Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qnYB1w0Ac9AMtKLq7kOEQozEDa8.roa
File: qnYB1w0Ac9AMtKLq7kOEQozEDa8.roa (raw, json)
Hash identifier: /zM3NIHLSz4AN9L1JjlDTrVOH9VuKdtML5k8Ath+tf0=
Subject key identifier: AA:76:01:D7:0D:00:73:D0:0C:B4:A2:EA:EE:43:84:42:8C:C4:0D:AF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BD4A04DFD017B54B9DE97CDBB58B79303
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qnYB1w0Ac9AMtKLq7kOEQozEDa8.roa
Signing time: Wed 15 Nov 2023 20:15:57 +0000
ROA not before: Wed 15 Nov 2023 20:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.222.30.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
45.90.16.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Nov 2023 17:11:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:a0:4d:fd:01:7b:54:b9:de:97:cd:bb:58:b7:93:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 15 20:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa7601d70d0073d00cb4a2eaee4384428cc40daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:11:c3:c0:ff:57:4c:d3:f7:3c:cb:46:54:71:
fe:da:3a:92:b5:29:70:12:cf:be:06:39:a9:bc:63:
4b:46:12:cf:e7:95:78:0e:10:7c:f5:6d:84:c8:e6:
3e:8b:47:23:ca:97:41:34:68:3d:1b:08:cc:16:86:
91:90:ec:bb:fc:fc:cf:d0:ec:8a:9d:31:27:29:28:
a2:47:09:7d:0e:25:24:59:f6:56:fa:ca:68:c0:ec:
97:81:d6:65:8f:ba:b8:01:15:ee:3e:f4:4d:69:2a:
24:5c:15:f4:93:ac:b3:e8:2a:ed:71:f0:82:48:6a:
fb:c3:59:f6:c1:64:49:53:cd:28:63:97:a7:fd:74:
be:16:33:d8:47:a8:98:af:8b:65:33:57:e4:8e:35:
f3:14:57:dd:dd:cb:e6:5b:23:62:92:46:53:5b:a9:
0c:32:3b:1f:3f:9a:7a:84:e3:37:c8:11:ca:fa:04:
7a:fe:a1:8c:1e:7a:b7:55:95:b7:84:1f:95:af:bc:
c1:f3:df:45:f5:86:6b:b5:06:62:d7:3e:d0:1a:ef:
df:2f:11:cb:9f:7f:bc:11:20:4e:92:3e:31:99:24:
be:8e:64:56:20:5f:9f:39:c4:43:7d:78:27:1b:dd:
cc:c5:36:c6:b2:d5:e6:e5:dc:3b:b5:6e:5b:e1:bb:
bc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:76:01:D7:0D:00:73:D0:0C:B4:A2:EA:EE:43:84:42:8C:C4:0D:AF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qnYB1w0Ac9AMtKLq7kOEQozEDa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.90.16.0/24
45.147.224.0/24
185.209.38.0/24
185.220.250.0/23
185.222.30.0/23
185.223.80.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
32:e4:ca:66:50:03:c2:5b:c3:46:72:1b:a4:7a:3f:5e:0d:5b:
4f:5b:0e:8d:65:a6:47:a0:19:99:1a:af:f9:20:82:9f:fc:59:
7d:79:c9:c1:d1:00:88:0d:a9:ad:86:6b:0a:09:3b:bc:3a:a5:
6d:45:05:2c:ad:8d:cb:22:d8:75:2b:3e:d5:f8:1b:1d:71:1e:
19:b5:c3:fc:b0:23:4d:63:3c:8d:82:79:3a:ab:f7:90:f8:38:
5c:68:0d:99:e3:cd:ad:da:59:1d:fa:d3:02:74:32:47:b9:a2:
14:be:13:42:ce:a3:92:97:be:f4:b5:d1:bd:35:0c:04:81:81:
36:f9:bf:a1:44:f1:59:e0:6e:f7:25:8f:78:76:5d:ce:f5:cc:
9c:90:8d:48:df:2d:71:5c:1a:b5:3a:46:c1:91:96:84:95:18:
8b:58:8d:ad:98:23:c2:21:b7:d2:d4:64:3d:cd:d7:85:5b:96:
27:7f:dc:09:9f:5d:57:fa:68:d9:dc:dd:e6:f6:4b:2b:2a:48:
cb:fc:78:9e:f7:40:04:a8:61:97:a5:6d:59:16:d2:e7:d0:32:
7d:cc:f6:bb:bc:bb:e8:03:6f:f2:a7:b6:05:ef:71:bc:dc:41:
61:de:d5:26:48:4d:cb:f3:82:bb:da:3e:05:d5:fc:ba:5a:44:
23:80:9f:d7
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYvUoE39AXtUud6XzbtYt5MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTE1MjAxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc2MDFkNzBkMDA3M2QwMGNiNGEyZWFlZTQzODQ0MjhjYzQwZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBHDwP9XTNP3PMtGVHH+2jqStSlw
Es++BjmpvGNLRhLP55V4DhB89W2EyOY+i0cjypdBNGg9GwjMFoaRkOy7/PzP0OyK
nTEnKSiiRwl9DiUkWfZW+spowOyXgdZlj7q4ARXuPvRNaSokXBX0k6yz6CrtcfCC
SGr7w1n2wWRJU80oY5en/XS+FjPYR6iYr4tlM1fkjjXzFFfd3cvmWyNikkZTW6kM
MjsfP5p6hOM3yBHK+gR6/qGMHnq3VZW3hB+Vr7zB899F9YZrtQZi1z7QGu/fLxHL
n3+8ESBOkj4xmSS+jmRWIF+fOcRDfXgnG93MxTbGstXm5dw7tW5b4bu8twIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKp2AdcNAHPQDLSi6u5DhEKMxA2vMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcW5ZQjF3MEFjOUFNdEtMcTdrT0VRb3pFRGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LVoQAwQALZPgAwQAudEmAwQBudz6AwQBud4eAwQAud9QAwQBueEAAwQBueOSAwQA
ufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQAy5MpmUAPCW8NGchukej9eDVtP
Ww6NZaZHoBmZGq/5IIKf/Fl9ecnB0QCIDamthmsKCTu8OqVtRQUsrY3LIth1Kz7V
+BsdcR4ZtcP8sCNNYzyNgnk6q/eQ+DhcaA2Z482t2lkd+tMCdDJHuaIUvhNCzqOS
l770tdG9NQwEgYE2+b+hRPFZ4G73JY94dl3O9cyckI1I3y1xXBq1OkbBkZaElRiL
WI2tmCPCIbfS1GQ9zdeFW5Ynf9wJn11X+mjZ3N3m9ksrKkjL/Hie90AEqGGXpW1Z
FtLn0DJ9zPa7vLvoA2/yp7YF73G83EFh3tUmSE3L84K72j4F1fy6WkQjgJ/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org