Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ppzb59kYrzuduc6wPsqlxGuSAR0.roa
File: ppzb59kYrzuduc6wPsqlxGuSAR0.roa (raw, json)
Hash identifier: V5lT4spvq0b4IaA5OJibqjQVGpT5e75vl0ffqEaHwDk=
Subject key identifier: A6:9C:DB:E7:D9:18:AF:3B:9D:B9:CE:B0:3E:CA:A5:C4:6B:92:01:1D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187C1C00CFA6325F1F7EC20A41E3485FB4B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ppzb59kYrzuduc6wPsqlxGuSAR0.roa
Signing time: Thu 27 Apr 2023 08:06:41 +0000
ROA not before: Thu 27 Apr 2023 08:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16628
IP address blocks: 185.218.20.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:c0:0c:fa:63:25:f1:f7:ec:20:a4:1e:34:85:fb:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 27 08:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a69cdbe7d918af3b9db9ceb03ecaa5c46b92011d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b5:3a:03:41:35:29:d8:14:97:a7:e6:9e:c2:
b5:68:8b:8d:42:92:97:9b:59:cc:4c:21:d8:ac:80:
97:50:88:64:c8:ed:61:34:1b:d5:ba:0f:e6:40:37:
74:d2:ee:01:85:fc:11:7d:8e:9a:e1:78:b7:7c:0e:
b6:70:02:eb:4c:89:a2:0a:6e:1e:61:ef:39:35:63:
b1:37:99:7b:ba:49:a6:33:aa:26:b1:20:52:fd:f6:
54:78:8f:bd:67:13:d4:66:d8:f2:4d:20:b7:97:a4:
e5:5f:2f:b1:a6:c6:99:ce:98:f7:f4:29:27:14:11:
d3:18:be:bb:48:e2:ec:33:d1:a1:af:54:a9:33:ce:
3a:3b:b5:62:6d:bf:2d:ea:7c:00:99:67:db:75:e3:
8a:0a:1c:34:1c:54:ca:bb:fd:71:73:4e:33:5a:6c:
53:bb:8e:1d:08:7e:4f:9c:0e:b9:d8:98:ff:ad:dd:
92:56:08:0b:b4:13:19:08:86:99:20:ed:5d:f4:03:
10:ed:b8:6a:1f:65:ca:35:45:42:7d:71:94:61:38:
dd:ec:9a:f3:2f:73:f2:e1:24:73:a7:4d:ea:86:6b:
ea:8a:15:e1:3e:52:d2:cd:6f:a5:a4:7e:99:d8:2f:
ab:1b:dd:78:5b:e5:a3:36:f0:42:41:af:38:42:3a:
01:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9C:DB:E7:D9:18:AF:3B:9D:B9:CE:B0:3E:CA:A5:C4:6B:92:01:1D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ppzb59kYrzuduc6wPsqlxGuSAR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.218.20.0/24
Signature Algorithm: sha256WithRSAEncryption
25:3b:8e:17:36:70:f4:8d:75:c1:c9:ae:22:29:93:d3:b0:ab:
d3:ac:ab:4e:b9:41:90:1a:6e:87:2f:27:6e:8c:23:a8:77:94:
12:07:59:46:b4:cb:4c:04:69:b5:5a:32:14:b0:d2:7d:13:65:
bf:ad:b1:13:71:20:c5:48:62:55:f5:6d:ba:a9:d7:e5:97:9b:
3d:9d:f3:be:bf:49:84:ec:20:3a:db:e6:6c:60:4b:da:c6:5c:
c2:41:32:ad:e9:b5:6e:95:ac:8b:71:b4:51:6a:54:c6:95:b5:
a9:3e:66:fe:d4:92:5a:e3:27:0b:19:f9:24:3d:07:73:e2:b2:
e2:38:35:3c:44:95:3b:f2:85:cd:e8:76:b5:22:a8:73:c3:7b:
40:19:55:a4:75:6e:55:38:0b:45:66:cd:27:37:8e:70:e1:bf:
9e:1c:5a:f7:f0:c8:3a:39:1a:d9:27:9a:36:7e:99:c3:ae:71:
62:a0:98:6e:8a:7d:9e:07:74:b4:f6:d6:c3:a9:c3:4b:2a:27:
4c:2d:7a:3c:a5:1c:15:be:ea:e9:92:02:49:77:da:89:60:a4:
4a:b5:8c:a3:17:2e:32:34:54:b1:33:02:b7:c9:6a:4c:5d:6e:
4e:7e:ed:19:db:bf:3f:70:80:73:37:0f:53:94:ec:ad:6c:82:
76:ef:7f:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfBwAz6YyXx9+wgpB40hftLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDI3MDgwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjljZGJlN2Q5MThhZjNiOWRiOWNlYjAzZWNhYTVjNDZiOTIwMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirU6A0E1KdgUl6fmnsK1aIuNQpKX
m1nMTCHYrICXUIhkyO1hNBvVug/mQDd00u4BhfwRfY6a4Xi3fA62cALrTImiCm4e
Ye85NWOxN5l7ukmmM6omsSBS/fZUeI+9ZxPUZtjyTSC3l6TlXy+xpsaZzpj39Ckn
FBHTGL67SOLsM9Ghr1SpM846O7Vibb8t6nwAmWfbdeOKChw0HFTKu/1xc04zWmxT
u44dCH5PnA652Jj/rd2SVggLtBMZCIaZIO1d9AMQ7bhqH2XKNUVCfXGUYTjd7Jrz
L3Py4SRzp03qhmvqihXhPlLSzW+lpH6Z2C+rG914W+WjNvBCQa84QjoBFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKac2+fZGK87nbnOsD7KpcRrkgEdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcHB6YjU5a1lyenVkdWM2d1BzcWx4R3VTQVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQgVAwQA
udoUMA0GCSqGSIb3DQEBCwUAA4IBAQAlO44XNnD0jXXBya4iKZPTsKvTrKtOuUGQ
Gm6HLydujCOod5QSB1lGtMtMBGm1WjIUsNJ9E2W/rbETcSDFSGJV9W26qdfll5s9
nfO+v0mE7CA62+ZsYEvaxlzCQTKt6bVulayLcbRRalTGlbWpPmb+1JJa4ycLGfkk
PQdz4rLiODU8RJU78oXN6Ha1Iqhzw3tAGVWkdW5VOAtFZs0nN45w4b+eHFr38Mg6
ORrZJ5o2fpnDrnFioJhuin2eB3S09tbDqcNLKidMLXo8pRwVvurpkgJJd9qJYKRK
tYyjFy4yNFSxMwK3yWpMXW5Ofu0Z278/cIBzNw9TlOytbIJ27395
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org