Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaFobhh81e6DbvE_OSDWOv69RrA.roa
File: vaFobhh81e6DbvE_OSDWOv69RrA.roa (raw, json)
Hash identifier: MzmsPdar5deNvmE2lcylFZlHBQ4pTlm3Gnh03m8ff0Q=
Subject key identifier: BD:A1:68:6E:18:7C:D5:EE:83:6E:F1:3F:39:20:D6:3A:FE:BD:46:B0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188BE613E3E2BC994784EA7DAE8C2FF6D56
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaFobhh81e6DbvE_OSDWOv69RrA.roa
Signing time: Thu 15 Jun 2023 09:27:03 +0000
ROA not before: Thu 15 Jun 2023 09:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 21:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:61:3e:3e:2b:c9:94:78:4e:a7:da:e8:c2:ff:6d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 15 09:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bda1686e187cd5ee836ef13f3920d63afebd46b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e7:90:76:99:28:20:38:ed:1c:e3:1f:03:f2:
90:7c:46:a4:58:dc:66:5c:9c:f5:23:f8:4b:d0:a5:
0c:cf:45:3b:d0:19:e2:12:ca:cf:af:5f:73:91:4b:
f1:aa:ac:27:98:17:65:ef:2b:89:03:3a:be:69:f0:
e9:ad:57:7f:49:d9:22:db:59:2a:27:57:e1:f3:2f:
9f:a3:ca:4d:1a:17:a0:8a:dc:6c:ba:c1:56:2f:db:
31:eb:ac:a2:9e:34:80:cc:96:96:47:0a:54:a8:46:
94:39:97:b2:45:e0:19:00:f3:c0:11:73:3a:6f:95:
a3:a2:bb:39:29:c2:50:96:1a:49:9a:c8:95:3b:85:
87:fc:76:09:f1:43:28:8c:3e:55:e6:b7:5c:b9:f9:
81:01:11:ea:cf:c5:96:a7:ea:02:a5:4b:2c:42:59:
d4:b7:a7:25:d8:c9:fa:67:e6:e1:b3:ec:d4:bd:14:
a5:72:1b:21:7e:f8:dc:73:55:2a:1e:0e:cd:67:d4:
5d:3e:2d:0b:bc:a3:d3:b5:3d:a2:37:f6:70:fa:9c:
55:9f:95:7d:5a:5b:cf:ac:36:a3:9a:dd:78:e1:33:
ea:5d:4a:03:82:41:8f:db:02:03:f6:63:71:ce:31:
aa:b8:89:5c:7e:68:61:70:a0:9f:bd:fa:82:ee:71:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A1:68:6E:18:7C:D5:EE:83:6E:F1:3F:39:20:D6:3A:FE:BD:46:B0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vaFobhh81e6DbvE_OSDWOv69RrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.210.234.0/24
185.214.100.0/22
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a5:ea:37:3a:54:6f:d4:e3:86:ff:70:14:d6:5e:8a:ad:79:
01:1d:2a:38:8d:4d:43:3f:9e:8c:9d:f5:36:a6:79:fa:d2:5b:
12:16:f9:71:15:82:b1:cb:7d:cb:1f:b0:be:c5:32:b5:b0:39:
c0:7b:3a:e5:c7:d4:6d:af:86:04:e2:1d:23:09:c3:36:04:e8:
ec:69:18:5b:4e:f9:f2:6f:d5:62:a2:cf:43:bc:6f:d5:77:58:
0e:24:a0:0d:6b:1f:ca:1a:57:5d:5a:87:15:ea:bb:c4:2a:37:
40:aa:53:a6:0b:a1:f7:5c:ca:9d:5f:bd:da:4b:2e:3b:45:78:
15:e0:7e:77:98:b1:d5:e2:ac:5e:9e:84:9e:d8:63:d8:4e:23:
8c:a9:3b:42:d1:ba:2e:47:7e:11:c1:ea:0a:7d:a2:b8:0d:d8:
01:ea:1c:51:45:e0:f4:03:90:83:21:8c:a3:5f:4e:c5:6c:ab:
6e:f9:3a:91:b8:eb:9f:71:85:48:42:3a:dc:55:ac:b7:53:46:
0a:4b:ec:b3:86:b3:71:f7:1d:11:44:c6:30:90:92:12:13:c5:
b9:f4:3e:9b:a7:3d:fc:89:ee:bc:84:71:c8:cf:9d:50:ce:55:
a1:cc:1f:b9:63:cd:31:c8:ff:42:06:9a:f6:ca:de:8c:a0:2a:
98:2e:e1:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYi+YT4+K8mUeE6n2ujC/21WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE1MDkyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGExNjg2ZTE4N2NkNWVlODM2ZWYxM2YzOTIwZDYzYWZlYmQ0NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoueQdpkoIDjtHOMfA/KQfEakWNxm
XJz1I/hL0KUMz0U70BniEsrPr19zkUvxqqwnmBdl7yuJAzq+afDprVd/Sdki21kq
J1fh8y+fo8pNGhegitxsusFWL9sx66yinjSAzJaWRwpUqEaUOZeyReAZAPPAEXM6
b5Wjors5KcJQlhpJmsiVO4WH/HYJ8UMojD5V5rdcufmBARHqz8WWp+oCpUssQlnU
t6cl2Mn6Z+bhs+zUvRSlchshfvjcc1UqHg7NZ9RdPi0LvKPTtT2iN/Zw+pxVn5V9
WlvPrDajmt144TPqXUoDgkGP2wID9mNxzjGquIlcfmhhcKCfvfqC7nFIHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL2haG4YfNXug27xPzkg1jr+vUawMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdmFGb2JoaDgxZTZEYnZFX09TRFdPdjY5UnJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudEmAwQA
udLqAwQCudZkAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQBYpeo3OlRv
1OOG/3AU1l6KrXkBHSo4jU1DP56MnfU2pnn60lsSFvlxFYKxy33LH7C+xTK1sDnA
ezrlx9Rtr4YE4h0jCcM2BOjsaRhbTvnyb9Vios9DvG/Vd1gOJKANax/KGlddWocV
6rvEKjdAqlOmC6H3XMqdX73aSy47RXgV4H53mLHV4qxenoSe2GPYTiOMqTtC0bou
R34RweoKfaK4DdgB6hxRReD0A5CDIYyjX07FbKtu+TqRuOufcYVIQjrcVay3U0YK
S+yzhrNx9x0RRMYwkJISE8W59D6bpz38ie68hHHIz51QzlWhzB+5Y80xyP9CBpr2
yt6MoCqYLuHA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org