Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pdmOIamo3DA5JN1_ZwH1UVT7jxQ.roa
File: pdmOIamo3DA5JN1_ZwH1UVT7jxQ.roa (raw, json)
Hash identifier: YxHcjYmA2xTlV2dSVVTVJNqgMlk/r3ED5aqL+uB7Q8k=
Subject key identifier: A5:D9:8E:21:A9:A8:DC:30:39:24:DD:7F:67:01:F5:51:54:FB:8F:14
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018C6D45E4AFEB4564D655B030D9A616C1F1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pdmOIamo3DA5JN1_ZwH1UVT7jxQ.roa
Signing time: Fri 15 Dec 2023 11:39:06 +0000
ROA not before: Fri 15 Dec 2023 11:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 17 Dec 2023 21:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:45:e4:af:eb:45:64:d6:55:b0:30:d9:a6:16:c1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 15 11:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5d98e21a9a8dc303924dd7f6701f55154fb8f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:00:5f:21:7c:7d:b8:ed:1e:71:39:91:ae:94:
22:56:46:33:ac:a8:92:f9:4e:aa:7b:ca:1d:d0:be:
8b:14:b9:9c:8a:78:32:99:c3:fd:2a:f4:cd:2a:1d:
69:f3:b9:35:b2:7c:fe:67:69:66:4c:6b:f7:9f:00:
72:ea:65:b8:14:aa:5a:9f:30:8d:50:82:f5:8d:8f:
8e:70:a0:d8:ab:e2:91:63:3c:cf:f5:89:08:f2:eb:
dc:7e:49:7d:c1:ba:0e:4a:95:37:62:4c:79:36:f7:
86:c7:75:c6:a6:33:d1:1d:cf:e2:b5:d2:8b:10:1b:
68:a6:61:46:cc:36:99:82:b6:ce:14:35:b3:aa:1a:
bf:ad:3d:be:e8:04:fc:9a:33:6c:76:02:90:7d:07:
0f:c7:d0:5f:4e:3c:3d:51:83:f0:b5:43:c3:34:d2:
dc:e2:9a:f2:10:5e:4f:00:d0:15:48:63:34:c4:a9:
76:cf:68:7f:b4:b5:79:2f:02:84:8d:2e:ee:a2:6b:
d1:d3:14:34:16:1a:7b:e9:cb:be:93:14:e3:ef:f9:
54:c9:5e:b8:7a:ac:e2:1e:d7:1c:f5:38:09:3f:df:
c5:4a:f0:b3:7f:b4:b5:7b:c9:7a:41:15:0d:91:16:
c9:0f:44:55:6c:49:12:98:9c:79:35:da:0d:1e:bf:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D9:8E:21:A9:A8:DC:30:39:24:DD:7F:67:01:F5:51:54:FB:8F:14
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pdmOIamo3DA5JN1_ZwH1UVT7jxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.249.0-185.220.251.255
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
92:d5:96:1b:23:45:a4:de:25:b5:3a:d6:80:77:55:54:79:30:
96:7d:1e:11:9e:fb:a5:1f:39:49:e8:43:93:5a:e6:b7:36:ca:
62:f6:7d:7d:bd:67:45:70:25:c7:ef:7c:5c:4e:ef:dc:e1:2f:
9c:07:91:e8:d5:47:f3:68:3c:9c:b1:b5:3f:01:70:04:7c:6b:
17:33:d8:10:bc:a5:ab:85:01:39:5f:76:0b:e7:dd:23:f4:d0:
84:19:0b:fd:77:71:dc:63:1d:ad:91:99:93:81:fe:6a:7e:89:
37:a0:ee:69:d1:fd:c9:3d:e7:50:d6:d6:c0:e8:f9:17:ad:d8:
47:63:2e:fd:cb:67:bc:52:f1:0f:0b:d8:6c:8e:d2:f4:a7:78:
d8:03:02:49:72:13:5b:c1:8a:a8:84:99:0f:3a:e5:5c:cf:b7:
96:a7:f7:19:4e:2f:bf:77:05:8d:5b:4d:d1:71:7e:c6:a9:f1:
5c:6d:c2:64:c6:9e:a0:db:c6:18:b1:14:8e:4d:76:e8:ea:a9:
b0:c3:8e:4a:fc:06:64:ea:73:6f:00:58:78:7c:f7:38:3f:35:
13:a7:63:4f:20:6e:20:f2:c3:33:26:c2:3f:6c:ac:3e:b5:92:
84:46:58:cd:fa:9f:97:04:b7:cf:5e:2f:4d:d5:0b:3b:99:19:
05:d3:32:38
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYxtReSv60Vk1lWwMNmmFsHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjE1MTEzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ5OGUyMWE5YThkYzMwMzkyNGRkN2Y2NzAxZjU1MTU0ZmI4ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ABfIXx9uO0ecTmRrpQiVkYzrKiS
+U6qe8od0L6LFLmcingymcP9KvTNKh1p87k1snz+Z2lmTGv3nwBy6mW4FKpanzCN
UIL1jY+OcKDYq+KRYzzP9YkI8uvcfkl9wboOSpU3Ykx5NveGx3XGpjPRHc/itdKL
EBtopmFGzDaZgrbOFDWzqhq/rT2+6AT8mjNsdgKQfQcPx9BfTjw9UYPwtUPDNNLc
4pryEF5PANAVSGM0xKl2z2h/tLV5LwKEjS7uomvR0xQ0Fhp76cu+kxTj7/lUyV64
eqziHtcc9TgJP9/FSvCzf7S1e8l6QRUNkRbJD0RVbEkSmJx5NdoNHr+cVwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKXZjiGpqNwwOSTdf2cB9VFU+48UMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcGRtT0lhbW8zREE1Sk4xX1p3SDFVVlQ3anhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQgVMAwD
BAC53PkDBAK53PgDBAC531IDBAG54QADBAG545IDBAC5++UDBAC5++cDBAHBOpIw
DQYJKoZIhvcNAQELBQADggEBAJLVlhsjRaTeJbU61oB3VVR5MJZ9HhGe+6UfOUno
Q5Na5rc2ymL2fX29Z0VwJcfvfFxO79zhL5wHkejVR/NoPJyxtT8BcAR8axcz2BC8
pauFATlfdgvn3SP00IQZC/13cdxjHa2RmZOB/mp+iTeg7mnR/ck951DW1sDo+Ret
2EdjLv3LZ7xS8Q8L2GyO0vSneNgDAklyE1vBiqiEmQ865VzPt5an9xlOL793BY1b
TdFxfsap8VxtwmTGnqDbxhixFI5NdujqqbDDjkr8BmTqc28AWHh89zg/NROnY08g
biDywzMmwj9srD61koRGWM36n5cEt89eL03VCzuZGQXTMjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org