:b8:ad:fc:43:b0:1c:fa:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 13 16:40:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a35a08f39130abe6bb762e611a2d316c64870119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a0:c9:69:79:4e:4e:3b:19:c0:e4:66:e5:d3:
88:52:32:7c:33:03:be:09:45:24:9d:7c:47:ae:81:
3e:7a:c6:19:97:2a:b0:eb:50:62:36:1f:ee:64:bb:
ab:cd:eb:88:77:e6:b5:07:a5:b1:5e:dd:47:17:f3:
af:f9:47:7e:37:96:31:a8:7a:64:95:85:5c:1c:99:
28:20:43:ba:c7:70:2d:81:2f:2d:06:91:ef:86:11:
35:57:7b:0b:a1:96:3d:33:67:81:99:ab:13:44:f3:
73:b2:7a:20:e6:6c:2c:0c:36:89:37:13:22:c2:cc:
4f:c5:5a:7b:77:bf:c0:aa:61:7a:52:8f:7d:a7:77:
00:19:c6:e8:d2:6c:1a:05:30:f9:88:45:68:b0:0e:
b3:e5:5d:b7:49:71:ea:7c:9b:a2:67:a7:be:15:86:
0d:cd:10:c3:cd:a7:e7:99:c4:7d:9a:52:76:83:17:
0e:de:2f:39:6c:64:b2:ae:86:44:b4:49:8f:34:9a:
db:a2:c9:f0:46:5a:db:2e:13:63:c1:e7:e9:f8:6b:
61:50:1d:f0:15:74:0e:1f:06:ee:9d:d3:a4:85:98:
b6:b8:bb:93:df:83:ab:85:bb:c6:52:2a:cb:fb:9a:
6e:d6:b3:1b:5c:9b:98:ed:bc:7f:fa:dc:44:70:be:
6d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:08:F3:91:30:AB:E6:BB:76:2E:61:1A:2D:31:6C:64:87:01:19
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o1oI85Ewq-a7di5hGi0xbGSHARk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.132.0/23
185.206.250.0/24
185.223.78.0/24
185.223.155.0/24
185.246.112.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:f5:e0:ef:51:72:41:8b:25:88:be:db:c4:71:12:67:c9:54:
1c:3e:5b:b1:93:46:67:74:69:63:de:e0:25:bc:2a:38:0e:a1:
0f:6d:f7:d1:bd:68:26:3c:be:22:78:c1:6f:5f:ca:f5:7d:a6:
ab:80:0b:39:6c:1c:de:5a:f2:fb:d4:5f:dd:90:a6:f3:30:b5:
ee:e4:cb:a2:7f:b6:19:96:f1:6b:f9:8b:32:9d:77:cf:07:e2:
19:92:73:8b:58:d2:4b:13:33:9c:61:aa:e7:73:61:c7:c1:d9:
dc:0c:a5:6b:49:03:1f:5a:64:12:a3:b8:12:52:20:53:16:33:
aa:0d:95:7e:36:b7:33:5d:af:d5:c3:0c:9e:df:d8:5b:5f:f2:
01:83:ae:c6:d1:4b:a2:87:25:0c:fb:8c:a1:13:a2:92:7d:c3:
31:94:2e:13:93:ee:8d:b5:f9:81:03:5d:07:3f:24:28:c8:cc:
de:a7:da:ba:de:06:ee:cd:ff:af:7e:7b:6c:58:e1:5b:e5:96:
9c:37:4e:97:95:df:3d:16:9a:21:f8:f0:8b:c6:cf:f6:3f:c4:
97:e0:de:1a:a2:c7:15:34:92:d5:6c:9d:1b:bf:a9:18:9c:d7:
64:fa:b9:cc:94:76:cf:24:62:fe:6f:bf:6e:44:62:88:54:52:
34:54:8f:6e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZLpjzrZ/endLit/EOwHPptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjEzMTY0MDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVhMDhmMzkxMzBhYmU2YmI3NjJlNjExYTJkMzE2YzY0ODcwMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6DJaXlOTjsZwORm5dOIUjJ8MwO+
CUUknXxHroE+esYZlyqw61BiNh/uZLurzeuId+a1B6WxXt1HF/Ov+Ud+N5YxqHpk
lYVcHJkoIEO6x3AtgS8tBpHvhhE1V3sLoZY9M2eBmasTRPNzsnog5mwsDDaJNxMi
wsxPxVp7d7/AqmF6Uo99p3cAGcbo0mwaBTD5iEVosA6z5V23SXHqfJuiZ6e+FYYN
zRDDzafnmcR9mlJ2gxcO3i85bGSyroZEtEmPNJrbosnwRlrbLhNjwefp+GthUB3w
FXQOHwbundOkhZi2uLuT34OrhbvGUirL+5pu1rMbXJuY7bx/+txEcL5tsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKNaCPORMKvmu3YuYRotMWxkhwEZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzFvSTg1RXdxLWE3ZGk1aEdpMHhiR1NIQVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQgVAwQB
LYOEAwQAuc76AwQAud9OAwQAud+bAwQAufZwMA0GCSqGSIb3DQEBCwUAA4IBAQAv
9eDvUXJBiyWIvtvEcRJnyVQcPluxk0ZndGlj3uAlvCo4DqEPbffRvWgmPL4ieMFv
X8r1faargAs5bBzeWvL71F/dkKbzMLXu5Muif7YZlvFr+YsynXfPB+IZknOLWNJL
EzOcYarnc2HHwdncDKVrSQMfWmQSo7gSUiBTFjOqDZV+NrczXa/Vwwye39hbX/IB
g67G0UuihyUM+4yhE6KSfcMxlC4Tk+6NtfmBA10HPyQoyMzep9q63gbuzf+vfnts
WOFb5ZacN06Xld89Fpoh+PCLxs/2P8SX4N4aoscVNJLVbJ0bv6kYnNdk+rnMlHbP
JGL+b79uRGKIVFI0VI9u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org