Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o3FfQ6aejIqLgHl4kVIN-GaBMrw.roa
File: o3FfQ6aejIqLgHl4kVIN-GaBMrw.roa (raw, json)
Hash identifier: WjEoWQEN/W60M54ugGsDO9tTdKTb2D73Le1ueEirSqE=
Subject key identifier: A3:71:5F:43:A6:9E:8C:8A:8B:80:79:78:91:52:0D:F8:66:81:32:BC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019251EB027429A3F3F5BDC897055D757C2F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o3FfQ6aejIqLgHl4kVIN-GaBMrw.roa
Signing time: Thu 03 Oct 2024 10:26:48 +0000
ROA not before: Thu 03 Oct 2024 10:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.113.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 12:26:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:eb:02:74:29:a3:f3:f5:bd:c8:97:05:5d:75:7c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 3 10:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3715f43a69e8c8a8b80797891520df8668132bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b5:c1:ef:21:5b:c2:8d:89:fc:f6:bd:4c:b7:
54:67:0a:6c:05:b7:83:2e:a2:d4:bd:ae:7e:8d:5f:
bd:98:f3:08:68:26:81:4b:2f:52:1c:33:76:34:85:
79:5a:8a:74:4b:d4:0d:3f:b1:ea:0c:f0:25:50:70:
0f:ed:0e:7a:64:3c:4a:13:4b:22:0d:b3:b2:31:5f:
68:81:d7:4a:cb:f6:93:1f:39:27:19:f3:97:ef:9c:
f9:db:55:21:8a:8e:56:59:0f:be:ff:9b:36:66:8a:
f7:19:1f:0c:ab:0c:44:ee:d1:9f:59:d0:97:cb:7e:
f4:e4:40:3d:d7:8d:39:14:91:49:ac:8a:b0:ae:7b:
1e:35:13:ca:4f:97:4b:16:60:c6:a2:35:17:a9:6a:
c4:67:5b:65:d0:e9:8b:b6:40:07:c6:c2:5a:bf:06:
31:0e:6c:a0:87:73:c6:b9:d6:0d:c0:86:0b:d3:5d:
96:04:b7:28:3c:d0:0f:e5:fa:06:74:76:f8:6d:7e:
08:ba:1a:53:7d:8d:97:ea:d7:80:c0:8e:9a:07:d0:
09:5d:c8:13:f7:94:26:96:6d:ae:ed:52:6b:0a:25:
7e:f0:ea:1f:c0:ec:02:72:64:43:3e:99:63:62:41:
23:01:43:32:04:1c:ae:57:21:b6:71:a4:49:0a:d4:
ae:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:71:5F:43:A6:9E:8C:8A:8B:80:79:78:91:52:0D:F8:66:81:32:BC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o3FfQ6aejIqLgHl4kVIN-GaBMrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.218.101.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:94:92:64:68:53:75:ed:4a:30:27:90:1f:34:e6:5d:ec:59:
43:2b:e1:9c:a1:22:7e:8d:cc:56:4f:cb:76:49:4e:d1:3b:fc:
87:35:f6:ea:7c:4b:93:5c:b8:86:2a:c0:35:31:5b:4c:37:6e:
1d:6f:30:95:1a:28:6b:e6:b5:9c:c4:88:08:64:0d:89:aa:60:
11:44:3b:09:1c:54:87:f3:0d:2b:39:0b:4c:f5:ad:dc:1d:4d:
c0:52:c6:90:94:51:42:91:b2:32:17:ca:2c:cb:e5:ee:fa:3b:
a7:f5:28:7b:b7:d3:3e:f8:44:b6:bc:62:39:39:da:95:a9:81:
72:fe:9e:b4:e2:81:3c:0e:d6:e9:50:d2:6f:d4:25:ab:38:35:
32:b8:5f:fc:a3:79:cc:d3:e6:63:3e:62:af:0a:f9:f5:ab:49:
87:b4:05:36:1c:a4:b6:00:37:07:26:1e:c0:dd:de:f7:cc:d5:
4d:4f:ab:c6:12:ea:ff:9c:85:9a:26:17:b4:ee:3b:52:c0:9b:
f0:41:07:7a:cb:70:77:54:b2:02:6f:35:5f:47:25:d7:22:25:
a5:ab:a9:90:5f:93:34:a5:1a:6a:23:ae:69:3e:2e:0c:ee:83:
2e:92:0a:9c:43:f4:cf:e5:0a:f2:05:84:e6:90:bf:c1:bc:f3:
d0:d4:f7:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZJR6wJ0KaPz9b3IlwVddXwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDAzMTAyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcxNWY0M2E2OWU4YzhhOGI4MDc5Nzg5MTUyMGRmODY2ODEzMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7XB7yFbwo2J/Pa9TLdUZwpsBbeD
LqLUva5+jV+9mPMIaCaBSy9SHDN2NIV5Wop0S9QNP7HqDPAlUHAP7Q56ZDxKE0si
DbOyMV9ogddKy/aTHzknGfOX75z521Uhio5WWQ++/5s2Zor3GR8MqwxE7tGfWdCX
y3705EA91405FJFJrIqwrnseNRPKT5dLFmDGojUXqWrEZ1tl0OmLtkAHxsJavwYx
Dmygh3PGudYNwIYL012WBLcoPNAP5foGdHb4bX4IuhpTfY2X6teAwI6aB9AJXcgT
95Qmlm2u7VJrCiV+8OofwOwCcmRDPpljYkEjAUMyBByuVyG2caRJCtSuqQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKNxX0OmnoyKi4B5eJFSDfhmgTK8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzNGZlE2YWVqSXFMZ0hsNGtWSU4tR2FCTXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQAudplAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQBwQhwAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCLlJJkaFN17UowJ5AfNOZd7FlDK+GcoSJ+jcxWT8t2
SU7RO/yHNfbqfEuTXLiGKsA1MVtMN24dbzCVGihr5rWcxIgIZA2JqmARRDsJHFSH
8w0rOQtM9a3cHU3AUsaQlFFCkbIyF8osy+Xu+jun9Sh7t9M++ES2vGI5OdqVqYFy
/p604oE8DtbpUNJv1CWrODUyuF/8o3nM0+ZjPmKvCvn1q0mHtAU2HKS2ADcHJh7A
3d73zNVNT6vGEur/nIWaJhe07jtSwJvwQQd6y3B3VLICbzVfRyXXIiWlq6mQX5M0
pRpqI65pPi4M7oMukgqcQ/TP5QryBYTmkL/BvPPQ1PcB
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:47 2024 by rpki-client on console-ams.rpki-client.org