Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qTOVx7gkeFu_8DBtHBN38wp5svs.roa
File: qTOVx7gkeFu_8DBtHBN38wp5svs.roa (raw, json)
Hash identifier: XMNBX12tKnHfZ+ZnCz8XKpw4OC3BGIh3fKPaYQev7yg=
Subject key identifier: A9:33:95:C7:B8:24:78:5B:BF:F0:30:6D:1C:13:77:F3:0A:79:B2:FB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AD0A2D7D3ADF4B3D39D374223003476A0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qTOVx7gkeFu_8DBtHBN38wp5svs.roa
Signing time: Tue 26 Sep 2023 08:37:27 +0000
ROA not before: Tue 26 Sep 2023 08:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 15:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:a2:d7:d3:ad:f4:b3:d3:9d:37:42:23:00:34:76:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 26 08:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a93395c7b824785bbff0306d1c1377f30a79b2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a4:fb:c3:12:63:a5:c3:46:c9:15:19:9a:6b:
9a:2f:2b:25:c8:ed:51:61:2f:a0:02:77:64:e3:27:
c7:0d:03:8e:55:9f:79:20:39:c2:09:fb:b0:58:1e:
bc:34:0b:52:bf:a7:9e:3e:6a:25:3b:f0:a1:62:62:
55:29:3b:9c:6e:43:33:56:7e:62:d6:a3:b4:bf:4f:
86:48:d9:d6:4a:4e:94:1f:6c:47:8d:10:94:9b:14:
ba:e0:ad:77:03:41:f9:ad:48:40:be:b5:bc:9e:5d:
6c:51:fa:e8:20:41:0e:1e:45:b7:e7:6d:1c:86:2a:
c8:2e:11:47:4b:2f:40:53:2d:d8:03:e5:46:9a:7a:
1d:9f:46:47:93:f8:12:44:52:4d:bb:91:d3:32:6a:
0a:bc:ce:ba:29:89:2b:48:fe:8c:cf:cf:99:42:a3:
a5:e3:30:20:47:b8:93:36:ea:60:0f:df:16:2b:8c:
02:42:19:c8:ed:69:38:89:ec:12:32:23:98:91:f8:
b6:8f:b8:70:6e:10:24:dd:f9:ba:4f:3a:7a:db:05:
78:55:d2:b8:f8:bd:b0:fd:d3:cf:ee:32:a3:17:23:
da:4d:6b:2f:c8:17:5c:57:6f:22:2e:4e:75:e8:36:
99:ca:f3:eb:c7:49:dd:58:86:7a:76:fd:73:70:13:
b9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:33:95:C7:B8:24:78:5B:BF:F0:30:6D:1C:13:77:F3:0A:79:B2:FB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qTOVx7gkeFu_8DBtHBN38wp5svs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:48:f3:f1:c0:9c:0a:50:6b:37:5d:7d:3c:46:55:69:49:32:
28:ab:9a:c6:d0:e6:0e:3a:d6:20:d4:70:3b:cd:35:ae:3a:fa:
0d:66:ab:0f:81:cf:5d:24:41:b0:c6:ee:d0:62:6e:51:2d:e6:
e1:d3:b3:4e:ef:8e:86:5d:14:a8:57:38:55:06:53:37:e6:67:
ba:b8:14:2a:df:fa:3a:93:e8:ff:4c:6d:48:07:84:5d:4c:42:
68:fb:11:b3:9e:89:48:96:9f:a4:b0:78:6f:d4:71:d5:8b:ce:
2a:e4:18:9c:11:77:7c:68:15:e7:37:cb:d7:be:e1:ed:75:82:
3d:1b:13:81:80:38:21:e0:9d:1c:75:18:9c:16:67:eb:d7:14:
7b:c2:4f:91:fb:19:5c:72:61:ae:c2:e4:d7:52:50:f6:d2:08:
a2:4f:9c:a4:a1:57:06:c5:d6:c8:ad:cb:28:11:c0:57:fe:29:
73:21:ba:ee:70:64:c1:ad:4e:37:b2:f3:0d:62:c0:7e:ed:f0:
d0:52:af:fd:f8:ac:f5:5b:bc:24:6e:2d:f3:02:33:c2:6c:8c:
01:20:1f:d1:6f:a1:3e:37:7e:c2:3f:e2:86:42:a6:4d:f2:24:
2c:95:c5:37:6d:34:45:13:93:19:1f:83:b8:d8:f1:97:f0:58:
2b:30:dd:a0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrQotfTrfSz0503QiMANHagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTI2MDgzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTMzOTVjN2I4MjQ3ODViYmZmMDMwNmQxYzEzNzdmMzBhNzliMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6T7wxJjpcNGyRUZmmuaLyslyO1R
YS+gAndk4yfHDQOOVZ95IDnCCfuwWB68NAtSv6eePmolO/ChYmJVKTucbkMzVn5i
1qO0v0+GSNnWSk6UH2xHjRCUmxS64K13A0H5rUhAvrW8nl1sUfroIEEOHkW3520c
hirILhFHSy9AUy3YA+VGmnodn0ZHk/gSRFJNu5HTMmoKvM66KYkrSP6Mz8+ZQqOl
4zAgR7iTNupgD98WK4wCQhnI7Wk4iewSMiOYkfi2j7hwbhAk3fm6Tzp62wV4VdK4
+L2w/dPP7jKjFyPaTWsvyBdcV28iLk516DaZyvPrx0ndWIZ6dv1zcBO5yQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKkzlce4JHhbv/AwbRwTd/MKebL7MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcVRPVng3Z2tlRnVfOERCdEhCTjM4d3A1c3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
LZPgAwQAud9QAwQBueEAAwQAueEWAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQBrSPPxwJwKUGs3XX08RlVpSTIoq5rG0OYOOtYg1HA7zTWuOvoNZqsPgc9d
JEGwxu7QYm5RLebh07NO746GXRSoVzhVBlM35me6uBQq3/o6k+j/TG1IB4RdTEJo
+xGznolIlp+ksHhv1HHVi84q5BicEXd8aBXnN8vXvuHtdYI9GxOBgDgh4J0cdRic
Fmfr1xR7wk+R+xlccmGuwuTXUlD20giiT5ykoVcGxdbIrcsoEcBX/ilzIbrucGTB
rU43svMNYsB+7fDQUq/9+Kz1W7wkbi3zAjPCbIwBIB/Rb6E+N37CP+KGQqZN8iQs
lcU3bTRFE5MZH4O42PGX8FgrMN2g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org