Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tMRFLf0x1N5ykveSZWxdWtbrC0M.roa
File: tMRFLf0x1N5ykveSZWxdWtbrC0M.roa (raw, json)
Hash identifier: jt3FcNUMs63bi4iEwGgYQ1K3Qt8NRatXM3+aPR/jU0A=
Subject key identifier: B4:C4:45:2D:FD:31:D4:DE:72:92:F7:92:65:6C:5D:5A:D6:EB:0B:43
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A28DAC29F6EBE32D9D5AEE85D5F9322F8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tMRFLf0x1N5ykveSZWxdWtbrC0M.roa
Signing time: Thu 24 Aug 2023 18:42:19 +0000
ROA not before: Thu 24 Aug 2023 18:42:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.194.177.0/24 maxlen: 24
185.223.81.0/24 maxlen: 24
185.223.83.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.222.31.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.218.23.0/24 maxlen: 24
185.221.23.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.221.22.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 11:27:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:da:c2:9f:6e:be:32:d9:d5:ae:e8:5d:5f:93:22:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 24 18:42:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4c4452dfd31d4de7292f792656c5d5ad6eb0b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:19:52:d2:2a:7a:6f:36:45:70:c2:f6:69:e8:
75:d7:7c:96:c7:3b:09:8e:ac:82:18:f8:db:89:7f:
56:ee:dd:7d:65:40:41:63:fa:98:b9:80:71:56:6f:
b2:43:c8:9a:89:45:74:16:3a:62:bf:00:0f:4f:d4:
bc:3f:fc:4c:7a:c0:55:6d:d4:bc:c0:10:0f:4d:96:
38:50:5b:2a:78:09:16:6e:af:17:a6:4e:38:3b:7f:
eb:9a:96:14:b6:df:dd:df:2c:08:a3:62:2a:13:e6:
e6:66:79:f8:98:66:88:95:84:1b:1c:b6:f4:f7:17:
69:6c:20:14:a1:72:40:53:10:6f:e9:59:64:9d:e9:
1d:4f:6a:a2:7c:75:eb:27:9c:bd:eb:f5:2d:d8:0c:
5c:f4:96:97:22:1e:17:bf:35:01:82:77:d1:5c:7e:
d4:b7:c5:e3:a5:7d:f5:45:36:54:57:fa:c1:7a:c9:
63:f4:17:b8:dd:b1:b4:53:3c:9b:17:c0:62:3a:04:
2f:97:d0:5a:11:9b:41:00:5c:41:39:a3:ed:cb:e8:
ca:14:1d:c5:97:c2:bd:aa:d5:e9:4b:79:1a:db:51:
42:2d:dc:26:22:57:fc:f5:c9:9b:71:0a:87:ee:21:
e6:e2:c1:96:96:c5:dd:0d:8b:ad:3a:9e:2d:59:cf:
a1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C4:45:2D:FD:31:D4:DE:72:92:F7:92:65:6C:5D:5A:D6:EB:0B:43
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tMRFLf0x1N5ykveSZWxdWtbrC0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.194.177.0/24
185.209.75.0/24
185.210.232.0/24
185.218.23.0/24
185.218.101.0/24
185.220.249.0-185.220.251.255
185.221.20.0/24
185.221.22.0/23
185.222.29.0-185.222.31.255
185.223.80.0/23
185.223.83.0/24
185.225.0.0/23
185.225.20.0/24
185.225.22.0/24
185.226.106.0/24
185.227.144.0/23
185.228.75.0/24
185.230.52.0/24
185.246.115.0/24
185.251.229.0/24
185.251.231.0/24
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:ca:e4:b7:b3:b6:0a:db:d0:9b:37:6e:fb:44:bd:e9:89:df:
30:e5:05:25:17:fd:8d:38:e3:c3:87:37:69:f8:8c:0a:f7:e1:
57:47:65:0e:00:3c:65:6a:65:b6:03:bb:fb:99:5c:06:f3:b8:
f0:16:a4:e1:26:c2:42:cd:4b:12:fa:a0:e8:ef:a5:83:4a:f6:
53:01:47:16:8e:9c:e8:43:01:e8:f1:ef:9b:17:7a:31:d2:a2:
17:85:09:0e:06:97:67:f2:08:d7:7a:50:fb:75:b8:86:ec:08:
34:75:cb:01:9c:3b:d6:9d:2a:8a:88:c9:78:e6:88:0c:3e:c7:
4a:83:52:49:4d:83:31:97:8a:76:12:7b:da:81:bb:aa:96:12:
a3:fc:99:5d:32:50:03:87:1a:a4:07:0a:ff:54:3d:4a:f9:6a:
bc:71:2c:e7:66:15:30:d5:87:f1:f7:12:63:20:71:dd:74:19:
50:3a:b1:89:ea:12:b4:2c:54:87:2c:e7:6b:52:da:17:bb:be:
74:80:9a:a4:c3:0b:33:56:ba:37:3f:9f:8d:7f:57:4c:e4:87:
a5:73:00:18:d2:b1:a5:98:df:2b:74:f1:7b:2c:8b:e4:c0:92:
44:8f:25:a9:52:28:11:79:91:af:70:10:12:16:cf:58:32:3a:
15:7f:13:89
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYoo2sKfbr4y2dWu6F1fkyL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODI0MTg0MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM0NDUyZGZkMzFkNGRlNzI5MmY3OTI2NTZjNWQ1YWQ2ZWIwYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRlS0ip6bzZFcML2aeh113yWxzsJ
jqyCGPjbiX9W7t19ZUBBY/qYuYBxVm+yQ8iaiUV0FjpivwAPT9S8P/xMesBVbdS8
wBAPTZY4UFsqeAkWbq8Xpk44O3/rmpYUtt/d3ywIo2IqE+bmZnn4mGaIlYQbHLb0
9xdpbCAUoXJAUxBv6VlknekdT2qifHXrJ5y96/Ut2Axc9JaXIh4XvzUBgnfRXH7U
t8XjpX31RTZUV/rBeslj9Be43bG0UzybF8BiOgQvl9BaEZtBAFxBOaPty+jKFB3F
l8K9qtXpS3ka21FCLdwmIlf89cmbcQqH7iHm4sGWlsXdDYutOp4tWc+hZwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFLTERS39MdTecpL3kmVsXVrW6wtDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdE1SRkxmMHgxTjV5a3ZlU1pXeGRXdGJyQzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAAt
CBUDBAAtk+ADBAC5wrEDBAC50UsDBAC50ugDBAC52hcDBAC52mUwDAMEALnc+QME
Arnc+AMEALndFAMEAbndFjAMAwQAud4dAwQFud4AAwQBud9QAwQAud9TAwQBueEA
AwQAueEUAwQAueEWAwQAueJqAwQBueOQAwQAueRLAwQAueY0AwQAufZzAwQAufvl
AwQAufvnAwQAwTqQAwQBwTqSAwQAwgVBMA0GCSqGSIb3DQEBCwUAA4IBAQAvyuS3
s7YK29CbN277RL3pid8w5QUlF/2NOOPDhzdp+IwK9+FXR2UOADxlamW2A7v7mVwG
87jwFqThJsJCzUsS+qDo76WDSvZTAUcWjpzoQwHo8e+bF3ox0qIXhQkOBpdn8gjX
elD7dbiG7Ag0dcsBnDvWnSqKiMl45ogMPsdKg1JJTYMxl4p2EnvagbuqlhKj/Jld
MlADhxqkBwr/VD1K+Wq8cSznZhUw1Yfx9xJjIHHddBlQOrGJ6hK0LFSHLOdrUtoX
u750gJqkwwszVro3P5+Nf1dM5IelcwAY0rGlmN8rdPF7LIvkwJJEjyWpUigReZGv
cBASFs9YMjoVfxOJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org