Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xRthiS54TmtEy20sZ6PozQqfZGQ.roa
File: xRthiS54TmtEy20sZ6PozQqfZGQ.roa (raw, json)
Hash identifier: CqtG7L8kv3pTlJstiA/tZ4zZUMpeSZeDeCscI8+7bDw=
Subject key identifier: C5:1B:61:89:2E:78:4E:6B:44:CB:6D:2C:67:A3:E8:CD:0A:9F:64:64
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CBEE5C527DB3494486587647E087F5A3A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xRthiS54TmtEy20sZ6PozQqfZGQ.roa
Signing time: Sun 31 Dec 2023 08:02:58 +0000
ROA not before: Sun 31 Dec 2023 08:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.209.38.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.126.82.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:e5:c5:27:db:34:94:48:65:87:64:7e:08:7f:5a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 31 08:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c51b61892e784e6b44cb6d2c67a3e8cd0a9f6464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d0:ef:3a:9e:ff:72:81:21:3a:d6:b7:65:fd:
ea:05:db:68:79:5f:1a:21:d2:a1:44:74:38:b6:33:
e3:bb:3e:f2:94:52:98:a9:83:6f:9b:27:fa:98:51:
f9:d8:70:28:3c:cb:c0:e8:2a:66:59:14:7b:fb:54:
12:bf:dc:6b:39:63:45:40:63:72:0e:22:57:dc:67:
b9:c4:06:d7:03:1c:6a:07:39:01:2f:05:20:09:94:
3e:ca:ab:63:d4:f4:bc:cb:01:74:f7:fd:f0:5a:39:
69:3b:34:a2:34:7e:67:fb:46:ed:a7:d0:48:2d:81:
07:95:d2:65:f6:f1:05:6e:3e:eb:0b:c7:19:3e:6c:
d9:03:1a:31:16:19:72:c7:b7:98:62:e5:d1:b2:ef:
4a:d5:86:2a:69:9f:1d:8e:84:c9:c5:8e:76:5c:0f:
7d:55:5f:0a:81:5c:61:6b:b4:9a:eb:ba:3c:9f:40:
da:40:b7:7a:85:4a:32:20:76:e2:65:58:af:36:9a:
d6:8a:00:49:3f:d1:a0:f0:fa:6e:d6:0e:d4:0a:35:
97:44:57:36:b0:0b:71:2a:14:5f:e6:f5:f1:be:e4:
42:68:0a:52:48:5e:e3:d3:8a:1b:e9:47:17:de:a8:
86:7a:e4:73:1f:5c:dc:12:f0:5c:ae:5b:b0:17:81:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1B:61:89:2E:78:4E:6B:44:CB:6D:2C:67:A3:E8:CD:0A:9F:64:64
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xRthiS54TmtEy20sZ6PozQqfZGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.209.38.0/24
185.220.249.0-185.220.251.255
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
02:e0:75:69:2e:d8:3c:ff:fa:e7:54:38:e9:ea:33:2f:a9:7d:
39:26:d3:49:51:e5:41:70:0b:5b:a1:19:1b:d7:a5:5e:81:55:
38:00:d9:af:03:ad:79:0c:99:9f:e4:fe:84:55:dc:5a:86:c7:
9b:d1:02:1a:b1:ee:62:be:90:cf:36:72:ea:47:a6:48:7f:d0:
f5:a0:99:a8:3f:9b:b9:eb:65:dd:60:3c:f2:a8:52:62:cc:1f:
cf:29:dd:7d:25:e4:cd:45:c0:d6:10:03:7a:d6:34:ee:ee:03:
0a:be:b4:0a:1b:bd:24:6c:af:a8:c4:7d:d5:20:e3:b5:21:42:
e1:4e:73:a6:e9:a4:0a:e7:1f:d5:f2:3b:b4:ce:45:86:48:88:
c3:c9:f0:c5:b4:e7:6c:2a:93:80:7a:66:e2:27:86:dd:23:5f:
51:10:f1:b9:ed:e5:2a:8f:f4:9d:57:d3:8e:27:e6:c4:b4:d2:
33:1a:a9:a7:f9:c1:c3:dc:a4:80:47:4e:5e:83:89:72:2d:70:
b4:7f:d2:85:8a:56:2b:53:65:a5:a0:59:a8:3e:fb:f7:f0:56:
e1:16:4d:b7:e3:d1:15:1f:ff:c7:e3:e5:c5:16:2f:6f:b5:24:
3c:4a:4c:76:dd:db:d5:c9:f9:cc:1c:b3:02:40:c8:d5:e3:42:
5a:4d:b0:4a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYy+5cUn2zSUSGWHZH4If1o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMjMxMDgwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFiNjE4OTJlNzg0ZTZiNDRjYjZkMmM2N2EzZThjZDBhOWY2NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89DvOp7/coEhOta3Zf3qBdtoeV8a
IdKhRHQ4tjPjuz7ylFKYqYNvmyf6mFH52HAoPMvA6CpmWRR7+1QSv9xrOWNFQGNy
DiJX3Ge5xAbXAxxqBzkBLwUgCZQ+yqtj1PS8ywF09/3wWjlpOzSiNH5n+0btp9BI
LYEHldJl9vEFbj7rC8cZPmzZAxoxFhlyx7eYYuXRsu9K1YYqaZ8djoTJxY52XA99
VV8KgVxha7Sa67o8n0DaQLd6hUoyIHbiZVivNprWigBJP9Gg8Ppu1g7UCjWXRFc2
sAtxKhRf5vXxvuRCaApSSF7j04ob6UcX3qiGeuRzH1zcEvBcrluwF4FYrQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMUbYYkueE5rRMttLGej6M0Kn2RkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveFJ0aGlTNTRUbXRFeTIwc1o2UG96UXFmWkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALQgVAwQA
uX5SAwQAudEmMAwDBAC53PkDBAK53PgDBAC531IDBAG54QADBAG545IDBAC5++UD
BAHBOpIwDQYJKoZIhvcNAQELBQADggEBAALgdWku2Dz/+udUOOnqMy+pfTkm00lR
5UFwC1uhGRvXpV6BVTgA2a8DrXkMmZ/k/oRV3FqGx5vRAhqx7mK+kM82cupHpkh/
0PWgmag/m7nrZd1gPPKoUmLMH88p3X0l5M1FwNYQA3rWNO7uAwq+tAobvSRsr6jE
fdUg47UhQuFOc6bppArnH9XyO7TORYZIiMPJ8MW052wqk4B6ZuInht0jX1EQ8bnt
5SqP9J1X044n5sS00jMaqaf5wcPcpIBHTl6DiXItcLR/0oWKVitTZaWgWag++/fw
VuEWTbfj0RUf/8fj5cUWL2+1JDxKTHbd29XJ+cwcswJAyNXjQlpNsEo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:30 2024 by rpki-client on console-ams.rpki-client.org