Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/orNYgkinyvyUCaAtisGkSZHu5m8.roa
File: orNYgkinyvyUCaAtisGkSZHu5m8.roa (raw, json)
Hash identifier: dfhxhb9e5Xw4WZCaQ+f5xl3/4R+FKUzlAtwygIK0+LA=
Subject key identifier: A2:B3:58:82:48:A7:CA:FC:94:09:A0:2D:8A:C1:A4:49:91:EE:E6:6F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019049F72F76DB3B7277DD5C5B8F3E04CD0A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/orNYgkinyvyUCaAtisGkSZHu5m8.roa
Signing time: Mon 24 Jun 2024 11:17:34 +0000
ROA not before: Mon 24 Jun 2024 11:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.234.20.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 09:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:f7:2f:76:db:3b:72:77:dd:5c:5b:8f:3e:04:cd:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 24 11:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2b3588248a7cafc9409a02d8ac1a44991eee66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fe:31:43:12:13:7f:cd:32:94:30:78:3b:30:
ef:fe:26:11:dd:9f:51:db:ad:1a:2a:c2:e2:f4:15:
7d:46:bf:ff:00:68:a1:23:5d:eb:65:48:fe:90:30:
fa:f4:c8:fa:b9:41:71:23:9e:48:75:da:9a:3e:4d:
55:56:b1:4e:c8:57:b5:2e:53:32:7d:e4:04:41:67:
bb:5a:78:dd:97:d3:b0:99:a4:e4:b1:a2:60:3b:2e:
a0:9a:19:f5:a2:6a:60:aa:18:24:34:5b:b1:af:dc:
bd:e9:aa:5f:2d:e1:ed:70:ee:bc:0a:32:30:81:f4:
d6:18:7c:63:51:b2:8e:8a:bb:14:e3:4e:b3:d8:aa:
9d:dd:9a:60:d3:92:f1:0d:2c:69:16:53:de:23:6d:
a9:df:3e:f4:15:34:d7:92:18:36:f7:8c:8e:7a:9e:
8d:54:06:09:fd:0c:b5:ac:13:74:6d:4a:cb:dd:78:
9e:4f:c6:07:ed:46:58:a8:d1:65:1c:98:72:53:e9:
de:a7:a3:67:a6:9c:d7:7d:75:42:2b:d8:75:51:fd:
39:98:32:af:a0:9d:bd:27:4f:72:0f:2d:03:9c:cf:
d4:63:4d:fa:c1:bc:d6:59:70:05:bf:26:0c:3d:38:
9a:e8:4e:48:5b:d8:d6:71:6a:a4:c6:39:84:76:80:
f0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B3:58:82:48:A7:CA:FC:94:09:A0:2D:8A:C1:A4:49:91:EE:E6:6F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/orNYgkinyvyUCaAtisGkSZHu5m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.234.20.0/24
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
30:f5:bc:5f:3b:28:a1:b9:43:0f:b9:71:6d:6a:c4:43:4f:d0:
1f:e1:65:20:7d:d6:70:db:87:eb:18:7b:3d:78:ff:74:cf:8a:
3f:eb:45:3b:f7:ca:7c:9c:72:04:6a:f4:04:8e:5e:65:19:ee:
fd:78:ee:45:7a:57:bc:53:45:88:44:f5:b5:d7:61:e1:f6:b9:
5f:4d:2e:0c:df:01:cf:6f:99:9b:e3:bc:b1:9e:82:49:68:04:
93:c4:93:7a:10:2a:f3:44:3a:57:6c:b6:f1:3f:4b:ec:43:e9:
a5:d2:5b:9d:59:b2:b9:9e:a3:73:a3:72:b3:23:10:0e:aa:c0:
46:39:c6:18:c5:be:b2:b1:1d:a5:17:1f:42:14:c9:b8:0b:6f:
bb:b9:9d:30:4b:f2:7a:45:3a:fc:90:4c:61:5c:8a:2e:a5:30:
a2:3a:ce:61:99:8b:34:11:4f:d7:13:3b:cd:50:8f:c3:c6:09:
28:fc:51:b9:cc:ca:67:e1:d7:61:c3:73:10:d0:a3:bc:38:1c:
e3:40:80:f7:a6:bc:6a:0f:b9:cc:ec:e1:22:e1:b8:f6:70:14:
e1:bc:4e:cf:a2:70:c4:e3:d9:42:5c:61:e1:74:c7:e8:43:45:
0d:77:c5:74:ae:d6:2f:d1:ce:4f:fa:4d:cc:23:ad:3f:10:e8:
37:8e:c1:30
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZBJ9y922ztyd91cW48+BM0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjI0MTExNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmIzNTg4MjQ4YTdjYWZjOTQwOWEwMmQ4YWMxYTQ0OTkxZWVlNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP4xQxITf80ylDB4OzDv/iYR3Z9R
260aKsLi9BV9Rr//AGihI13rZUj+kDD69Mj6uUFxI55IddqaPk1VVrFOyFe1LlMy
feQEQWe7Wnjdl9OwmaTksaJgOy6gmhn1ompgqhgkNFuxr9y96apfLeHtcO68CjIw
gfTWGHxjUbKOirsU406z2Kqd3Zpg05LxDSxpFlPeI22p3z70FTTXkhg294yOep6N
VAYJ/Qy1rBN0bUrL3XieT8YH7UZYqNFlHJhyU+nep6NnppzXfXVCK9h1Uf05mDKv
oJ29J09yDy0DnM/UY036wbzWWXAFvyYMPTia6E5IW9jWcWqkxjmEdoDwyQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKKzWIJIp8r8lAmgLYrBpEmR7uZvMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvb3JOWWdraW55dnlVQ2FBdGlzR2tTWkh1NW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAueoUAwQAufvmAwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQAw9bxfOyihuUMPuXFtasRDT9Af4WUgfdZw24frGHs9
eP90z4o/60U798p8nHIEavQEjl5lGe79eO5Fele8U0WIRPW112Hh9rlfTS4M3wHP
b5mb47yxnoJJaASTxJN6ECrzRDpXbLbxP0vsQ+ml0ludWbK5nqNzo3KzIxAOqsBG
OcYYxb6ysR2lFx9CFMm4C2+7uZ0wS/J6RTr8kExhXIoupTCiOs5hmYs0EU/XEzvN
UI/Dxgko/FG5zMpn4ddhw3MQ0KO8OBzjQID3prxqD7nM7OEi4bj2cBThvE7PonDE
49lCXGHhdMfoQ0UNd8V0rtYv0c5P+k3MI60/EOg3jsEw
-----END CERTIFICATE-----
Generated at Tue Jun 25 13:08:05 2024 by rpki-client on console-ams.rpki-client.org