Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u_1XYFF0IQYatL9HQw-mzSI5Cto.roa
File: u_1XYFF0IQYatL9HQw-mzSI5Cto.roa (raw, json)
Hash identifier: Pxk+EQY106gyQHSjBCv+tESkKwux6vR1AmV3w5dbSoo=
Subject key identifier: BB:FD:57:60:51:74:21:06:1A:B4:BF:47:43:0F:A6:CD:22:39:0A:DA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CAAC35A090E792E33A9AD6C9E2AD97DA6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u_1XYFF0IQYatL9HQw-mzSI5Cto.roa
Signing time: Wed 27 Dec 2023 10:12:58 +0000
ROA not before: Wed 27 Dec 2023 10:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.210.235.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.108.205.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
185.214.101.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Dec 2023 16:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:c3:5a:09:0e:79:2e:33:a9:ad:6c:9e:2a:d9:7d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 27 10:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbfd5760517421061ab4bf47430fa6cd22390ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2f:ac:6d:f6:4a:ae:db:8e:6d:26:e3:e8:89:
80:80:90:c1:88:ea:ea:b7:c6:95:a3:7e:57:9a:c2:
bb:03:7f:ba:d5:eb:ce:78:73:d9:57:0d:95:50:86:
fb:e0:2c:78:6a:b1:75:7c:c2:ba:ea:8e:b0:f2:94:
2b:40:27:b6:1f:df:17:0a:38:04:7b:5b:4d:c1:84:
ec:ab:e8:0a:04:a1:e6:b9:25:5f:64:ff:e5:78:bc:
d0:79:b0:c3:fa:92:57:51:a8:3d:ef:04:71:27:8e:
44:e0:3c:e7:80:00:0e:57:bd:50:72:63:63:6c:6d:
7c:14:60:63:4f:ef:26:be:26:7b:50:b0:42:71:d7:
ef:8e:df:3f:cb:38:29:14:d7:80:c5:c0:24:3a:8a:
69:9e:f9:f4:bb:cc:dc:cc:57:c8:27:90:be:66:db:
8a:19:45:88:e9:cb:09:da:14:b6:8e:ae:32:39:a1:
1e:27:d7:49:c9:13:7a:92:2c:c2:7d:f7:58:70:97:
bf:0f:a0:9c:82:28:4a:39:8d:95:78:61:27:5f:8d:
c7:9a:0d:13:fe:ff:25:ca:cb:4e:7f:84:e7:0b:cc:
1b:f4:d3:eb:6b:9d:7e:63:e0:69:50:d2:39:e8:50:
88:9b:d0:f2:00:71:ef:fd:b3:82:0f:cf:96:29:1f:
5b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FD:57:60:51:74:21:06:1A:B4:BF:47:43:0F:A6:CD:22:39:0A:DA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/u_1XYFF0IQYatL9HQw-mzSI5Cto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.108.205.0/24
185.126.82.0/24
185.209.38.0/24
185.210.235.0/24
185.214.101.0/24
185.220.249.0-185.220.251.255
185.223.78.0/24
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
47:27:27:f8:50:93:9a:bd:fc:80:e5:f0:ee:ed:95:fa:8a:a0:
14:82:5a:5a:ea:ac:16:86:63:cb:e8:4c:01:7e:3c:e3:56:2a:
b0:92:03:00:40:3c:06:2f:23:d9:a1:cf:fd:7f:7b:50:ce:9c:
4c:87:dd:e4:00:1c:0d:a5:2d:4f:8f:e3:0b:41:f7:f1:58:6a:
7b:51:03:e5:40:0d:15:f9:67:4f:01:5a:83:06:9e:ae:e1:ef:
1f:e7:ac:d0:49:80:6c:bc:b7:dc:d8:2d:8b:28:eb:db:f4:35:
b1:1f:3b:07:35:88:63:67:99:58:31:5e:75:80:77:78:ed:5d:
28:68:b1:06:4c:2c:cc:78:76:0a:e1:ac:30:f0:ff:b5:12:9c:
fc:f5:d6:42:97:b4:ca:1c:82:76:98:8b:5d:20:16:b7:3a:e3:
63:50:68:c5:cd:c0:95:7c:a7:f5:de:24:c5:be:48:7e:9b:1e:
e9:f2:8f:3b:44:de:dd:b9:d9:08:42:91:f9:89:dc:02:f7:1d:
71:22:62:7a:c5:21:e5:aa:3c:aa:d1:ef:07:fa:b5:2f:c1:7a:
79:3d:b9:b7:bd:a7:47:85:1b:60:50:4b:be:55:5d:dd:0c:e7:
d6:6e:32:e6:cf:9a:a7:50:2e:8f:8c:c5:c8:da:29:e9:c8:08:
3a:19:d2:3a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYyqw1oJDnkuM6mtbJ4q2X2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjI3MTAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZkNTc2MDUxNzQyMTA2MWFiNGJmNDc0MzBmYTZjZDIyMzkwYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni+sbfZKrtuObSbj6ImAgJDBiOrq
t8aVo35XmsK7A3+61evOeHPZVw2VUIb74Cx4arF1fMK66o6w8pQrQCe2H98XCjgE
e1tNwYTsq+gKBKHmuSVfZP/leLzQebDD+pJXUag97wRxJ45E4DzngAAOV71QcmNj
bG18FGBjT+8mviZ7ULBCcdfvjt8/yzgpFNeAxcAkOoppnvn0u8zczFfIJ5C+ZtuK
GUWI6csJ2hS2jq4yOaEeJ9dJyRN6kizCffdYcJe/D6CcgihKOY2VeGEnX43Hmg0T
/v8lystOf4TnC8wb9NPra51+Y+BpUNI56FCIm9DyAHHv/bOCD8+WKR9bNQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFLv9V2BRdCEGGrS/R0MPps0iOQraMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdV8xWFlGRjBJUVlhdEw5SFF3LW16U0k1Q3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALQgVAwQA
uWzNAwQAuX5SAwQAudEmAwQAudLrAwQAudZlMAwDBAC53PkDBAK53PgDBAC5304D
BAC531IDBAG54QADBAG545IDBAC5++UDBAHBOpIwDQYJKoZIhvcNAQELBQADggEB
AEcnJ/hQk5q9/IDl8O7tlfqKoBSCWlrqrBaGY8voTAF+PONWKrCSAwBAPAYvI9mh
z/1/e1DOnEyH3eQAHA2lLU+P4wtB9/FYantRA+VADRX5Z08BWoMGnq7h7x/nrNBJ
gGy8t9zYLYso69v0NbEfOwc1iGNnmVgxXnWAd3jtXShosQZMLMx4dgrhrDDw/7US
nPz11kKXtMocgnaYi10gFrc642NQaMXNwJV8p/XeJMW+SH6bHunyjztE3t252QhC
kfmJ3AL3HXEiYnrFIeWqPKrR7wf6tS/Benk9ube9p0eFG2BQS75VXd0M59ZuMubP
mqdQLo+MxcjaKenICDoZ0jo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org