Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wPsxhkzBOtJDgts209tElKA9alw.roa
File: wPsxhkzBOtJDgts209tElKA9alw.roa (raw, json)
Hash identifier: 8l24ytp+JydqSVYSgus/k9m10BIrk3SpMy3y8MpH/sE=
Subject key identifier: C0:FB:31:86:4C:C1:3A:D2:43:82:DB:36:D3:DB:44:94:A0:3D:6A:5C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AB2A9F5275AB3E5E5F06F6A7D324CA501
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wPsxhkzBOtJDgts209tElKA9alw.roa
Signing time: Wed 20 Sep 2023 12:56:37 +0000
ROA not before: Wed 20 Sep 2023 12:56:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 10:15:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:a9:f5:27:5a:b3:e5:e5:f0:6f:6a:7d:32:4c:a5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 20 12:56:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0fb31864cc13ad24382db36d3db4494a03d6a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:13:d4:7a:8e:6e:42:29:8a:4d:ce:e7:51:10:
54:91:7e:7e:61:49:ff:0d:40:5c:47:39:82:05:0b:
7e:52:12:40:c3:48:53:00:3c:45:6d:07:f9:fc:ea:
6c:52:1c:ef:cc:a2:2f:fb:9a:c2:cd:e7:c3:43:ca:
24:29:bd:68:eb:03:0f:e3:8b:5e:ac:7d:25:38:3f:
86:07:0b:42:c3:6b:3e:a7:94:86:41:46:d2:78:32:
ae:e0:75:83:c7:c0:62:95:ce:ea:11:af:71:06:04:
b2:8e:bf:a5:c5:20:2e:d6:40:9c:86:ab:68:5b:85:
4b:b4:eb:58:12:bc:d6:da:ee:0b:c8:ee:a1:98:67:
66:a0:2b:17:4c:f4:ff:2d:61:2d:91:d7:6d:d0:68:
b9:b4:6a:06:2f:3f:45:08:9f:8f:42:b0:15:0c:f6:
24:3b:6f:af:21:4a:a2:37:f1:3a:3e:45:f0:3c:76:
63:63:b6:84:e8:5f:3d:03:c8:a3:be:f7:50:5a:d7:
20:98:4e:0f:6d:03:1f:49:67:b9:e4:88:da:df:be:
cd:0c:d7:7c:8a:85:41:eb:dc:e0:aa:11:5c:78:94:
6b:cd:f3:d5:a7:8f:c3:92:6d:08:8f:56:99:73:e2:
ed:d0:08:99:1a:b6:11:d5:c6:84:32:65:79:23:f9:
5e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FB:31:86:4C:C1:3A:D2:43:82:DB:36:D3:DB:44:94:A0:3D:6A:5C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/wPsxhkzBOtJDgts209tElKA9alw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.73.0/24
185.210.233.0/24
185.220.249.0/24
185.222.29.0/24
185.223.80.0/24
185.225.0.0/23
185.225.22.0/24
185.246.112.0/24
185.251.229.0/24
185.251.231.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:c2:a4:ed:51:6c:72:ab:db:3f:ac:3f:a8:2d:37:c5:cf:5d:
b9:fd:57:c6:07:ee:ef:6b:d5:a6:f3:94:04:91:d3:42:c0:7d:
cd:8a:c7:41:89:bb:b7:49:f7:99:94:38:c8:3f:df:b7:9c:f4:
72:ae:6a:1b:d9:fc:73:3a:ba:e2:87:c4:ac:c9:f1:0d:22:2c:
e9:bd:0e:49:06:a2:50:8b:d2:4a:43:74:fb:07:68:f7:1e:35:
bf:1e:7a:51:23:08:77:0b:0f:4e:23:f3:4c:77:56:01:a8:5d:
50:74:27:30:90:cf:d3:f3:a4:56:28:e7:4d:05:1d:f8:49:2c:
16:79:07:2a:92:1a:a4:50:b2:f3:b4:a5:77:5b:f0:37:f8:e2:
3a:db:38:f8:cd:c8:31:80:95:62:81:d5:35:d8:33:74:b7:f5:
99:e5:4b:2b:d3:81:87:37:8a:93:63:d4:16:a4:87:9f:dd:42:
bd:d1:83:e7:c9:d9:de:e2:a2:a3:0d:77:8e:29:42:44:5c:45:
6f:ae:8a:28:7b:42:34:d1:4e:6a:71:8d:bc:72:95:10:6f:94:
0d:ea:f8:86:4c:20:ee:5a:4c:25:48:7b:6f:07:6a:0a:48:cd:
a3:ff:76:4c:a9:b1:39:08:ca:b8:75:2c:e8:07:d6:9d:03:d8:
6d:f4:bc:dd
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYqyqfUnWrPl5fBvan0yTKUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTIwMTI1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGZiMzE4NjRjYzEzYWQyNDM4MmRiMzZkM2RiNDQ5NGEwM2Q2YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixPUeo5uQimKTc7nURBUkX5+YUn/
DUBcRzmCBQt+UhJAw0hTADxFbQf5/OpsUhzvzKIv+5rCzefDQ8okKb1o6wMP44te
rH0lOD+GBwtCw2s+p5SGQUbSeDKu4HWDx8Bilc7qEa9xBgSyjr+lxSAu1kCchqto
W4VLtOtYErzW2u4LyO6hmGdmoCsXTPT/LWEtkddt0Gi5tGoGLz9FCJ+PQrAVDPYk
O2+vIUqiN/E6PkXwPHZjY7aE6F89A8ijvvdQWtcgmE4PbQMfSWe55Ija377NDNd8
ioVB69zgqhFceJRrzfPVp4/Dkm0Ij1aZc+Lt0AiZGrYR1caEMmV5I/leCwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMD7MYZMwTrSQ4LbNtPbRJSgPWpcMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvd1BzeGhrekJPdEpEZ3RzMjA5dEVsS0E5YWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQgVAwQA
LZPgAwQAudFJAwQAudLpAwQAudz5AwQAud4dAwQAud9QAwQBueEAAwQAueEWAwQA
ufZwAwQAufvlAwQAufvnAwQBwTqSMA0GCSqGSIb3DQEBCwUAA4IBAQBbwqTtUWxy
q9s/rD+oLTfFz125/VfGB+7va9Wm85QEkdNCwH3NisdBibu3SfeZlDjIP9+3nPRy
rmob2fxzOrrih8SsyfENIizpvQ5JBqJQi9JKQ3T7B2j3HjW/HnpRIwh3Cw9OI/NM
d1YBqF1QdCcwkM/T86RWKOdNBR34SSwWeQcqkhqkULLztKV3W/A3+OI62zj4zcgx
gJVigdU12DN0t/WZ5Usr04GHN4qTY9QWpIef3UK90YPnydne4qKjDXeOKUJEXEVv
roooe0I00U5qcY28cpUQb5QN6viGTCDuWkwlSHtvB2oKSM2j/3ZMqbE5CMq4dSzo
B9adA9ht9Lzd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org