Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vl_z9NleNDHMm0v_k1L6uTDorQc.roa
File: vl_z9NleNDHMm0v_k1L6uTDorQc.roa (raw, json)
Hash identifier: DOe43duI7meX1/v9YLTeB3oOHNHpiDordcyAJFgYg3c=
Subject key identifier: BE:5F:F3:F4:D9:5E:34:31:CC:9B:4B:FF:93:52:FA:B9:30:E8:AD:07
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193D5368ECCC54236415733E5D79FB62231
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vl_z9NleNDHMm0v_k1L6uTDorQc.roa
Signing time: Tue 17 Dec 2024 15:22:22 +0000
ROA not before: Tue 17 Dec 2024 15:22:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 19:26:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:36:8e:cc:c5:42:36:41:57:33:e5:d7:9f:b6:22:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 17 15:22:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be5ff3f4d95e3431cc9b4bff9352fab930e8ad07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:24:09:df:cb:76:32:55:69:92:b4:3f:cb:88:
0e:e8:a9:3a:87:dc:99:15:f9:f2:06:f9:2a:ad:64:
9a:7f:40:cf:5f:a2:6c:5d:56:40:c9:d5:9a:8d:16:
c1:77:f2:e8:fa:d1:c6:5e:02:f5:ed:d1:fe:ed:54:
83:10:05:5a:08:0d:3d:91:8b:c7:32:0b:b6:28:80:
3b:88:94:b8:17:64:a1:3d:2d:d9:c1:85:4d:b0:b1:
36:a7:19:e0:4b:6a:2a:67:2e:73:d8:01:7f:b4:bc:
5d:58:e3:54:d8:f2:f7:ce:66:54:4e:98:93:aa:d6:
7e:8a:27:f2:3b:43:23:04:c4:12:76:e8:0e:51:a3:
c1:9f:5f:55:d3:0e:bd:8e:2b:ed:08:3a:96:54:f9:
0c:5c:af:21:52:29:b8:ee:1a:5c:ec:8b:ba:09:c9:
19:76:78:ee:37:92:2d:83:64:e8:53:87:a1:ab:36:
28:d7:f9:79:f8:8b:f8:4b:5a:96:b7:35:3d:74:f6:
e6:2c:43:93:81:4a:48:08:37:d5:c3:61:73:f1:03:
ac:06:37:a2:cf:b1:61:bb:ae:b3:42:80:e4:fb:e1:
65:0a:ab:84:0c:c9:b4:65:19:ef:9b:9c:14:de:86:
97:1a:53:3c:04:c0:58:bd:9c:91:9e:ec:56:a2:78:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5F:F3:F4:D9:5E:34:31:CC:9B:4B:FF:93:52:FA:B9:30:E8:AD:07
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vl_z9NleNDHMm0v_k1L6uTDorQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:43:c0:af:0d:b9:75:04:8c:6e:f5:0b:4b:df:bc:b8:8c:a8:
9d:61:42:a1:a4:ea:fa:69:ec:0c:dc:cd:b4:d6:64:77:f5:1f:
90:f1:dc:42:73:4d:08:25:f3:25:0d:4e:c3:f3:df:51:b2:2f:
c5:33:16:fb:b8:66:78:6d:35:80:57:ee:5d:3b:8a:45:83:40:
fa:32:2f:62:ec:bd:0b:f3:b0:5f:a8:b5:ba:51:3a:53:f0:5a:
fd:b3:3c:17:70:c9:47:11:55:9e:1d:de:5b:fa:d1:7f:4f:48:
7a:aa:84:87:54:44:aa:87:fe:96:58:40:c4:7f:a3:a4:39:e3:
b0:b3:f3:6c:43:2a:6e:3f:ee:b3:49:e2:59:63:de:d8:2e:36:
04:a9:eb:d4:8f:07:aa:82:ce:38:a2:c8:ba:27:b9:1f:28:92:
00:1a:1f:8a:f8:49:fb:36:61:3c:e4:2b:da:4c:ec:fd:98:90:
8a:46:35:c8:73:0a:2a:dc:b2:86:65:ac:ec:db:ae:91:8d:53:
ca:7e:2b:3e:16:c2:66:e3:8e:95:bd:9f:26:48:61:a4:24:6d:
22:cd:48:c9:2e:2f:6e:53:75:dd:c2:4a:29:40:f0:0f:21:10:
d2:35:92:ee:af:1e:30:4e:8a:b3:15:07:c8:61:1d:c0:75:7d:
ac:f5:81:3b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZPVNo7MxUI2QVcz5deftiIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjE3MTUyMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTVmZjNmNGQ5NWUzNDMxY2M5YjRiZmY5MzUyZmFiOTMwZThhZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiQJ38t2MlVpkrQ/y4gO6Kk6h9yZ
FfnyBvkqrWSaf0DPX6JsXVZAydWajRbBd/Lo+tHGXgL17dH+7VSDEAVaCA09kYvH
Mgu2KIA7iJS4F2ShPS3ZwYVNsLE2pxngS2oqZy5z2AF/tLxdWONU2PL3zmZUTpiT
qtZ+iifyO0MjBMQSdugOUaPBn19V0w69jivtCDqWVPkMXK8hUim47hpc7Iu6CckZ
dnjuN5Itg2ToU4ehqzYo1/l5+Iv4S1qWtzU9dPbmLEOTgUpICDfVw2Fz8QOsBjei
z7Fhu66zQoDk++FlCquEDMm0ZRnvm5wU3oaXGlM8BMBYvZyRnuxWoniqzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL5f8/TZXjQxzJtL/5NS+rkw6K0HMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdmxfejlObGVOREhNbTB2X2sxTDZ1VERvclFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCcQ8CvDbl1BIxu9QtL37y4jKidYUKhpOr6aewM3M201mR39R+Q8dxCc00I
JfMlDU7D899Rsi/FMxb7uGZ4bTWAV+5dO4pFg0D6Mi9i7L0L87BfqLW6UTpT8Fr9
szwXcMlHEVWeHd5b+tF/T0h6qoSHVESqh/6WWEDEf6OkOeOws/NsQypuP+6zSeJZ
Y97YLjYEqevUjweqgs44osi6J7kfKJIAGh+K+En7NmE85CvaTOz9mJCKRjXIcwoq
3LKGZazs266RjVPKfis+FsJm446VvZ8mSGGkJG0izUjJLi9uU3XdwkopQPAPIRDS
NZLurx4wToqzFQfIYR3AdX2s9YE7
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:34:27 2025 by rpki-client