Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5FwIqyTzA0S0bDQ6xbxUxb2bXE.roa
File: o5FwIqyTzA0S0bDQ6xbxUxb2bXE.roa (raw, json)
Hash identifier: C5V+kS5mFAtUucJopm2HswVj0mwkk5ofx0cvLEuA9Hg=
Subject key identifier: A3:91:70:22:AC:93:CC:0D:12:D1:B0:D0:EB:16:F1:53:16:F6:6D:71
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BB8B872F545D50A20A4FCC6D15832A20D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5FwIqyTzA0S0bDQ6xbxUxb2bXE.roa
Signing time: Fri 10 Nov 2023 10:12:57 +0000
ROA not before: Fri 10 Nov 2023 10:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 13 Nov 2023 16:56:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:b8:72:f5:45:d5:0a:20:a4:fc:c6:d1:58:32:a2:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 10 10:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3917022ac93cc0d12d1b0d0eb16f15316f66d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:81:ca:80:bf:e0:c3:df:29:30:ce:2e:6d:f7:
10:39:1f:1f:45:74:2e:56:06:81:38:fe:1e:48:41:
c4:b6:70:87:1e:2b:91:a8:f0:f7:f9:43:c1:45:58:
e4:4f:5a:3c:06:e4:b0:40:f6:e7:5c:7b:bc:7d:30:
70:65:e3:19:b3:c9:0e:46:92:df:5f:70:11:66:11:
6b:63:3a:c8:f6:d3:aa:26:e6:10:78:54:e2:e6:28:
09:14:39:03:69:75:8c:fd:03:63:76:0a:f0:b2:b9:
2b:f9:92:7c:e6:19:29:13:e5:b9:24:0a:3e:e9:09:
e9:c5:2f:5a:6f:d4:7c:ee:b0:21:fb:71:2d:47:39:
e4:95:97:67:ad:da:9c:cd:13:f5:ea:7d:83:88:5c:
8b:78:c2:d4:1d:86:bd:e8:8f:17:fe:e1:66:5b:6e:
b6:38:b2:6f:f9:64:70:26:34:2b:70:bd:c5:08:e8:
55:c6:e4:51:16:5a:59:c9:82:58:3f:a6:2f:c8:a7:
68:1b:7b:ad:dc:fb:19:f5:fe:e6:a5:9a:ce:0e:fe:
9f:dd:17:42:70:8b:fe:ac:ba:d7:88:04:5f:f3:1d:
e5:d2:1e:0c:00:f9:f8:96:2e:11:79:1e:3e:a7:a1:
66:8f:23:e1:39:bd:85:98:29:8b:5c:28:80:cb:3f:
2c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:91:70:22:AC:93:CC:0D:12:D1:B0:D0:EB:16:F1:53:16:F6:6D:71
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o5FwIqyTzA0S0bDQ6xbxUxb2bXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.218.102.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
78:3b:87:ad:be:19:58:c5:36:8b:39:48:1c:1c:30:d7:35:c5:
cc:df:1d:d4:a1:50:6e:32:d6:86:67:7c:5c:39:d6:e7:b8:c7:
2b:d1:ee:ce:a7:bb:ba:25:d0:1a:8c:68:17:49:32:6a:35:f6:
84:1f:90:7f:6f:ee:4f:7a:61:fc:bc:5c:9e:c1:ef:e8:b3:c0:
7b:0e:d2:02:50:e0:cc:e9:27:7b:96:b2:2e:a2:d6:49:1b:b2:
95:4a:9c:9d:48:5f:42:32:6f:c5:22:91:8f:8f:df:fc:34:6d:
36:6f:fe:83:3b:0d:f8:27:b4:3d:3c:43:04:22:c5:41:93:c1:
75:6d:6d:e1:6c:86:bc:d2:d2:68:4e:84:1b:f9:19:de:e6:6c:
f4:08:da:4e:e6:53:23:c5:09:fe:90:3a:9d:b8:de:a8:be:a2:
50:04:ae:98:fd:0d:5e:7c:7d:b1:69:42:d3:6b:28:7b:7f:39:
90:6e:bc:ee:ac:71:15:4f:d6:fa:b5:8e:18:ce:f2:a7:ff:07:
65:c3:e6:aa:2b:83:da:89:45:80:16:af:bc:a0:77:86:89:cd:
60:9a:6f:6c:2e:28:ad:d3:92:9b:b6:47:2c:23:04:c1:91:37:
15:08:75:8a:86:81:32:f8:45:d2:2c:40:06:a0:ec:fa:c3:80:
16:ac:97:55
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYu4uHL1RdUKIKT8xtFYMqINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTEwMTAxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkxNzAyMmFjOTNjYzBkMTJkMWIwZDBlYjE2ZjE1MzE2ZjY2ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoHKgL/gw98pMM4ubfcQOR8fRXQu
VgaBOP4eSEHEtnCHHiuRqPD3+UPBRVjkT1o8BuSwQPbnXHu8fTBwZeMZs8kORpLf
X3ARZhFrYzrI9tOqJuYQeFTi5igJFDkDaXWM/QNjdgrwsrkr+ZJ85hkpE+W5JAo+
6QnpxS9ab9R87rAh+3EtRznklZdnrdqczRP16n2DiFyLeMLUHYa96I8X/uFmW262
OLJv+WRwJjQrcL3FCOhVxuRRFlpZyYJYP6YvyKdoG3ut3PsZ9f7mpZrODv6f3RdC
cIv+rLrXiARf8x3l0h4MAPn4li4ReR4+p6FmjyPhOb2FmCmLXCiAyz8sjwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKORcCKsk8wNEtGw0OsW8VMW9m1xMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzVGd0lxeVR6QTBTMGJEUTZ4YnhVeGIyYlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LZPgAwQAudEmAwQAudpmAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQBueOSAwQA
ufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQB4O4etvhlYxTaLOUgcHDDXNcXM
3x3UoVBuMtaGZ3xcOdbnuMcr0e7Op7u6JdAajGgXSTJqNfaEH5B/b+5PemH8vFye
we/os8B7DtICUODM6Sd7lrIuotZJG7KVSpydSF9CMm/FIpGPj9/8NG02b/6DOw34
J7Q9PEMEIsVBk8F1bW3hbIa80tJoToQb+Rne5mz0CNpO5lMjxQn+kDqduN6ovqJQ
BK6Y/Q1efH2xaULTayh7fzmQbrzurHEVT9b6tY4YzvKn/wdlw+aqK4PaiUWAFq+8
oHeGic1gmm9sLiit05KbtkcsIwTBkTcVCHWKhoEy+EXSLEAGoOz6w4AWrJdV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org