Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tdzDiwFUpn-jzzQ1SdLjx40oZV0.roa
File: tdzDiwFUpn-jzzQ1SdLjx40oZV0.roa (raw, json)
Hash identifier: s14buu/wE2s3WxInzLo4QLzb901yQhtx/wuagrfgGwo=
Subject key identifier: B5:DC:C3:8B:01:54:A6:7F:A3:CF:34:35:49:D2:E3:C7:8D:28:65:5D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01877466D339302B1B0AF29E3E1EEFDB0714
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tdzDiwFUpn-jzzQ1SdLjx40oZV0.roa
Signing time: Wed 12 Apr 2023 07:38:28 +0000
ROA not before: Wed 12 Apr 2023 07:38:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.16.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
176.125.249.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 07:41:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:66:d3:39:30:2b:1b:0a:f2:9e:3e:1e:ef:db:07:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 12 07:38:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5dcc38b0154a67fa3cf343549d2e3c78d28655d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:83:73:e0:09:60:f1:6f:7a:99:fd:30:e1:
c4:e0:42:64:2c:8c:58:3c:37:43:6f:14:9d:55:24:
30:7e:29:d7:2d:69:28:f6:b9:4f:81:f9:78:1d:df:
4c:0a:07:34:a5:6d:a6:c1:78:7a:c2:a0:ad:21:2e:
2f:64:b1:25:07:7a:07:4f:a7:4d:4d:47:4e:09:0d:
0b:5f:f5:d8:a4:8c:34:33:74:15:53:41:7c:a3:28:
07:c1:72:f1:49:e6:d9:1e:2f:f5:80:96:62:c2:b0:
e8:82:00:4e:05:de:44:b0:3e:92:d7:3c:7a:45:7f:
55:40:db:18:fa:69:9a:5b:b6:1b:59:1e:2b:c7:47:
dd:bb:2f:46:f3:17:f7:cb:6e:96:59:ed:ca:70:d5:
13:2f:92:31:46:53:5e:ae:cf:6e:19:f7:0e:d7:43:
e5:0e:bd:b7:05:fa:d0:f4:d9:c1:f4:6a:7a:92:b6:
a0:ef:92:9b:6f:bd:54:80:50:cf:d5:f1:2a:bb:a8:
ab:d0:1b:bc:c2:55:34:a3:a1:15:89:e8:a2:cf:06:
5c:0c:03:7f:50:de:eb:18:f0:07:81:96:a6:cb:eb:
23:7c:8b:ce:fc:fa:74:26:51:9d:5e:df:8c:4c:b1:
c6:ff:41:23:23:73:d8:34:8b:09:ce:43:5e:e8:37:
e5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:C3:8B:01:54:A6:7F:A3:CF:34:35:49:D2:E3:C7:8D:28:65:5D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tdzDiwFUpn-jzzQ1SdLjx40oZV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.131.134.0/24
45.147.224.0/24
176.125.249.0/24
185.126.83.0/24
185.218.20.0/24
185.225.0.0/23
193.58.144.0/23
Signature Algorithm: sha256WithRSAEncryption
42:ff:6f:3c:65:a6:ed:70:27:d4:86:5f:83:d5:71:1d:cc:6c:
4e:87:09:e1:75:f3:fc:71:c8:d8:de:aa:ec:b2:55:99:e8:67:
09:f1:a4:b8:9f:db:67:8a:4c:d5:04:7d:14:5e:b5:df:fb:85:
a0:a5:c5:1f:3a:5a:e7:b6:0b:1a:d3:e7:63:90:23:b2:56:5c:
ed:8f:84:fe:91:4f:b1:bb:6f:71:0f:07:f1:d2:cb:00:c7:25:
d6:d7:41:bd:77:56:cc:d9:d1:8c:88:05:9e:e9:ca:c4:d6:96:
07:cc:9f:e5:be:5c:16:f0:9a:1e:2b:48:cf:f7:f9:8d:95:31:
da:05:a5:c3:3e:ca:16:d7:e2:a9:d6:fe:0d:da:56:50:cb:c4:
d1:6c:65:80:df:4d:99:28:67:ec:6d:65:d5:35:c3:4a:22:c1:
aa:83:0b:d4:5a:2e:d4:05:ea:c8:05:cf:0d:54:53:99:fb:a8:
87:47:91:bf:12:56:fd:88:39:76:b9:81:21:a3:42:83:78:dc:
64:49:55:eb:16:96:02:9a:50:9a:e2:f1:26:4b:5e:fe:ca:4c:
bb:43:6c:1c:a2:5b:4e:f0:72:f5:ba:a6:47:de:a2:a7:3f:a1:
87:c3:fd:ff:48:bf:8b:30:19:cf:06:46:46:45:dc:b3:72:ff:
c3:7c:7e:91
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYd0ZtM5MCsbCvKePh7v2wcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDEyMDczODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRjYzM4YjAxNTRhNjdmYTNjZjM0MzU0OWQyZTNjNzhkMjg2NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGeDc+AJYPFvepn9MOHE4EJkLIxY
PDdDbxSdVSQwfinXLWko9rlPgfl4Hd9MCgc0pW2mwXh6wqCtIS4vZLElB3oHT6dN
TUdOCQ0LX/XYpIw0M3QVU0F8oygHwXLxSebZHi/1gJZiwrDoggBOBd5EsD6S1zx6
RX9VQNsY+mmaW7YbWR4rx0fduy9G8xf3y26WWe3KcNUTL5IxRlNers9uGfcO10Pl
Dr23BfrQ9NnB9Gp6krag75Kbb71UgFDP1fEqu6ir0Bu8wlU0o6EVieiizwZcDAN/
UN7rGPAHgZamy+sjfIvO/Pp0JlGdXt+MTLHG/0EjI3PYNIsJzkNe6DflTwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLXcw4sBVKZ/o880NUnS48eNKGVdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdGR6RGl3RlVwbi1qenpRMVNkTGp4NDBvWlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVoQAwQA
LYOGAwQALZPgAwQAsH35AwQAuX5TAwQAudoUAwQBueEAAwQBwTqQMA0GCSqGSIb3
DQEBCwUAA4IBAQBC/288ZabtcCfUhl+D1XEdzGxOhwnhdfP8ccjY3qrsslWZ6GcJ
8aS4n9tnikzVBH0UXrXf+4WgpcUfOlrntgsa0+djkCOyVlztj4T+kU+xu29xDwfx
0ssAxyXW10G9d1bM2dGMiAWe6crE1pYHzJ/lvlwW8JoeK0jP9/mNlTHaBaXDPsoW
1+Kp1v4N2lZQy8TRbGWA302ZKGfsbWXVNcNKIsGqgwvUWi7UBerIBc8NVFOZ+6iH
R5G/Elb9iDl2uYEho0KDeNxkSVXrFpYCmlCa4vEmS17+yky7Q2wcoltO8HL1uqZH
3qKnP6GHw/3/SL+LMBnPBkZGRdyzcv/DfH6R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org