Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u6WjJ7M7boT2wuoiMDppUr88u8s.roa
File: u6WjJ7M7boT2wuoiMDppUr88u8s.roa (raw, json)
Hash identifier: va/WpgoKb2hNpjGfw8deHGg27fJlAO//gvFw5RtUso4=
Subject key identifier: BB:A5:A3:27:B3:3B:6E:84:F6:C2:EA:22:30:3A:69:52:BF:3C:BB:CB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188B41C0F112176452075D91841A152CD96
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u6WjJ7M7boT2wuoiMDppUr88u8s.roa
Signing time: Tue 13 Jun 2023 09:35:17 +0000
ROA not before: Tue 13 Jun 2023 09:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 09:27:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b4:1c:0f:11:21:76:45:20:75:d9:18:41:a1:52:cd:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 13 09:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bba5a327b33b6e84f6c2ea22303a6952bf3cbbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:89:b7:41:63:66:2a:fa:97:fa:7d:0b:3a:
60:ed:85:b7:1f:3a:88:9c:c9:e3:d3:f6:97:8a:b8:
c5:f8:fd:ff:71:8c:78:8b:aa:f7:45:cb:c2:d8:3a:
2b:f9:0a:f6:01:92:b6:e9:3c:d2:db:f4:d1:e8:21:
b3:9d:d3:24:dc:5f:da:73:69:35:68:45:64:c9:60:
8e:17:83:ea:f8:d8:a5:4f:01:5e:26:cc:80:ba:c6:
ed:7e:cd:33:9d:5c:e3:e7:b1:85:3b:75:93:f6:bb:
e0:46:90:6f:67:ae:79:cb:a1:a9:a4:c4:1e:ab:50:
cc:49:4f:3b:f8:4e:86:4d:03:89:fa:6f:39:68:48:
12:c2:e1:e8:77:9c:a2:18:a8:07:cb:5d:d9:ad:08:
1e:06:b3:f4:de:b4:82:5c:3e:39:a7:b7:03:00:1e:
24:a9:c2:e4:b6:c6:c7:df:e5:30:2f:00:a5:28:68:
fb:49:df:62:f7:6e:7b:ba:1b:c6:89:43:8a:3f:4c:
2d:76:0b:0e:22:5e:71:2a:4a:60:f1:b4:c0:cd:c9:
ba:c9:b4:e5:ab:b1:52:97:5e:f6:85:78:9d:3a:23:
35:01:12:61:19:ed:b5:69:20:1c:13:9e:bf:7a:45:
ad:66:b7:6d:84:bf:cd:cf:1f:00:6c:c5:41:e3:33:
7c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A5:A3:27:B3:3B:6E:84:F6:C2:EA:22:30:3A:69:52:BF:3C:BB:CB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u6WjJ7M7boT2wuoiMDppUr88u8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.210.234.0/24
185.214.100.0/23
185.214.103.0/24
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7e:24:7b:e0:48:7c:cf:b1:08:0d:82:df:ce:98:8b:3b:85:
38:65:1e:0b:b1:60:34:b9:b8:03:91:cb:14:11:a7:f5:e4:ff:
74:05:86:83:38:f6:85:1a:10:32:1c:cb:4a:86:ef:57:97:39:
65:73:a3:ab:c3:88:2f:78:1e:ff:ac:8a:1b:a9:ce:04:a8:e2:
34:80:f7:4e:71:29:27:12:e4:41:6c:34:c8:13:71:0f:82:13:
cd:05:6d:1d:e8:ed:c9:46:d9:f2:84:01:d5:ef:d9:04:76:e4:
71:d9:ae:56:f4:6d:e1:81:6f:b8:54:24:b8:c0:26:e2:82:6f:
69:13:d0:9b:e4:06:53:3b:d8:ff:ce:b2:6e:fb:76:1c:5f:c3:
87:86:14:fb:75:46:bf:8f:a2:40:cc:6a:af:d3:ba:3f:42:33:
c1:9e:e9:b3:4f:4c:81:47:38:ed:27:24:40:29:ae:85:5b:aa:
db:30:63:62:0e:5b:4b:df:29:bf:1b:e7:05:e5:9a:dd:e8:3d:
bd:4d:33:ef:f5:ef:d3:da:2a:8f:f9:a8:2c:c8:2f:ef:cd:cd:
f6:16:a1:0a:52:fd:33:cf:ff:9a:ea:6a:51:74:d4:82:ea:c9:
50:e7:ea:51:3a:7e:d5:17:aa:2d:a1:48:5b:52:50:a9:d5:cc:
fa:08:c0:7c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi0HA8RIXZFIHXZGEGhUs2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjEzMDkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmE1YTMyN2IzM2I2ZTg0ZjZjMmVhMjIzMDNhNjk1MmJmM2NiYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAGJt0FjZir6l/p9Czpg7YW3HzqI
nMnj0/aXirjF+P3/cYx4i6r3RcvC2Dor+Qr2AZK26TzS2/TR6CGzndMk3F/ac2k1
aEVkyWCOF4Pq+NilTwFeJsyAusbtfs0znVzj57GFO3WT9rvgRpBvZ655y6GppMQe
q1DMSU87+E6GTQOJ+m85aEgSwuHod5yiGKgHy13ZrQgeBrP03rSCXD45p7cDAB4k
qcLktsbH3+UwLwClKGj7Sd9i9257uhvGiUOKP0wtdgsOIl5xKkpg8bTAzcm6ybTl
q7FSl172hXidOiM1ARJhGe21aSAcE56/ekWtZrdthL/Nzx8AbMVB4zN8JQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLuloyezO26E9sLqIjA6aVK/PLvLMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdTZXako3TTdib1Qyd3VvaU1EcHBVcjg4dThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBudEmAwQA
udLqAwQBudZkAwQAudZnAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQCE
fiR74Eh8z7EIDYLfzpiLO4U4ZR4LsWA0ubgDkcsUEaf15P90BYaDOPaFGhAyHMtK
hu9Xlzllc6Orw4gveB7/rIobqc4EqOI0gPdOcSknEuRBbDTIE3EPghPNBW0d6O3J
RtnyhAHV79kEduRx2a5W9G3hgW+4VCS4wCbigm9pE9Cb5AZTO9j/zrJu+3YcX8OH
hhT7dUa/j6JAzGqv07o/QjPBnumzT0yBRzjtJyRAKa6FW6rbMGNiDltL3ym/G+cF
5Zrd6D29TTPv9e/T2iqP+agsyC/vzc32FqEKUv0zz/+a6mpRdNSC6slQ5+pROn7V
F6otoUhbUlCp1cz6CMB8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org