Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pbFUL6MblDZJ2czX72Nu6UckNuA.roa
File: pbFUL6MblDZJ2czX72Nu6UckNuA.roa (raw, json)
Hash identifier: sv22CeTMkJtOVwLYHzqju5jU+n54SzoYRkxzwfcpt3U=
Subject key identifier: A5:B1:54:2F:A3:1B:94:36:49:D9:CC:D7:EF:63:6E:E9:47:24:36:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01902AE60068C76203B705DD5BCD03657428
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pbFUL6MblDZJ2czX72Nu6UckNuA.roa
Signing time: Tue 18 Jun 2024 10:30:34 +0000
ROA not before: Tue 18 Jun 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 11:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:e6:00:68:c7:62:03:b7:05:dd:5b:cd:03:65:74:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 18 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5b1542fa31b943649d9ccd7ef636ee9472436e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:59:3c:e4:53:b9:d9:73:40:5d:f0:55:db:74:
52:cd:24:51:c6:cb:e0:3f:88:c5:5b:8d:7a:c8:cd:
a4:52:ab:9c:7d:e2:37:8e:be:a8:3f:e3:9d:d8:e4:
47:40:24:37:1c:39:4d:c7:33:3c:1b:b2:17:e0:02:
d3:1b:b1:63:26:f2:21:f5:8d:05:d5:5b:fe:1a:1f:
87:ab:b6:87:35:42:3a:ab:d0:e3:77:34:cd:70:58:
06:18:46:a1:97:8f:1d:ff:6c:eb:9a:96:aa:5f:19:
84:c4:b8:9c:d6:5a:1a:23:94:b9:e1:1b:35:fa:21:
fb:92:30:73:6a:cb:ec:f5:9e:5c:87:ab:d2:db:36:
db:62:44:f7:85:03:e5:f3:83:c1:ec:d1:7e:94:eb:
d4:a8:f1:74:86:94:bc:40:b9:b8:44:d6:67:be:d4:
64:7f:10:2b:55:45:71:3c:68:40:67:be:74:9c:83:
91:17:f6:af:98:83:f9:19:a0:24:a8:91:8a:28:67:
db:75:7d:e5:c7:1e:c0:30:e8:41:44:c5:f2:7e:a3:
f6:5e:21:b0:30:36:7e:60:06:a2:35:b2:37:5a:c8:
73:83:0e:18:94:2e:a1:a8:d9:21:b5:af:9e:68:7c:
a4:e5:9a:07:62:66:8d:3e:89:d4:74:25:0e:b0:23:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B1:54:2F:A3:1B:94:36:49:D9:CC:D7:EF:63:6E:E9:47:24:36:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pbFUL6MblDZJ2czX72Nu6UckNuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.226.104.0/24
185.227.146.0/23
185.251.230.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
30:5b:f5:3e:79:81:b3:48:9d:d9:c5:64:69:a2:e2:ab:ae:c7:
76:87:64:2e:a9:c2:ae:84:b4:d0:f9:ce:aa:94:e9:77:d2:5f:
61:02:9d:ab:e8:6f:d0:57:2b:3b:4c:9a:bf:84:8e:85:dd:1d:
38:89:5f:59:64:8a:67:ee:40:7e:d3:af:5f:50:b3:05:12:18:
07:bf:7f:6b:f0:52:8c:1f:7c:8f:bc:3c:d9:c1:8c:b4:53:81:
31:27:ad:7f:a0:8d:e9:0d:5d:c8:5c:a0:20:3f:97:67:d6:76:
92:59:dc:af:1f:6d:dd:2c:22:d1:56:eb:a8:3f:c4:09:eb:db:
89:dd:a9:af:99:94:32:c2:56:eb:aa:f1:79:b6:87:d5:5c:a6:
35:72:2a:39:b8:cb:bf:dc:34:4b:d7:95:f9:9c:27:ab:86:35:
73:b2:f9:9f:0b:30:3f:a2:65:74:a0:e8:04:e8:ae:6c:c4:5f:
9d:3b:2b:53:b2:24:82:f7:7f:4c:51:79:77:a6:1a:fa:b2:cc:
a9:31:05:bb:1f:dc:52:07:f0:7b:ae:59:a9:d2:2e:51:91:a5:
3e:11:93:29:74:1a:7f:4a:02:5b:6c:01:39:01:69:48:af:c1:
43:ce:11:ef:ae:14:13:e4:70:35:a2:61:71:e7:64:94:49:c4:
d4:62:a1:8c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZAq5gBox2IDtwXdW80DZXQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNjE4MTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIxNTQyZmEzMWI5NDM2NDlkOWNjZDdlZjYzNmVlOTQ3MjQzNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVk85FO52XNAXfBV23RSzSRRxsvg
P4jFW416yM2kUqucfeI3jr6oP+Od2ORHQCQ3HDlNxzM8G7IX4ALTG7FjJvIh9Y0F
1Vv+Gh+Hq7aHNUI6q9DjdzTNcFgGGEahl48d/2zrmpaqXxmExLic1loaI5S54Rs1
+iH7kjBzasvs9Z5ch6vS2zbbYkT3hQPl84PB7NF+lOvUqPF0hpS8QLm4RNZnvtRk
fxArVUVxPGhAZ750nIORF/avmIP5GaAkqJGKKGfbdX3lxx7AMOhBRMXyfqP2XiGw
MDZ+YAaiNbI3Wshzgw4YlC6hqNkhta+eaHyk5ZoHYmaNPonUdCUOsCNJhwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKWxVC+jG5Q2SdnM1+9jbulHJDbgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcGJGVUw2TWJsRFpKMmN6WDcyTnU2VWNrTnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQAueJoAwQBueOSAwQAufvmAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQAwW/U+eYGzSJ3ZxWRpouKrrsd2h2QuqcKuhLTQ+c6qlOl30l9h
Ap2r6G/QVys7TJq/hI6F3R04iV9ZZIpn7kB+069fULMFEhgHv39r8FKMH3yPvDzZ
wYy0U4ExJ61/oI3pDV3IXKAgP5dn1naSWdyvH23dLCLRVuuoP8QJ69uJ3amvmZQy
wlbrqvF5tofVXKY1cio5uMu/3DRL15X5nCerhjVzsvmfCzA/omV0oOgE6K5sxF+d
OytTsiSC939MUXl3phr6ssypMQW7H9xSB/B7rlmp0i5RkaU+EZMpdBp/SgJbbAE5
AWlIr8FDzhHvrhQT5HA1omFx52SUScTUYqGM
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:20 2024 by rpki-client on console-ams.rpki-client.org