Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/snvx7RsMsLf1QeBmhx27qOxQDYM.roa
File: snvx7RsMsLf1QeBmhx27qOxQDYM.roa (raw, json)
Hash identifier: H63zHgJEpAC3dV7Clvr3nXqr2Y9E2AyeAQpe6BV6xIQ=
Subject key identifier: B2:7B:F1:ED:1B:0C:B0:B7:F5:41:E0:66:87:1D:BB:A8:EC:50:0D:83
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D523A77DB75117177F506332B2223D484
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/snvx7RsMsLf1QeBmhx27qOxQDYM.roa
Signing time: Sun 28 Jan 2024 22:39:39 +0000
ROA not before: Sun 28 Jan 2024 22:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.251.229.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 10:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:52:3a:77:db:75:11:71:77:f5:06:33:2b:22:23:d4:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 28 22:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b27bf1ed1b0cb0b7f541e066871dbba8ec500d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:3b:d5:f7:be:86:7f:a6:cd:e2:41:a5:af:
6e:0a:66:02:cc:c9:32:95:2b:bd:26:a1:2c:9f:84:
1e:96:18:30:be:b4:85:8e:37:39:5b:18:d4:4c:2a:
9b:7e:41:3e:d9:ed:fd:38:cd:55:31:4f:a9:a1:26:
0f:10:85:f6:81:f6:48:98:31:e7:a3:74:3c:ba:ab:
fc:67:f2:17:26:b9:2f:6f:40:1f:da:8d:00:1f:3c:
4c:0e:99:d3:42:64:63:cf:a4:41:a3:8f:9e:d9:91:
32:66:24:a2:32:a7:98:02:86:d8:20:b7:37:17:ed:
a0:53:75:8b:d0:50:2c:68:32:6c:3d:ed:b6:23:c9:
5b:bc:5f:c8:de:00:91:32:68:10:98:ce:d8:2e:31:
44:6d:04:6c:63:bd:18:af:42:f3:bb:8c:9d:c7:36:
29:51:6c:09:4b:e4:f1:9f:d7:45:ab:51:ac:1d:ae:
d5:ad:1b:af:5a:61:7f:c0:40:24:96:f7:86:d8:35:
cc:90:11:53:35:54:e1:e3:bb:9c:cb:50:0e:08:01:
ac:a8:72:a0:52:46:77:45:d4:2a:ae:72:d3:95:37:
b1:0e:35:b8:00:da:b9:49:9d:cd:33:bc:e3:61:fe:
c2:48:d7:b3:ae:cd:ec:bd:4b:04:65:41:51:e2:ed:
00:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7B:F1:ED:1B:0C:B0:B7:F5:41:E0:66:87:1D:BB:A8:EC:50:0D:83
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/snvx7RsMsLf1QeBmhx27qOxQDYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
99:fb:c9:81:38:17:dc:7b:41:c7:a4:d4:8b:ed:4e:f6:2d:58:
0e:44:a3:3c:d7:14:e2:8e:d9:e4:b8:bf:b2:79:af:06:e4:e9:
e5:5f:17:71:c1:11:dd:8a:ee:5e:76:b9:6d:5e:2b:38:ee:9c:
3f:00:cd:8e:4c:a6:4a:d2:69:05:e7:71:e5:f1:4f:a2:d5:3c:
ea:6f:0b:82:05:76:4d:55:35:9d:cf:7e:68:bf:3c:9a:47:95:
09:1a:ff:65:af:22:ec:02:29:cc:18:72:db:e3:67:06:81:04:
5a:79:fa:5f:30:46:57:40:b2:d5:c2:ec:4b:2c:41:24:3d:b0:
45:23:64:a9:6e:03:24:9b:a4:71:bc:de:bc:72:ea:ec:48:87:
44:4e:18:12:4c:1f:07:e3:a8:63:e7:11:ed:d0:ff:25:95:5c:
3b:80:c6:e7:2e:bf:c4:cc:e3:29:e2:5f:9d:2e:80:20:43:c7:
6f:bb:98:60:cc:85:7d:3c:b9:30:86:21:7d:3a:fb:df:cb:9b:
9f:25:75:0d:bc:c0:87:9b:58:2e:51:eb:b2:00:ac:2d:16:8d:
74:bf:71:76:8c:db:f5:b6:01:62:30:c5:03:74:84:40:8d:e3:
f2:05:3e:c7:68:5f:57:a7:21:a8:64:5a:c4:39:b5:fe:d5:72:
8d:40:df:9c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY1SOnfbdRFxd/UGMysiI9SEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTI4MjIzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdiZjFlZDFiMGNiMGI3ZjU0MWUwNjY4NzFkYmJhOGVjNTAwZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOs71fe+hn+mzeJBpa9uCmYCzMky
lSu9JqEsn4QelhgwvrSFjjc5WxjUTCqbfkE+2e39OM1VMU+poSYPEIX2gfZImDHn
o3Q8uqv8Z/IXJrkvb0Af2o0AHzxMDpnTQmRjz6RBo4+e2ZEyZiSiMqeYAobYILc3
F+2gU3WL0FAsaDJsPe22I8lbvF/I3gCRMmgQmM7YLjFEbQRsY70Yr0Lzu4ydxzYp
UWwJS+Txn9dFq1GsHa7VrRuvWmF/wEAklveG2DXMkBFTNVTh47ucy1AOCAGsqHKg
UkZ3RdQqrnLTlTexDjW4ANq5SZ3NM7zjYf7CSNezrs3svUsEZUFR4u0AhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLJ78e0bDLC39UHgZocdu6jsUA2DMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvc252eDdSc01zTGYxUWVCbWh4MjdxT3hRRFlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCZ+8mBOBfce0HHpNSL7U72LVgORKM81xTijtnkuL+yea8G5OnlXxdxwRHd
iu5edrltXis47pw/AM2OTKZK0mkF53Hl8U+i1TzqbwuCBXZNVTWdz35ovzyaR5UJ
Gv9lryLsAinMGHLb42cGgQRaefpfMEZXQLLVwuxLLEEkPbBFI2SpbgMkm6RxvN68
cursSIdEThgSTB8H46hj5xHt0P8llVw7gMbnLr/EzOMp4l+dLoAgQ8dvu5hgzIV9
PLkwhiF9Ovvfy5ufJXUNvMCHm1guUeuyAKwtFo10v3F2jNv1tgFiMMUDdIRAjePy
BT7HaF9XpyGoZFrEObX+1XKNQN+c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org