Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5B9CwAuXihFpJjzD8qlPKzqUgY.roa
File: o5B9CwAuXihFpJjzD8qlPKzqUgY.roa (raw, json)
Hash identifier: +XVUadHeNEwYaS9COk03Uj1PnjhPphYm/Atf7PFBxWc=
Subject key identifier: A3:90:7D:0B:00:2E:5E:28:45:A4:98:F3:0F:CA:A5:3C:AC:EA:52:06
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B1E1D449E183E8B8085AE13BDFD0F66B2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5B9CwAuXihFpJjzD8qlPKzqUgY.roa
Signing time: Wed 11 Oct 2023 09:41:56 +0000
ROA not before: Wed 11 Oct 2023 09:41:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 185.222.30.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 09:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:1d:44:9e:18:3e:8b:80:85:ae:13:bd:fd:0f:66:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 11 09:41:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3907d0b002e5e2845a498f30fcaa53cacea5206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bc:27:a8:dd:f9:40:7c:eb:da:ed:84:a5:65:
a0:81:d5:c6:a3:aa:f2:96:1c:ea:73:49:f2:40:8b:
d5:6b:22:28:95:91:4f:2a:e2:39:89:3b:82:5c:a8:
c3:e8:52:bd:b2:98:48:3a:d6:94:f1:76:f8:82:e5:
2d:7a:24:00:ec:81:13:8b:cd:60:bf:01:dd:92:37:
d8:b4:ae:41:43:49:4e:2f:2c:09:f1:27:3b:10:7c:
04:c5:45:5f:c5:c0:df:93:d3:c4:b1:26:94:13:78:
15:19:79:3d:dd:2e:4b:21:e2:b0:f5:fa:6f:09:86:
68:eb:4d:50:0c:be:51:53:41:9f:6a:51:56:fe:df:
25:71:ab:8c:5a:6a:79:07:d7:9e:c0:18:e3:e0:73:
41:db:e8:14:69:9e:1f:7b:f4:e4:1e:8a:ca:2c:e0:
2d:37:e9:b3:07:da:ec:2c:7b:ca:14:fc:73:2a:7c:
83:98:a1:92:df:10:22:6e:b2:2f:bc:a2:ed:c5:0b:
54:05:74:5c:72:f9:1d:10:c8:f8:f9:97:78:50:33:
b4:e2:92:2b:ac:b7:c2:e1:31:aa:40:39:b5:45:3f:
ce:ec:5a:15:f7:76:be:76:f4:19:a1:09:61:93:a8:
e7:50:a9:a9:99:6e:73:f8:bc:04:c8:ac:b8:20:5a:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:90:7D:0B:00:2E:5E:28:45:A4:98:F3:0F:CA:A5:3C:AC:EA:52:06
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5B9CwAuXihFpJjzD8qlPKzqUgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/23
185.222.30.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:e1:9b:55:4a:67:c0:78:52:ae:17:13:62:19:34:f8:6e:3a:
6d:d8:f6:e4:07:1f:f2:5b:e6:12:05:d6:5b:e6:4b:33:0b:d9:
63:9c:b4:b0:2a:b7:ca:00:1e:48:da:89:19:b4:57:ae:d7:b7:
9e:dc:94:6a:05:69:b7:97:a6:0a:a6:d0:96:1b:8b:63:fd:6f:
94:20:db:b6:7c:30:80:c6:b8:2b:c2:9b:f6:83:b2:b3:af:76:
da:d4:1f:71:64:01:56:46:b9:68:e3:60:7d:b8:74:00:31:53:
66:07:35:13:8e:63:50:4b:e9:49:4c:83:f6:b4:ae:8f:e9:cc:
49:10:b6:62:fc:f3:80:ed:0e:11:1e:bb:22:fa:1b:c2:f5:ee:
b7:90:6b:24:db:3f:8f:e9:34:21:07:4b:e8:c7:80:a7:7f:35:
ec:a6:9d:20:03:e3:56:f3:89:54:2e:8d:1c:2f:28:89:77:ea:
57:b8:ad:2e:57:56:c1:6d:b4:0f:b4:b9:7a:46:b5:6d:40:db:
ce:7b:6a:b3:03:ee:85:7b:f1:0b:34:38:7c:47:69:4e:f7:b8:
09:e4:f5:2a:a4:86:0c:a0:b9:c9:cc:02:d4:01:21:b6:e6:6d:
36:bb:3e:ef:5d:7d:1f:c3:fc:03:cd:68:b7:81:a2:5e:fb:f7:
73:d4:55:fa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYseHUSeGD6LgIWuE739D2ayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDExMDk0MTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkwN2QwYjAwMmU1ZTI4NDVhNDk4ZjMwZmNhYTUzY2FjZWE1MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbwnqN35QHzr2u2EpWWggdXGo6ry
lhzqc0nyQIvVayIolZFPKuI5iTuCXKjD6FK9sphIOtaU8Xb4guUteiQA7IETi81g
vwHdkjfYtK5BQ0lOLywJ8Sc7EHwExUVfxcDfk9PEsSaUE3gVGXk93S5LIeKw9fpv
CYZo601QDL5RU0GfalFW/t8lcauMWmp5B9eewBjj4HNB2+gUaZ4fe/TkHorKLOAt
N+mzB9rsLHvKFPxzKnyDmKGS3xAibrIvvKLtxQtUBXRccvkdEMj4+Zd4UDO04pIr
rLfC4TGqQDm1RT/O7FoV93a+dvQZoQlhk6jnUKmpmW5z+LwEyKy4IFpvJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKOQfQsALl4oRaSY8w/KpTys6lIGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzVCOUN3QXVYaWhGcEpqekQ4cWxQS3pxVWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVoTAwQA
uSTMAwQBuc74AwQAud4eAwQBufB4AwQAufZzMA0GCSqGSIb3DQEBCwUAA4IBAQCc
4ZtVSmfAeFKuFxNiGTT4bjpt2PbkBx/yW+YSBdZb5kszC9ljnLSwKrfKAB5I2okZ
tFeu17ee3JRqBWm3l6YKptCWG4tj/W+UINu2fDCAxrgrwpv2g7Kzr3ba1B9xZAFW
Rrlo42B9uHQAMVNmBzUTjmNQS+lJTIP2tK6P6cxJELZi/POA7Q4RHrsi+hvC9e63
kGsk2z+P6TQhB0vox4CnfzXspp0gA+NW84lULo0cLyiJd+pXuK0uV1bBbbQPtLl6
RrVtQNvOe2qzA+6Fe/ELNDh8R2lO97gJ5PUqpIYMoLnJzALUASG25m02uz7vXX0f
w/wDzWi3gaJe+/dz1FX6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org