Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tYnV0M5xbbIuMNAZlVxMfTlD6SQ.roa
File: tYnV0M5xbbIuMNAZlVxMfTlD6SQ.roa (raw, json)
Hash identifier: bkmG/UMUrxh2PCdhQOwe5XO6Em76WOae8VabsKgE2H0=
Subject key identifier: B5:89:D5:D0:CE:71:6D:B2:2E:30:D0:19:95:5C:4C:7D:39:43:E9:24
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189D4DD45DD78A4CCA5AE994AA35AC4B7CD
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tYnV0M5xbbIuMNAZlVxMfTlD6SQ.roa
Signing time: Tue 08 Aug 2023 11:16:58 +0000
ROA not before: Tue 08 Aug 2023 11:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.194.177.0/24 maxlen: 24
185.223.81.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.250.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.218.23.0/24 maxlen: 24
185.221.21.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Aug 2023 11:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:dd:45:dd:78:a4:cc:a5:ae:99:4a:a3:5a:c4:b7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 8 11:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b589d5d0ce716db22e30d019955c4c7d3943e924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:94:0c:cb:38:1d:5f:65:ef:17:c8:7d:25:8e:
30:77:4c:dd:bf:d5:f9:a1:12:8f:54:91:bf:dc:93:
78:60:6e:43:c2:f4:67:39:8c:2e:a2:45:b2:fe:49:
1a:43:f5:54:f0:5f:a9:33:f8:cd:05:02:02:f5:25:
c0:cb:36:25:05:cf:69:f5:d6:37:30:84:27:51:09:
cd:64:04:89:7a:c3:a2:bb:49:2b:72:73:e8:ec:59:
8d:6e:56:df:2c:d7:12:16:62:6c:c7:95:aa:a2:0a:
ac:57:17:f2:5d:b1:60:6a:12:ac:84:2f:22:d4:35:
49:88:46:e2:ed:4d:86:a4:8b:5d:dc:a4:4d:e8:c6:
6e:47:00:73:c7:2e:06:ff:b3:c2:39:24:4a:75:95:
2a:fc:e7:02:aa:47:a0:47:23:3b:fb:cc:d6:ca:37:
77:80:53:b3:4c:2c:b9:45:18:64:70:96:65:0a:96:
4d:b8:dc:3f:92:3e:59:b6:70:e2:09:74:45:61:88:
67:70:f6:c4:1b:c6:58:c3:3a:69:2e:b5:c5:0f:c1:
66:e0:04:2f:ed:d3:53:f6:9c:6e:d5:6c:a6:97:2b:
80:13:aa:2c:a3:23:f0:b2:b7:b6:8e:cd:c5:e8:07:
25:6c:be:14:58:de:a0:03:8d:e8:54:9a:a8:d8:ae:
95:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:89:D5:D0:CE:71:6D:B2:2E:30:D0:19:95:5C:4C:7D:39:43:E9:24
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tYnV0M5xbbIuMNAZlVxMfTlD6SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.194.177.0/24
185.209.73.0/24
185.209.75.0/24
185.210.235.0/24
185.218.23.0/24
185.218.101.0/24
185.220.250.0/23
185.221.21.0/24
185.223.81.0/24
185.225.0.0/23
185.225.20.0/24
185.225.22.0/24
185.226.106.0/24
185.227.144.0/23
185.228.75.0/24
185.230.52.0/24
185.246.115.0/24
185.251.229.0-185.251.230.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c6:14:4b:05:07:ce:d9:44:65:30:e4:57:df:fb:32:dc:4c:
59:38:e3:3d:30:d0:47:95:b4:3e:a5:a2:a1:43:80:48:61:c6:
56:ba:5d:6e:e0:66:08:e0:15:3f:0c:a7:ed:ef:3d:e6:b0:91:
c9:04:f7:10:82:84:d5:6f:91:88:04:4e:6f:19:90:be:d0:6c:
4b:16:f8:55:0d:60:66:56:d0:e8:20:8a:c0:69:8e:c5:5f:29:
10:73:51:8d:d4:0f:c5:3c:8a:e7:43:33:8f:5f:b3:fe:e5:c7:
ea:c3:90:ca:6b:cc:e1:50:a5:2f:6e:24:ac:df:d8:4e:73:1e:
ae:34:ad:72:7e:0f:8b:c8:5c:ce:b0:82:ab:76:fb:7f:c3:91:
8b:89:c7:c4:a9:35:9b:41:ee:9e:92:bc:61:2d:f7:b1:76:6f:
bd:26:c2:65:32:9d:9e:39:d0:01:c5:66:e0:7e:c2:4e:a2:f2:
1e:e3:3c:03:ff:9a:fb:17:fd:1f:3d:0f:b7:93:cc:4c:87:66:
09:93:4c:f4:0a:eb:eb:41:00:cf:1f:fe:3f:ad:96:99:08:ef:
cb:fb:36:30:d1:0e:94:eb:e1:e9:f1:d4:ee:4e:1a:b9:d6:b5:
f4:4d:dc:0f:16:50:e1:72:40:1f:29:b0:61:63:1f:bf:75:8d:
26:1f:31:2c
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYnU3UXdeKTMpa6ZSqNaxLfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwODA4MTExNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg5ZDVkMGNlNzE2ZGIyMmUzMGQwMTk5NTVjNGM3ZDM5NDNlOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJQMyzgdX2XvF8h9JY4wd0zdv9X5
oRKPVJG/3JN4YG5DwvRnOYwuokWy/kkaQ/VU8F+pM/jNBQIC9SXAyzYlBc9p9dY3
MIQnUQnNZASJesOiu0krcnPo7FmNblbfLNcSFmJsx5WqogqsVxfyXbFgahKshC8i
1DVJiEbi7U2GpItd3KRN6MZuRwBzxy4G/7PCOSRKdZUq/OcCqkegRyM7+8zWyjd3
gFOzTCy5RRhkcJZlCpZNuNw/kj5ZtnDiCXRFYYhncPbEG8ZYwzppLrXFD8Fm4AQv
7dNT9pxu1WymlyuAE6osoyPwsre2js3F6AclbL4UWN6gA43oVJqo2K6VswIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFLWJ1dDOcW2yLjDQGZVcTH05Q+kkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdFluVjBNNXhiYkl1TU5BWmxWeE1mVGxENlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAt
CBUDBAAtk+ADBAC5wrEDBAC50UkDBAC50UsDBAC50usDBAC52hcDBAC52mUDBAG5
3PoDBAC53RUDBAC531EDBAG54QADBAC54RQDBAC54RYDBAC54moDBAG545ADBAC5
5EsDBAC55jQDBAC59nMwDAMEALn75QMEALn75gMEAME6kAMEAcE6kgMEAMIFQTAN
BgkqhkiG9w0BAQsFAAOCAQEARcYUSwUHztlEZTDkV9/7MtxMWTjjPTDQR5W0PqWi
oUOASGHGVrpdbuBmCOAVPwyn7e895rCRyQT3EIKE1W+RiARObxmQvtBsSxb4VQ1g
ZlbQ6CCKwGmOxV8pEHNRjdQPxTyK50Mzj1+z/uXH6sOQymvM4VClL24krN/YTnMe
rjStcn4Pi8hczrCCq3b7f8ORi4nHxKk1m0HunpK8YS33sXZvvSbCZTKdnjnQAcVm
4H7CTqLyHuM8A/+a+xf9Hz0Pt5PMTIdmCZNM9Arr60EAzx/+P62WmQjvy/s2MNEO
lOvh6fHU7k4auda19E3cDxZQ4XJAHymwYWMfv3WNJh8xLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org